| 1.12 WN16-00-000140 | CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.12 WN16-00-000140 | CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.12 WN19-00-000120 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.12 WN19-00-000120 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.12 WN22-00-000120 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.12 WN22-00-000120 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | CONFIGURATION MANAGEMENT |
| 2.2 Ensure monitoring and alerting exist for MANAGE GRANTS privilege grants | CIS Snowflake Foundations v1.0.0 L1 | Snowflake | AUDIT AND ACCOUNTABILITY |
| 2.4 Ensure monitoring and alerting exist for password sign-in without MFA | CIS Snowflake Foundations v1.0.0 L1 | Snowflake | AUDIT AND ACCOUNTABILITY |
| 2.5 Ensure monitoring and alerting exist for creation, update and deletion of security integrations | CIS Snowflake Foundations v1.0.0 L1 | Snowflake | AUDIT AND ACCOUNTABILITY |
| 6.1 Ensure that MongoDB uses a non-default port | CIS MongoDB 8 v1.0.0 L1 Windows | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2016 v4.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 89.12 (L1) Ensure 'Debug Programs' is set to 'Administrators' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 89.12 (L1) Ensure 'Debug Programs' is set to 'Administrators' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| DTAM104 - McAfee VirusScan On-Access Default Processes Policies must be configured to find unknown unwanted programs and trojans. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-102 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find unknown program viruses. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| External authentication is disabled | TNS Citrix Hypervisor | Unix | IDENTIFICATION AND AUTHENTICATION |
| High availability is enabled | TNS Citrix Hypervisor | Unix | CONTINGENCY PLANNING |
| Host is enabled | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| HP ProCurve - 'Configure login attempts' | TNS HP ProCurve | HPProCurve | ACCESS CONTROL |
| HP ProCurve - 'Disable TFTP server' | TNS HP ProCurve | HPProCurve | CONFIGURATION MANAGEMENT |
| SonicWALL - AAA - LDAP server is trusted | TNS SonicWALL v5.9 | SonicWALL | CONFIGURATION MANAGEMENT |
| SonicWALL - Anti-Spyware - LAN | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Anti-Spyware - WAN | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Content Filtering On - WLAN | TNS SonicWALL v5.9 | SonicWALL | ACCESS CONTROL |
| SonicWALL - Flood Protection - Layer 3 - Protection Mode | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Login Banner - Trusted Zone | TNS SonicWALL v5.9 | SonicWALL | ACCESS CONTROL |
| SonicWALL - Password Policy - Affected User types | TNS SonicWALL v5.9 | SonicWALL | IDENTIFICATION AND AUTHENTICATION |
| SonicWALL - Password Policy - Affected User types - limited-admins | TNS SonicWALL v5.9 | SonicWALL | IDENTIFICATION AND AUTHENTICATION |
| SonicWALL - Password Policy - Change Period <=30 days | TNS SonicWALL v5.9 | SonicWALL | IDENTIFICATION AND AUTHENTICATION |
| SonicWALL - PW Policy - Lockout - Num Attempts <=3 | TNS SonicWALL v5.9 | SonicWALL | ACCESS CONTROL |
| SonicWALL - Security Services - Client AV - Enabled | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Security Services - Gateway AV - CIFS/Netbios | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Security Services - Gateway AV - IMAP | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Security Services - Gateway AV - SMTP Inbound | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Security Services - IDP - Activated | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - SSL Control - Enable Blacklist | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Unused Interfaces | TNS SonicWALL v5.9 | SonicWALL | CONFIGURATION MANAGEMENT |
| SonicWALL - Use non default admin access ports - HTTPS | TNS SonicWALL v5.9 | SonicWALL | CONFIGURATION MANAGEMENT |
| SonicWALL - Web Interface - Does not use self-signed cert | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| XenServer - Use a static IP on the storage network interface | TNS Citrix XenServer | Unix | |
