| 1.1.1 Enable 'aaa new-model' | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | ACCESS CONTROL |
| 1.1.3 Enable 'aaa authentication enable default' | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | ACCESS CONTROL |
| 1.1.3 Enable 'aaa authentication enable default' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL |
| 1.4.3.2 Ensure 'aaa authentication http console' is configured correctly | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | ACCESS CONTROL |
| 1.4.3.3 Ensure 'aaa authentication secure-http-client' is configured correctly | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | ACCESS CONTROL |
| 1.4.3.5 Ensure 'aaa authentication ssh console' is configured correctly | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | ACCESS CONTROL |
| 1.4.4.1 Ensure 'aaa command authorization' is configured correctly | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | ACCESS CONTROL |
| 1.12 Ensure there is only one active access key for any single IAM user | CIS Amazon Web Services Foundations v5.0.0 L1 | amazon_aws | ACCESS CONTROL |
| 2.2.26 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'Administrators' (DC only) | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.2.27 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.2.27 Ensure 'Force shutdown from a remote system' is set to 'Administrators' - Administrators | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.2.28 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only) | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.2.29 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.2.29 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.3.4 (L2) Ensure 'Default third-party storage partitioning setting' Is Enabled and Blocked | CIS Google Chrome L2 v3.0.0 | Windows | ACCESS CONTROL |
| 2.4.2 Set AAA 'source-interface' | CIS Cisco IOS XE 16.x v2.1.0 L2 | Cisco | ACCESS CONTROL |
| 2.5 Do Not Reuse Usernames | CIS MySQL 8.4 Enterprise v1.0.0 L1 Database | MySQLDB | ACCESS CONTROL |
| 2.12 Ensure that authorization for Docker client commands is enabled | CIS Docker v1.7.0 L2 Docker - Linux | Unix | ACCESS CONTROL |
| 2.13 Ensure the 'sa' Login Account is set to 'Disabled' | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | ACCESS CONTROL |
| 2.18 Implement Connection Delays to Limit Failed Login Attempts | CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 Database | MySQLDB | ACCESS CONTROL |
| 3.3 Ensure that MongoDB is run using a non-privileged, dedicated service account | CIS MongoDB 7 v1.1.0 L1 MongoDB | Windows | ACCESS CONTROL |
| 3.3 Ensure that MongoDB is run using a non-privileged, dedicated service account | CIS MongoDB 6 v1.2.0 L1 MongoDB | Windows | ACCESS CONTROL |
| 3.4 Ensure SQL Authentication is not used in contained databases | CIS SQL Server 2017 Database L1 AWS RDS v1.3.0 | MS_SQLDB | ACCESS CONTROL |
| 3.10 Use Identity Aware Proxy (IAP) to Ensure Only Traffic From Google IP Addresses are 'Allowed' | CIS Google Cloud Platform v3.0.0 L2 | GCP | ACCESS CONTROL |
| 4.1.9 Avoid non-default bindings to system:unauthenticated | CIS Google Kubernetes Engine (GKE) v1.7.0 L1 | GCP | ACCESS CONTROL |
| 4.3 Review The Users Created Through Real Application Security | CIS Oracle Database 23ai v1.0.0 L1 RDBMS | OracleDB | ACCESS CONTROL |
| 4.4.2 Ensure lockout for failed password attempts is configured | CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server | Unix | ACCESS CONTROL |
| 5.2.4 Ensure SSH access is limited | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | ACCESS CONTROL |
| 5.2.7 Ensure Password Age Is Configured | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | ACCESS CONTROL |
| 5.2.7 Ensure SSH MaxAuthTries is set to 4 or less | CIS Fedora 19 Family Linux Workstation L1 v1.0.0 | Unix | ACCESS CONTROL |
| 5.2.10 Ensure SSH root login is disabled | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | ACCESS CONTROL |
| 5.2.17 Ensure SSH access is limited | CIS Debian Family Workstation L1 v1.0.0 | Unix | ACCESS CONTROL |
| 5.4.1.4 Ensure inactive password lock is 30 days or less - users | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | ACCESS CONTROL |
| 5.4.2 Ensure lockout for failed password attempts is configured - system-auth | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL |
| 5.5 Automatically lock the login keychain for inactivity | CIS Apple macOS 10.12 L2 v1.2.0 | Unix | ACCESS CONTROL |
| 5.5 Ensure root login is restricted to system console | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | ACCESS CONTROL |
| 5.5 Ensure root login is restricted to system console | CIS Debian Family Server L1 v1.0.0 | Unix | ACCESS CONTROL |
| 5.5 Ensure root login is restricted to system console | CIS Debian 9 Server L1 v1.0.1 | Unix | ACCESS CONTROL |
| 5.6 Database Manager Configuration Parameter: FED_NOAUTH | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL |
| 5.11 DB2CHGPWD_EEE Registry Variable | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL |
| 6.2.4 Ensure no legacy "+" entries exist in /etc/group | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | ACCESS CONTROL |
| 6.5 Restrict Access to the su Command - auth required pam_wheel.so use_uid' | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 7.7 Ensure No Anonymous Accounts Exist | CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 Database | MySQLDB | ACCESS CONTROL |
| Catalina - Disable Guest Access to Shared Apple File Protocol Folders | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Guest Access to Shared Apple File Protocol Folders | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Guest Access to Shared Apple File Protocol Folders | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Guest Access to Shared SMB Folders | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Guest Access to Shared SMB Folders | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Guest Access to Shared SMB Folders | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Citrix ADC - System Parameters - Local Authentication | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | ACCESS CONTROL |
