| 1.2 Ensure Snowflake SCIM integration is configured to automatically provision and deprovision users and groups (i.e. roles) | CIS Snowflake Foundations v1.0.0 L2 | Snowflake | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.3.3 Ensure that the --use-service-account-credentials argument is set to true | CIS Kubernetes v1.11.1 L1 Master Node | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 2.2 Give the BIND User Account an Invalid Shell | CIS BIND DNS v1.0.0 L1 Authoritative Name Server | Unix | ACCESS CONTROL |
| 2.2 Give the BIND User Account an Invalid Shell | CIS BIND DNS v1.0.0 L1 Caching Only Name Server | Unix | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - dbAdminAnyDatabase | CIS MongoDB 3.2 Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - dbOwner | CIS MongoDB 3.2 Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - readWriteAnyDatabase | CIS MongoDB 3.2 Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 4.2 Ensure All Sample Data And Users Have Been Removed | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 4.2 Ensure All Sample Data And Users Have Been Removed | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.2.5 Minimize the admission of containers with allowPrivilegeEscalation | CIS Red Hat OpenShift Container Platform v1.7.0 L1 | OpenShift | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 5.2.6 Minimize the admission of root containers | CIS Red Hat OpenShift Container Platform v1.7.0 L2 | OpenShift | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 5.5 Ensure the Default CGI Content printenv Script Is Removed | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | ACCESS CONTROL |
| 5.6 Ensure the Default CGI Content test-cgi Script Is Removed | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | ACCESS CONTROL |
| 5.6 Ensure the Default CGI Content test-cgi Script Is Removed | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | ACCESS CONTROL |
| 18.9.7.1.2 (L1) Ensure 'Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| Back up files and directories | MSCT Windows Server 2019 DC v1.0.0 | Windows | ACCESS CONTROL |
| Create a pagefile | MSCT Windows Server 2016 MS v1.0.0 | Windows | ACCESS CONTROL |
| Create a pagefile | MSCT Windows Server v20H2 DC v1.0.0 | Windows | ACCESS CONTROL |
| Create a token object | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| Create a token object | MSCT Windows Server 2016 MS v1.0.0 | Windows | ACCESS CONTROL |
| Create a token object | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| Create global objects | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| Create global objects | MSCT Windows Server v20H2 DC v1.0.0 | Windows | ACCESS CONTROL |
| Create permanent shared objects | MSCT Windows Server 2019 DC v1.0.0 | Windows | ACCESS CONTROL |
| Create permanent shared objects | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| Create permanent shared objects | MSCT Windows Server v20H2 DC v1.0.0 | Windows | ACCESS CONTROL |
| Debug programs | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Debug programs | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| Debug programs | MSCT Windows Server 2016 MS v1.0.0 | Windows | ACCESS CONTROL |
| Deny log on locally | MSCT Windows Server 2016 MS v1.0.0 | Windows | ACCESS CONTROL |
| Deny log on through Remote Desktop Services | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Deny log on through Remote Desktop Services | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| Enable computer and user accounts to be trusted for delegation | MSCT Windows Server 2016 MS v1.0.0 | Windows | ACCESS CONTROL |
| Impersonate a client after authentication | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Lock pages in memory | MSCT Windows Server 2019 DC v1.0.0 | Windows | ACCESS CONTROL |
| Lock pages in memory | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| Manage auditing and security log | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| Modify firmware environment values | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| Modify firmware environment values | MSCT Windows Server 2019 DC v1.0.0 | Windows | ACCESS CONTROL |
| Modify firmware environment values | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Let Everyone permissions apply to anonymous users | MSCT Windows 10 v1507 v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Restrict anonymous access to Named Pipes and Shares | MSCT Windows Server v20H2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Restrict anonymous access to Named Pipes and Shares | MSCT Windows Server 1903 DC v1.19.9 | Windows | ACCESS CONTROL |
| Network access: Restrict anonymous access to Named Pipes and Shares | MSCT Windows Server v2004 DC v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Restrict anonymous access to Named Pipes and Shares | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | ACCESS CONTROL |
| Profile single process | MSCT Windows Server 2016 MS v1.0.0 | Windows | ACCESS CONTROL |
| Replace a process level token | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Restore files and directories | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| Restore files and directories | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| Restore files and directories | MSCT Windows Server v20H2 DC v1.0.0 | Windows | ACCESS CONTROL |
