| 2.3.5.3 (L1) Ensure 'Domain controller: LDAP server channel binding token requirements' is set to 'Always' (DC Only) | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.5.3 (L1) Ensure 'Domain controller: LDAP server channel binding token requirements' is set to 'Always' (DC Only) | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.5.3 (L1) Ensure 'Domain controller: LDAP server channel binding token requirements' is set to 'Always' (DC Only) | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.10.11 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only) | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.3.10.11 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only) | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.3.13.1 (L1) Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.3.13.1 (L1) Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.3.13.1 (L1) Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | ACCESS CONTROL |
| 2.3.13.1 (L1) Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.3.13.1 (L1) Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.13.1 (L1) Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.13.1 (L1) Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled' | CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.13.1 (L1) Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.13.1 (L1) Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.3.13.1 (L1) Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled' | CIS Microsoft Windows Server 2016 v4.0.0 L1 DC | Windows | ACCESS CONTROL |
| 2.3.13.1 (L1) Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled' | CIS Microsoft Windows Server 2016 v4.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.13.1 (L1) Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.13.1 (L1) Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | ACCESS CONTROL |
| 2.3.13.1 (L1) Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.3.13.1 (L1) Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.3.13.1 Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled' | CIS Microsoft Windows Server 2022 v5.0.0 L1 DC | Windows | ACCESS CONTROL |
| ARDC-CN-000010 - Adobe Reader DC must enable Enhanced Security in a Browser. | DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARDC-CN-000030 - Adobe Reader DC must block access to Unknown Websites. | DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DISA_F5_BIG-IP_AFM_v2r2.audit from DISA F5 BIG-IP Advanced Firewall Manager v2r2 STIG | DISA F5 BIG-IP Advanced Firewall Manager STIG v2r2 | F5 | |
| DISA_F5_BIG-IP_APM_v2r4.audit from DISA F5 BIG-IP Access Policy Manager v2r4 STIG | DISA F5 BIG-IP Access Policy Manager STIG v2r4 | F5 | |
| DISA_F5_BIG-IP_ASM_v2r2.audit from DISA F5 BIG-IP Application Security Manager v2r2 STIG | DISA F5 BIG-IP Application Security Manager STIG v2r2 | F5 | |
| DISA_F5_BIG-IP_LTM_v2r4.audit from DISA F5 BIG-IP Local Traffic Manager v2r4 STIG | DISA F5 BIG-IP Local Traffic Manager STIG v2r4 | F5 | |
| DISA_STIG_Docker_Enterprise_2.x_Linux_Unix_DTR_v2r2.audit from DISA Docker Enterprise 2.x Linux/UNIX v2r2 STIG | DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2 | Unix | |
| DISA_STIG_Docker_Enterprise_2.x_Linux_Unix_UCP_v2r2.audit from DISA Docker Enterprise 2.x Linux/UNIX v2r2 STIG | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2 | Unix | |
| DISA_STIG_Docker_Enterprise_2.x_Linux_Unix_v2r2.audit from DISA Docker Enterprise 2.x Linux/UNIX v2r2 STIG | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | |
| DISA_STIG_Microsoft_Excel_2010_v1r11.audit for Microsoft Excel 2010, from DISA STIG Microsoft Excel 2010 v1r11 | DISA STIG Office 2010 Excel v1r11 | Windows | |
| DISA_STIG_Microsoft_Publisher_2016_v1r3.audit for Microsoft Publisher 2016, from DISA STIG Microsoft Publisher 2016 v1r3 | DISA STIG Microsoft Publisher 2016 v1r3 | Windows | |
| DISA_STIG_Splunk_Enterprise_8.x_for_Linux_OS_v2r3.audit from DISA Splunk Enterprise 8.x for Linux v2r3 STIG | DISA STIG Splunk Enterprise 8.x for Linux v2r3 STIG OS | Unix | |
| DISA_STIG_VMware_vSphere_7.0_Photon_OS_v1r4.audit from DISA VMware vSphere 7.0 vCenter Appliance Photon OS v1r4 STIG | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | |
| DISA_VMware_vSphere_8.0_vCenter_Appliance_Lookup_Service_STIG_v2r1.audit from DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | |
| GEN002860 - Audit logs must be rotated daily. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| Network security: LAN Manager authentication level | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Network security: LAN Manager authentication level | MSCT Windows Server 2022 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Network security: LAN Manager authentication level | MSCT Windows Server v20H2 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Network security: LAN Manager authentication level | MSCT Windows 11 v22H2 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Network security: LAN Manager authentication level | MSCT Windows 11 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Network security: LAN Manager authentication level | MSCT Windows Server 1903 MS v1.19.9 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Network security: LAN Manager authentication level | MSCT Windows Server 2016 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Network security: LAN Manager authentication level | MSCT Windows 11 v25H2 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Network security: LAN Manager authentication level - LmCompatibilityLevel | MSCT Windows Server 2025 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Network security: LAN Manager authentication level - LmCompatibilityLevel | MSCT Windows Server 2025 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN16-DC-000401 - Windows Server 2016 must be configured for name-based strong mappings for certificates. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | ACCESS CONTROL |
| WN22-DC-000405 - Windows Server 2022 must be configured for certificate-based authentication for domain controllers. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | ACCESS CONTROL |
| WN25-DC-000405 - Windows Server 2025 must be configured for certificate-based authentication for domain controllers. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | ACCESS CONTROL |
| WN25-DC-000406 - Windows Server 2025 must be configured for name-based strong mappings for certificates. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | ACCESS CONTROL |
