| 1.5 Ensure Interactive Login is Disabled | CIS MariaDB 10.6 on Linux L2 v1.1.0 | Unix | ACCESS CONTROL |
| 2.2.26 (L1) Ensure 'Load and unload device drivers' is set to 'Administrators' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5 Ensure Non-Default, Unique Cryptographic Material is in Use | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.6 Ensure Non-Default, Unique Cryptographic Material is in Use | CIS MySQL 8.0 Enterprise Linux OS L1 v1.4.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.10 Ensure Only Approved Ciphers are Used | CIS MySQL 5.6 Community Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.10 Ensure Secure Keyboard Entry terminal.app is Enabled | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.11 Implement Connection Delays to Limit Failed Login Attempts - connection_control_failed_connections_threshold | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 2.11 Implement Connection Delays to Limit Failed Login Attempts - CONNECTION_CONTROL_FAILED_LOGIN_ATTEMPTS | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 2.11 Implement Connection Delays to Limit Failed Login Attempts - connection_control_min_connection_delay | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 2.14 Ensure Only Approved Ciphers are Used - ssl_cipher | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.15 Implement Connection Delays to Limit Failed Login Attempts - CONNECTION_CONTROL_FAILED_LOGIN_ATTEMPTS | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 2.15 Implement Connection Delays to Limit Failed Login Attempts - connection_control_max_connection_delay | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 2.15 Implement Connection Delays to Limit Failed Login Attempts - connection_control_min_connection_delay | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 2.18 Implement Connection Delays to Limit Failed Login Attempts | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L1 Database | MySQLDB | ACCESS CONTROL |
| 2.18 Implement Connection Delays to Limit Failed Login Attempts | CIS MySQL 8.0 Community Database L1 v1.1.0 | MySQLDB | ACCESS CONTROL |
| 2.18 Implement Connection Delays to Limit Failed Login Attempts | CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 Database | MySQLDB | ACCESS CONTROL |
| 3.1 Ensure 'datadir' Has Appropriate Permissions | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.1 Ensure 'datadir' Has Appropriate Permissions | CIS MySQL 5.6 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.1 Ensure 'datadir' Has Appropriate Permissions | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | |
| 3.1 Ensure 'datadir' Has Appropriate Permissions | CIS MySQL 8.0 Enterprise Linux OS L1 v1.4.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.7 Ensure SSL Key Files Have Appropriate Permissions | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.9 Ensure 'audit_log_file' Has Appropriate Permissions | CIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L1 MySQL OS Linux | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.9 Ensure 'audit_log_file' Has Appropriate Permissions | CIS MySQL 8.0 Enterprise Linux OS L1 v1.4.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.4 Ensure 'local_infile' Is Disabled | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | CONFIGURATION MANAGEMENT |
| 4.4 Ensure 'local_infile' Is Disabled | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | CONFIGURATION MANAGEMENT |
| 5.1 Block Pop-up Windows | CIS Mozilla Firefox 102 ESR Linux L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.1 Ensure Only Administrative Users Have Full Database Access | CIS MariaDB 10.6 on Linux L1 v1.1.0 | Unix | ACCESS CONTROL |
| 5.1 Securely Authenticate Zone Transfers | CIS BIND DNS v3.0.1 Caching Only Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.10 Ensure Secure Keyboard Entry Terminal.app Is Enabled | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 5.10 Ensure Secure Keyboard Entry Terminal.app Is Enabled | CIS Apple macOS 12.0 Monterey v4.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 6.1 Ensure 'log_error' is configured correctly | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.1 Ensure 'log_error' Is Not Empty | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.1 Ensure 'log_error' Is Not Empty | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.8 Ensure 'audit_log_policy' is Set to 'LOGINS' | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.9 Ensure All Statements and Connections are Logged - audit_log_connection_policy | CIS MySQL 5.6 Enterprise Database L2 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.9 Ensure All Statements and Connections are Logged - audit_log_policy | CIS MySQL 5.6 Enterprise Database L2 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.12 Set EEPROM Security Mode and Log Failed Access - SPARC only. Should *not* be 'security-mode=none'. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.3 Set Strong Password Creation Policies - Check HISTORY is set to 10 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.6 Set Default umask for Users - Check if 'umask' is set to 077 - Check /etc/.login. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.7 Ensure No Anonymous Accounts Exist | CIS MySQL 8.0 Community Database L1 v1.1.0 | MySQLDB | ACCESS CONTROL |
| 7.7 Ensure No Anonymous Accounts Exist | CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 Database | MySQLDB | ACCESS CONTROL |
| 8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.persLabelString' is not set to default string. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.persLabelString' is set appropriately. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| GOOG-09-002300 - Google Android Pie must be configured to disable trust agents. Note: This requirement is not applicable (NA) for specific biometric authentication factors included in the products Common Criteria evaluation. | AirWatch - DISA Google Android 9.x v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-007200 - Google Android 13 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | AirWatch - DISA Google Android 13 COBO v2r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-13-707200 - Google Android 13 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | AirWatch - DISA Google Android 13 BYOD v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-14-007200 - Google Android 14 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | AirWatch - DISA Google Android 14 COBO v2r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| KNOX-07-003300 - The Samsung must be configured to disable authentication mechanisms providing user access to protected data - Password | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-10-002300 - Zebra Android 10 must be configured to disable trust agents - NA for specific biometric authentication factors included in the products Common Criteria evaluation. | AirWatch - DISA Zebra Android 10 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-10-002300 - Zebra Android 10 must be configured to disable trust agents - NA for specific biometric authentication factors included in the products Common Criteria evaluation. | AirWatch - DISA Zebra Android 10 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
