| 1.13.2.4 Ensure 'Message Formats' is set to Enabled:S/MIME and Fortezza | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.1.6.2 (L1) Ensure 'Synchronize Outlook RSS Feeds with Common Feed List' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.10.4.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 4.11.36.4.2.1 (L2) Ensure 'Allow users to connect remotely by using Remote Desktop Services' is set to 'Disabled' | CIS Microsoft Intune for Windows 10 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 4.11.36.4.2.1 (L2) Ensure 'Allow users to connect remotely by using Remote Desktop Services' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.35.1 (L1) Ensure 'Prevent the computer from joining a homegroup' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.35.1 Ensure 'Prevent the computer from joining a homegroup' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.35.1 Ensure 'Prevent the computer from joining a homegroup' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.76.1.3 (L1) Ensure 'Notify Password Reuse' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.76.1.3 (L1) Ensure 'Notify Password Reuse' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.76.1.4 (L1) Ensure 'Notify Unsafe App' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.76.1.5 (L1) Ensure 'Service Enabled' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.76.1.5 (L1) Ensure 'Service Enabled' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.76.1.5 (L1) Ensure 'Service Enabled' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Do not allow drive redirection | MSCT Windows Server v1909 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows Server v2004 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT MSCT Windows Server 2022 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows 10 v20H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows 11 v22H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows Server v20H2 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows Server v1909 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows Server 2019 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows 10 1803 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows 10 1809 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows 10 1903 v1.19.9 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows 10 v21H1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows 10 v21H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows 10 v1507 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows 10 v22H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows Server 1903 DC v1.19.9 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows 11 v24H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| O365-CO-000019 - The MIME Sniffing safety feature must be enabled in all Office programs. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WG340 IIS6 - A private web server must utilize an approved TLS version. - 'PCT 1.0\Server' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG340 IIS6 - A private web server must utilize an approved TLS version. - 'SSL 2.0\Server' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG340 IIS6 - A private web server must utilize an approved TLS version. - 'TLS 1.0\Server' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN10-CC-000285 - The Remote Desktop Session Host must require secure RPC communications. | DISA Microsoft Windows 10 STIG v3r4 | Windows | ACCESS CONTROL |
| WN11-CC-000280 - Remote Desktop Services must always prompt a client for passwords upon connection. | DISA Microsoft Windows 11 STIG v2r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN11-CC-000285 - The Remote Desktop Session Host must require secure RPC communications. | DISA Microsoft Windows 11 STIG v2r3 | Windows | ACCESS CONTROL |
| WN12-CC-000096 - Passwords must not be saved in the Remote Desktop Client. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-CC-000099 - Remote Desktop Services must always prompt a client for passwords upon connection. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-CC-000099 - Remote Desktop Services must always prompt a client for passwords upon connection. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-CC-000130 - The Remote Desktop Session Host must require secure RPC communications. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-CC-000130 - The Remote Desktop Session Host must require secure RPC communications. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-CC-000136 - Only the default client printer must be redirected to the Remote Desktop Session Host. (Remote Desktop Services Role). | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN16-CC-000400 - The Remote Desktop Session Host must require secure Remote Procedure Call (RPC) communications. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | ACCESS CONTROL |
| WN19-CC-000370 - Windows Server 2019 Remote Desktop Services must require secure Remote Procedure Call (RPC) communications. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL |
| WN22-CC-000370 - Windows Server 2022 Remote Desktop Services must require secure Remote Procedure Call (RPC) communications. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL |
