| 1.4.1.2 Ensure 'Emergency' account is set | CIS Cisco ASA 9.x Firewall L1 v1.1.0 | Cisco | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 1.5 Ensure auditing is configured for the docker daemon | CIS Docker Community Edition v1.1.0 L1 Linux Host OS | Unix | AUDIT AND ACCOUNTABILITY |
| 3.5 Control access to audit records - /var/audit | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure Online Certificate Status Protocol (OCSP) stapling is enabled | CIS NGINX Benchmark v2.1.0 L1 Loadbalancer | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1.7 Ensure Online Certificate Status Protocol (OCSP) stapling is enabled | CIS NGINX Benchmark v2.1.0 L1 Webserver | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.2.4 Ensure system warns when audit logs are low on space | CIS Red Hat Enterprise Linux 7 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.5 Ensure the Guest Home Folder Does Not Exist | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.1.5 Ensure the Guest Home Folder Does Not Exist | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.1.5 Remove Guest home folder | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.1.5 Remove Guest home folder | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 6.3.2.4 Ensure system warns when audit logs are low on space | CIS Rocky Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.2.4 Ensure system warns when audit logs are low on space | CIS SUSE Linux Enterprise 15 v2.0.1 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.2.4 Ensure system warns when audit logs are low on space | CIS SUSE Linux Enterprise 15 v2.0.1 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| Audit Logoff | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Logoff | MSCT Windows Server 2016 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Logon | MSCT Windows Server v2004 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Logon | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Logon | MSCT Windows 10 v1507 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Logon | MSCT Windows 11 v22H2 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Logon | MSCT Windows 10 1803 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Logon | MSCT Windows 10 1903 v1.19.9 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Logon | MSCT Windows 10 v2004 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Logon | MSCT Windows 10 v21H2 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Logon | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Logon | MSCT Windows Server 2022 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Logon | MSCT Windows Server 2025 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure Audit Log Files to Not Contain Access Control Lists | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Configure Audit Log Folders Group to Wheel | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure Audit Log Folders Group to Wheel | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure Audit Log Folders to Mode 700 or Less Permissive | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure Audit Log Files Group to Wheel | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure Audit Log Files Group to Wheel | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure Audit Log Files to Not Contain Access Control Lists | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Configure Audit Log Folders Group to Wheel | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure Audit Log Folders Group to Wheel | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure Audit Log Folders to Mode 700 or Less Permissive | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure Audit Log Folders to Mode 700 or Less Permissive | NIST macOS Catalina v1.5.0 - All Profiles | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Configure Audit Log Folders to Mode 700 or Less Permissive | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Files Group to Wheel | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Files Group to Wheel | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Files Group to Wheel | NIST macOS Monterey v1.0.0 - All Profiles | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Files to Not Contain Access Control Lists | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure Audit Log Folders Group to Wheel | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Folders to Mode 700 or Less Permissive | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Configure Audit Log Folders to Mode 700 or Less Permissive | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000385 - Audit log directories must have mode 0755 or less permissive. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000509 - The system must forward audit records to the syslog service. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-020021 - The Ubuntu operating system must notify the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) when allocated audit record storage volume reaches 75% of the repository maximum audit record storage capacity. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-020150 - The Ubuntu operating system must allow only the Information System Security Manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited - auditd.conf | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| WDNS-CM-000024 - The Windows 2012 DNS Servers zone files must not include resource records that resolve to a fully qualified domain name residing in another zone. | DISA Microsoft Windows 2012 Server DNS STIG v2r7 | Windows | CONFIGURATION MANAGEMENT |
