| 1.1 Ensure the appropriate MongoDB software version/patches are installed | CIS MongoDB 6 v1.2.0 L1 MongoDB | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - lsmod | CIS Debian 8 Server L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - lsmod | CIS Debian 8 Workstation L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - modprobe | CIS Debian 8 Server L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - modprobe | CIS Debian 8 Workstation L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.9 Ensure noexec option set on /var/tmp partition | CIS Debian 8 Server L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.9 Ensure noexec option set on /var/tmp partition | CIS Debian 8 Workstation L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.16 Add noexec Option to /dev/shm Partition | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.16 Ensure noexec option set on /dev/shm partition | CIS Debian 8 Workstation L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.16 Ensure noexec option set on /dev/shm partition | CIS Debian 8 Server L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.19 Ensure noexec option set on removable media partitions | CIS Debian 8 Workstation L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.19 Ensure noexec option set on removable media partitions | CIS Debian 8 Server L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.1.3 Ensure 'Allow managed apps to store data in iCloud' is set to 'Disabled' | AirWatch - CIS Apple iOS 18 Benchmark v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.4 Ensure 'Allow iCloud backup' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.5 Ensure 'Allow iCloud documents & data' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.14 Ensure 'Allow trusting new enterprise app authors' is set to 'Disabled' | AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.14 Ensure 'Allow trusting new enterprise app authors' is set to 'Disabled' | MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | CONFIGURATION MANAGEMENT |
| 3.029 - Print driver installation privilege is not restricted to administrators. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.17 Ensure HTTP Header Referrer-Policy is set appropriately | CIS Apache HTTP Server 2.4 v2.2.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.060 - Media Player must be configured to prevent automatic checking for updates. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.128 - Search Companion prevented from automatically downloading content updates. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.131 - Windows is prevented from using Windows Update to search for drivers. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.211 - Driver Install - Device Driver Search Prompt | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.242 - Windows Installer - User Control | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.243 - Windows Installer - Vendor Signed Updates | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.250 - Unsigned gadgets must not be installed. - TurnOffUnsignedGadgets | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.251 - The More Gadgets link must be disabled. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.252 - User-installed gadgets must be turned off. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 6.1.1 Ensure Show All Filename Extensions Setting is Enabled | CIS Apple macOS 14.0 Sonoma v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 6.2 Ensure Show All Filename Extensions Setting is Enabled | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 9.22 Find SUID/SGID System Executables | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 18.10.15.8 (L1) Ensure 'Toggle user control over Insider builds' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.8 (L1) Ensure 'Toggle user control over Insider builds' is set to 'Disabled' | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.8 Ensure 'Toggle user control over Insider builds' is set to 'Disabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.8 Ensure 'Toggle user control over Insider builds' is set to 'Disabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 20.3 (L1) Ensure 'Microsoft Internet Explorer is not installed on the system' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| APPL-11-002067 - The macOS system must prohibit user installation of software without explicit privileged status. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002067 - The macOS system must prohibit user installation of software without explicit privileged status. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-14-005080 The macOS system must prohibit user installation of software into /users/. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-005080 - The macOS system must prohibit user installation of software into /users/. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| CD12-00-008400 - PostgreSQL must prohibit user installation of logic modules (functions, trigger procedures, views, etc.) without explicit privileged status. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | CONFIGURATION MANAGEMENT |
| CNTR-R2-001270 - Rancher RKE2 must prohibit the installation of patches, updates, and instantiation of container images without explicit privileged status. | DISA Rancher Government Solutions RKE2 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| EPAS-00-008400 - The EDB Postgres Advanced Server must prohibit user installation of logic modules (stored procedures, functions, triggers, views, etc.) without explicit privileged status. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| EX19-MB-000194 - The Exchange application directory must be protected from unauthorized access. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| FGFW-ND-000145 - The FortiGate device must prohibit installation of software without explicit privileged status. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT |
| MADB-10-007800 - MariaDB must prohibit user installation of logic modules (stored procedures, functions, triggers, views, etc.) without explicit privileged status. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | CONFIGURATION MANAGEMENT |
| MD4X-00-005300 - MongoDB must prohibit user installation of logic modules (stored procedures, functions, triggers, views, etc.) without explicit privileged status. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 DB | MongoDB | CONFIGURATION MANAGEMENT |
| MD7X-00-007700 MongoDB must prohibit user installation of logic modules (stored procedures, functions, triggers, views, etc.) without explicit privileged status. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| MD7X-00-007700 MongoDB must prohibit user installation of logic modules (stored procedures, functions, triggers, views, etc.) without explicit privileged status. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | MongoDB | CONFIGURATION MANAGEMENT |
| WINCC-000001 - The Windows Installer Always install with elevated privileges must be disabled. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
