| 1.128 WN16-CC-000400 | CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.129 WN19-CC-000360 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 1.129 WN19-CC-000360 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 1.130 WN19-CC-000370 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.130 WN22-CC-000370 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 1.131 WN19-CC-000380 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 1.156 WN10-CC-000270 | CIS Microsoft Windows 10 STIG v1.0.0 CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.158 WN10-CC-000280 | CIS Microsoft Windows 10 STIG v1.0.0 CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.159 WN10-CC-000285 | CIS Microsoft Windows 10 STIG v1.0.0 CAT II | Windows | ACCESS CONTROL |
| 1.246 WN22-SO-000390 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.246 WN22-SO-000390 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.1.6.2 (L1) Ensure 'Synchronize Outlook RSS Feeds with Common Feed List' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.10.4.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | AUDIT AND ACCOUNTABILITY |
| 18.10.29.2 Ensure 'Turn off account-based insights, recent, favorite, and recommended files in File Explorer' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v5.0.1 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.29.2 Ensure 'Turn off account-based insights, recent, favorite, and recommended files in File Explorer' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v5.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.57.3.10.1 Ensure 'Set time limit for active but idle Remote Desktop Services sessions' is set to 'Enabled: 15 minutes or less, but not Never (0)' | CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 | Windows | ACCESS CONTROL |
| 18.10.77.1.5 Ensure 'Service Enabled' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Do not allow drive redirection | MSCT Windows Server v20H2 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows 11 v24H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows 11 v25H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| WG340 A22 - A private web server must utilize an approved TLS version - SSLEngine | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG340 A22 - A private web server must utilize an approved TLS version - SSLProtocol | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG340 IIS6 - A private web server must utilize an approved TLS version. - '128-Bit Encryption Enabled' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG340 IIS6 - A private web server must utilize an approved TLS version. - 'PCT 1.0\Client' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG340 IIS6 - A private web server must utilize an approved TLS version. - 'PCT 1.0\Server' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG340 IIS6 - A private web server must utilize an approved TLS version. - 'SSL 2.0\Client' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG340 IIS6 - A private web server must utilize an approved TLS version. - 'SSL 2.0\Server' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG340 IIS6 - A private web server must utilize an approved TLS version. - 'SSL 3.0\Client' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG340 IIS6 - A private web server must utilize an approved TLS version. - 'SSL 3.0\Server' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG340 IIS6 - A private web server must utilize an approved TLS version. - 'SSL Enabled' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG340 IIS6 - A private web server must utilize an approved TLS version. - 'TLS 1.0\Client' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN10-CC-000270 - Passwords must not be saved in the Remote Desktop Client. | DISA Microsoft Windows 10 STIG v3r6 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN10-CC-000285 - The Remote Desktop Session Host must require secure RPC communications. | DISA Microsoft Windows 10 STIG v3r6 | Windows | ACCESS CONTROL |
| WN11-CC-000270 - Passwords must not be saved in the Remote Desktop Client. | DISA Microsoft Windows 11 STIG v2r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN11-CC-000280 - Remote Desktop Services must always prompt a client for passwords upon connection. | DISA Microsoft Windows 11 STIG v2r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-CC-000096 - Passwords must not be saved in the Remote Desktop Client. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-CC-000099 - Remote Desktop Services must always prompt a client for passwords upon connection. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-CC-000130 - The Remote Desktop Session Host must require secure RPC communications. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-CC-000130 - The Remote Desktop Session Host must require secure RPC communications. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-CC-000136 - Only the default client printer must be redirected to the Remote Desktop Session Host. (Remote Desktop Services Role). | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN16-CC-000390 - Remote Desktop Services must always prompt a client for passwords upon connection. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-CC-000370 - Windows Server 2019 Remote Desktop Services must require secure Remote Procedure Call (RPC) communications. | DISA Microsoft Windows Server 2019 STIG v3r8 | Windows | ACCESS CONTROL |
| WN22-CC-000370 - Windows Server 2022 Remote Desktop Services must require secure Remote Procedure Call (RPC) communications. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | ACCESS CONTROL |
| WN25-CC-000360 - Windows Server 2025 Remote Desktop Services must always prompt a client for passwords upon connection. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN25-CC-000370 - Windows Server 2025 Remote Desktop Services must require secure Remote Procedure Call (RPC) communications. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | ACCESS CONTROL |
