| 1.1.4.10 Set 'Create global objects' to 'Administrators, SERVICE, LOCAL SERVICE, NETWORK SERVICE' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.17 Set 'Modify firmware environment values' to 'Administrators' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.21 Set 'Deny log on locally' to 'Guests' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.23 Set 'Restore files and directories' to 'Administrators' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.33 Configure 'Deny log on as a service' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.36 Set 'Allow log on locally' to 'Administrators, Users' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.37 Set 'Lock pages in memory' to 'No One' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.40 Set 'Replace a process level token' to 'Local Service, Network Service' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.3.3 Ensure that the --use-service-account-credentials argument is set to true | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.2 Ensure 'Access this computer from the network' is set to 'Administrators, Remote Desktop Users' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.3 Ensure 'Act as part of the operating system' is set to 'No One' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.16 Ensure 'Deny access to this computer from the network' to include 'Guests, Local account' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.16 Ensure 'Deny access to this computer from the network' to include 'Guests, Local account' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.19 Ensure 'Deny log on locally' to include 'Guests' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.20 Ensure 'Deny log on through Remote Desktop Services' to include 'Guests, Local account' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.21 Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.25 Ensure 'Increase scheduling priority' is set to 'Administrators' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.29 Configure 'Log on as a service' | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.35 Ensure 'Profile system performance' is set to 'Administrators, NT SERVICE\WdiServiceHost' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.36 Ensure 'Replace a process level token' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.38 Ensure 'Shut down the system' is set to 'Administrators, Users' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.38 Ensure 'Shut down the system' is set to 'Administrators, Users' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 2.7.1 Ensure 'Notification Settings' are configured for all 'Managed Apps' | MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 4.4 Ensure 'Find My iPhone/iPad' is set to 'Enabled' on end-user owned devices | AirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| Access Credential Manager as a trusted caller | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
| Access this computer from the network | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
| Allow log on locally | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
| Allow log on locally | MSCT Windows 10 1809 v1.0.0 | Windows | ACCESS CONTROL |
| Big Sur - Enable Recovery Lock | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL |
| Big Sur - Enable Recovery Lock | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| Create a pagefile | MSCT Windows 10 1809 v1.0.0 | Windows | ACCESS CONTROL |
| Create a token object | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
| Create permanent shared objects | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
| Debug programs | MSCT Windows 10 v21H2 v1.0.0 | Windows | ACCESS CONTROL |
| Deny access to this computer from the network | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
| Deny access to this computer from the network | MSCT Windows 10 1809 v1.0.0 | Windows | ACCESS CONTROL |
| Deny log on through Remote Desktop Services | MSCT Windows 10 v21H2 v1.0.0 | Windows | ACCESS CONTROL |
| Enable computer and user accounts to be trusted for delegation | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
| Force shutdown from a remote system | MSCT Windows 10 v21H2 v1.0.0 | Windows | ACCESS CONTROL |
| Force shutdown from a remote system | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
| Impersonate a client after authentication | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
| Load and unload device drivers | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
| Load and unload device drivers | MSCT Windows 10 v21H2 v1.0.0 | Windows | ACCESS CONTROL |
| Load and unload device drivers | MSCT Windows 10 1809 v1.0.0 | Windows | ACCESS CONTROL |
| Manage auditing and security log | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
| Modify firmware environment values | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
| Modify firmware environment values | MSCT Windows 10 v21H2 v1.0.0 | Windows | ACCESS CONTROL |
| Modify firmware environment values | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
| Profile single process | MSCT Windows 10 v21H2 v1.0.0 | Windows | ACCESS CONTROL |
