| 1.1.19 Ensure that the --authorization-mode argument is not set to AlwaysAllow | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.32 Ensure that the --authorization-mode argument includes Node | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.3.4.2 Set 'Configure Offer Remote Assistance' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.9 Ensure 'Developer Options' is set to 'Disabled' | AirWatch - CIS Google Android v1.3.0 L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.1.4 Ensure that the --read-only-port argument is set to 0 | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.6 Ensure LDAP server is not enabled | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.9 Ensure FTP Server is not enabled | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.13 Ensure HTTP Proxy Server is not enabled | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.14 Ensure SNMP Server is not enabled | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.19 Ensure tftp server is not enabled | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.6 Ensure LDAP server is not enabled | CIS Amazon Linux v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.7 Ensure NFS and RPC are not enabled - RPC | CIS Amazon Linux v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.3 Ensure that User-ID is only enabled for internal trusted interfaces | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3 Ensure that User-ID is only enabled for internal trusted interfaces | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4 Ensure that 'Include/Exclude Networks' is used if User-ID is enabled | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4 Ensure that 'Include/Exclude Networks' is used if User-ID is enabled | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.2 Ensure SCTP is disabled | CIS Amazon Linux v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.5.3 Ensure RDS is disabled | CIS Amazon Linux v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 4.2.2.5 Ensure remote syslog-ng messages are only accepted on designated log hosts | CIS Amazon Linux v2.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.5 Ensure remote syslog-ng messages are only accepted on designated log hosts | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.5 Ensure remote syslog-ng messages are only accepted on designated log hosts | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.8 Ensure at/cron is restricted to authorized users - at.deny does not exist | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 5.1.8 Ensure at/cron is restricted to authorized users - cron.deny | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.1.8 Ensure at/cron is restricted to authorized users - cron.deny does not exist | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 6.2.12 Ensure no users have .netrc files | CIS Amazon Linux v2.1.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.2.14 Ensure no users have .rhosts files | CIS Amazon Linux v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 6.9 Restrict at/cron To Authorized Users - should pass if /etc/cron.d/at.deny does not exist. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 6.9 Restrict at/cron To Authorized Users - should pass if /etc/cron.d/cron.deny does not exist. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 6.13 Restrict at/cron to Authorized Users - /etc/cron.d/at.deny | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 6.13 Restrict at/cron to Authorized Users - /etc/cron.d/at.deny | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL |
| 6.13 Restrict at/cron to Authorized Users - /etc/cron.d/at.deny | CIS Solaris 11 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 6.13 Restrict at/cron to Authorized Users - /etc/cron.d/cron.deny | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL |
| 6.13 Restrict at/cron to Authorized Users - /etc/cron.d/cron.deny | CIS Solaris 11 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 6.13 Restrict at/cron to Authorized Users - /etc/cron.d/cron.deny | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 9.1.8 Restrict at/cron to Authorized Users - /etc/at.deny | CIS Debian Linux 7 L1 v1.0.0 | Unix | ACCESS CONTROL |
| 9.1.8 Restrict at/cron to Authorized Users - /etc/at.deny | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | ACCESS CONTROL |
| 9.1.8 Restrict at/cron to Authorized Users - /etc/cron.deny | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | ACCESS CONTROL |
| 9.1.8 Restrict at/cron to Authorized Users - /etc/cron.deny | CIS Debian Linux 7 L1 v1.0.0 | Unix | ACCESS CONTROL |
| 9.4 Disable the HTTP Statistics Server | CIS BIND DNS v1.0.0 L1 Caching Only Name Server | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 9.19 Check for Presence of User .netrc Files | CIS Solaris 11.2 L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 9.20 Check for Presence of User .netrc Files | CIS Solaris 11.1 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 9.20 Check for Presence of User .netrc Files | CIS Solaris 11 L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 9.20 Check for presence of user .netrc files - Checks for the presence of .netrc files in home directories. | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 13.18 Check for Presence of User .netrc Files | CIS Debian Linux 7 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 13.18 Check for Presence of User .netrc Files | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 18.8.7.2 Ensure 'Allow remote access to the Plug and Play interface' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 18.8.7.2 Ensure 'Allow remote access to the Plug and Play interface' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 18.8.36.1 Ensure 'Configure Offer Remote Assistance' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 18.8.36.1 Ensure 'Configure Offer Remote Assistance' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| Ensure remote syslog-ng messages are only accepted on designated log hosts | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
