| 1.2.9 - System account lockdown - 'bin login=false rlogin=false' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 1.2.9 - System account lockdown - 'daemon login=false rlogin=false' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 1.2.9 - System account lockdown - 'lpd login=false rlogin=false' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 1.2.9 - System account lockdown - 'nobody login=false rlogin=false' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 1.2.9 - System account lockdown - 'uucp login=false rlogin=false' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 1.03 Windows Oracle Domain Account - 'Use Restricted Service Account (RSA)' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | ACCESS CONTROL |
| 1.3.3 Ensure that the --use-service-account-credentials argument is set to true | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 1.3.3 Ensure that the --use-service-account-credentials argument is set to true | CIS Kubernetes v1.11.1 L1 Master Node | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 1.5 Configure 'Do not allow users to enable or disable add-ons' | CIS IE 10 v1.1.0 | Windows | ACCESS CONTROL |
| 1.05 Windows Oracle Domain Global Group - 'Create a global group for the RSA and make it the RSA's primary group' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | ACCESS CONTROL |
| 2.2 Give the BIND User Account an Invalid Shell | CIS BIND DNS v1.0.0 L1 Authoritative Name Server | Unix | ACCESS CONTROL |
| 2.2 Give the BIND User Account an Invalid Shell | CIS BIND DNS v1.0.0 L1 Caching Only Name Server | Unix | ACCESS CONTROL |
| 2.3.10.5 Ensure 'Network access: Let Everyone permissions apply to anonymous users' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 2.7.1 Ensure 'Notification Settings' are configured for all 'Managed Apps' | AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.7.5 - SNMP - disable Readwrite community - 'no communities have readWrite set' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 2.16.3 - General permissions management - world writable files - 'no world writable directories exist' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 3.1 Configure 'Prevent deleting websites that the user has visited' | CIS IE 10 v1.1.0 | Windows | ACCESS CONTROL |
| 3.2 Configure 'Prevent Deleting Cookies' | CIS IE 10 v1.1.0 | Windows | ACCESS CONTROL |
| 3.5 Configure 'Prevent Deleting Temporary Internet Files' | CIS IE 10 v1.1.0 | Windows | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - dbAdminAnyDatabase | CIS MongoDB 3.2 Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - dbOwner | CIS MongoDB 3.2 Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - readWriteAnyDatabase | CIS MongoDB 3.2 Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.11 Block non-privileged mountd requests | CIS FreeBSD v1.0.5 | Unix | ACCESS CONTROL |
| 4.01 init.ora - '_trace_file_public = FALSE' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | ACCESS CONTROL |
| 4.01 init.ora - '_trace_files_public = FALSE' | CIS v1.1.0 Oracle 11g OS L1 | Unix | ACCESS CONTROL |
| 4.2 Ensure All Sample Data And Users Have Been Removed | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 4.2 Ensure All Sample Data And Users Have Been Removed | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 4.4 Ensure 'Find My iPhone/iPad' is set to 'Enabled' on end-user owned devices | MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 4.4 Ensure 'Find My iPhone/iPad' is set to 'Enabled' on end-user owned devices | MobileIron - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 4.12 init.ora - 'sql92_security = TRUE' | CIS v1.1.0 Oracle 11g OS L2 | Unix | ACCESS CONTROL |
| 4.12 init.ora - 'sql92_security = TRUE' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | ACCESS CONTROL |
| 5.5 Ensure the Default CGI Content printenv Script Is Removed | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | ACCESS CONTROL |
| 5.6 Ensure the Default CGI Content test-cgi Script Is Removed | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | ACCESS CONTROL |
| 5.6 Ensure the Default CGI Content test-cgi Script Is Removed | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | ACCESS CONTROL |
| 5.6 Set 'Disable changing certificate settings' to 'Enabled' | CIS IE 10 v1.1.0 | Windows | ACCESS CONTROL |
| 6.4 Find world writable files | CIS FreeBSD v1.0.5 | Unix | ACCESS CONTROL |
| 7.1 Ensure application security policies exist when allowing traffic from an untrusted zone to a more trusted zone | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | ACCESS CONTROL |
| 8.1.31 Set 'Software channel permissions' to 'Enabled:High safety' | CIS IE 10 v1.1.0 | Windows | ACCESS CONTROL |
| 8.3.33 Set 'Software channel permissions' to 'Enabled:High safety' | CIS IE 10 v1.1.0 | Windows | ACCESS CONTROL |
| 9.1.1 (L1) Ensure guest user access is restricted | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 9.1.8 (L1) Ensure enabling of external data sharing is restricted | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 14.12 Screening router - 'Implement to restrict access to database host' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | ACCESS CONTROL |
| 18.9.7.1.2 (L1) Ensure 'Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| Enables or disables Windows Game Recording and Broadcasting | MSCT Windows 11 v23H2 v1.0.0 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| FireEye - AAA LDAP binding user should not be an admin | TNS FireEye | FireEye | ACCESS CONTROL |
| Network access: Let Everyone permissions apply to anonymous users | MSCT Windows 10 v1507 v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Restrict anonymous access to Named Pipes and Shares | MSCT Windows Server v20H2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Restrict anonymous access to Named Pipes and Shares | MSCT Windows Server 1903 DC v1.19.9 | Windows | ACCESS CONTROL |
| Network access: Restrict anonymous access to Named Pipes and Shares | MSCT Windows Server v2004 DC v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Restrict anonymous access to Named Pipes and Shares | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | ACCESS CONTROL |
