| 2.2.7 (L1) Ensure 'Back up files and directories' is set to 'Administrators' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.10 (L1) Ensure 'Create a pagefile' is set to 'Administrators' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.14 (L1) Configure 'Create symbolic links' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.15 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.21 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.22 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.25 (L1) Ensure 'Increase scheduling priority' is set to 'Administrators' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.25 (L1) Ensure 'Increase scheduling priority' is set to 'Administrators' - Window Manager\Window Manager Group' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.30 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5 Ensure Non-Default, Unique Cryptographic Material is in Use | CIS MySQL 5.7 Community Linux OS L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.5 Ensure Non-Default, Unique Cryptographic Material is in Use | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | |
| 2.5 Ensure Non-Default, Unique Cryptographic Material is in Use | CIS MySQL 5.7 Community Windows OS L1 v2.0.0 | Windows | |
| 2.6 Ensure Non-Default, Unique Cryptographic Material is in Use | CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 OS Linux on Linux | Unix | CONFIGURATION MANAGEMENT |
| 2.6 Ensure Non-Default, Unique Cryptographic Material is in Use | CIS MySQL 8.0 Community Linux OS L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.6 Ensure Non-Default, Unique Cryptographic Material is in Use | CIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L1 MySQL OS Linux | Unix | CONFIGURATION MANAGEMENT |
| 2.15 Limit Accepted Transport Layer Security (TLS) Versions | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L2 Database | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.15 Limit Accepted Transport Layer Security (TLS) Versions | CIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L2 MySQL RDBMS | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.15 Limit Accepted Transport Layer Security (TLS) Versions | CIS Oracle MySQL Community Server 8.4 v1.0.0 L2 Database | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.18 Implement Connection Delays to Limit Failed Login Attempts | CIS MySQL 8.4 Enterprise v1.0.0 L1 Database | MySQLDB | ACCESS CONTROL |
| 4.1 Block Mixed Active Content | CIS Mozilla Firefox 102 ESR Linux L1 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 4.1 Block Mixed Active Content | CIS Mozilla Firefox 102 ESR Windows L1 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 4.1 Disable Bonjour advertising service | CIS Apple macOS 10.12 L2 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1 Disable Bonjour advertising service | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1 Disable Bonjour advertising service | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1 Disable Bonjour advertising service | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1 Ensure 'maxAllowedContentLength' is configured | CIS IIS 8.0 v1.5.1 Level 2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 4.1 Restrict access to $CATALINA_HOME | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1 Restrict access to $CATALINA_HOME | CIS Apache Tomcat 8 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 4.1 Restrict access to $CATALINA_HOME | CIS Apache Tomcat 9 L1 v1.2.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1 Restrict access to $CATALINA_HOME | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL |
| 4.1 Restrict access to $CATALINA_HOME | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1 Restrict access to $CATALINA_HOME | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1 Restrict access to $CATALINA_HOME | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 4.1 Restrict access to $CATALINA_HOME | CIS Apache Tomcat 8 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL |
| 4.1 Restrict Core Dumps - apport | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1 Restrict Core Dumps - fs.suid_dumpable | CIS Debian Linux 7 L1 v1.0.0 | Unix | ACCESS CONTROL |
| 4.1 Restrict Core Dumps - limits.conf | CIS Debian Linux 7 L1 v1.0.0 | Unix | ACCESS CONTROL |
| 4.1 Restrict Core Dumps - whoopsie | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1 Set SSL Override Behavior | CIS Mozilla Firefox 38 ESR Windows L2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 4.1 Set SSL Override Behavior | CIS Mozilla Firefox 38 ESR Linux L2 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1 Block Pop-up Windows | CIS Mozilla Firefox 102 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 5.1 Enable 'USER' Audit Option | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 5.1 Securely Authenticate Zone Transfers | CIS BIND DNS v1.0.0 L2 Authoritative Name Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.10 Ensure Secure Keyboard Entry Terminal.app Is Enabled | CIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 5.10 Ensure Secure Keyboard Entry Terminal.app Is Enabled | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 5.10 Ensure Secure Keyboard Entry Terminal.app Is Enabled | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 5.10 Ensure Secure Keyboard Entry Terminal.app Is Enabled | CIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 6.4.1 Ensure Secure Keyboard Entry Terminal.app Is Enabled | CIS Apple macOS 13.0 Ventura v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 6.4.1 Ensure Secure Keyboard Entry Terminal.app Is Enabled | CIS Apple macOS 15.0 Sequoia v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 6.4.1 Ensure Secure Keyboard Entry Terminal.app Is Enabled | CIS Apple macOS 14.0 Sonoma v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
