| 1.3 Disable all management related services on WAN port | CIS Fortigate 7.0.x v1.3.0 L1 | FortiGate | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 2.2.31 Ensure 'Deny log on through Remote Desktop Services' is set to 'Guests, Local account' (MS only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.3 Ensure authentication is enabled in the sharded cluster - authenticationMechanisms | CIS MongoDB 5 L2 OS Windows v1.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster - CAFile | CIS MongoDB 5 L2 OS Windows v1.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster - clusterAuthMode | CIS MongoDB 5 L2 OS Windows v1.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster - clusterFile | CIS MongoDB 5 L2 OS Windows v1.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster - PEMKeyFile | CIS MongoDB 5 L2 OS Windows v1.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.8.1 Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.10.11 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only) | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.10.13 Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | ACCESS CONTROL |
| 2.3.10.13 Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.10.13 Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.3.10.13 Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.10.13 Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' (MS only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.11.3 Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 4.3 Ensure Encryption of Data in Transit TLS or SSL (Transport Encryption) | CIS MongoDB 5 L1 OS Windows v1.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.4 Ensure Federal Information Processing Standard (FIPS) is enabled | CIS MongoDB 5 L2 OS Windows v1.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Configure Solaris Auditing - active audit policies = argv,cnt,zonename | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - active non-attributable flags = lo | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - active non-attributable flags = lo | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - active user flags = cis,ex,aa,ua,as,ss,lo,ft | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - audit condition = auditing | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - audit_binfile (active) | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - audit_binfile attributes: p_minfree=1; | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - audit_binfile attributes: p_minfree=1; | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - audit_flags root = lo,ad,ft,ex,cis:no | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - audit_flags root = lo,ad,ft,ex,cis:no | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - configured audit policies = argv,cnt,zonename | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - configured audit policies = argv,cnt,zonename | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - configured non-attributable flags = lo | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - configured user flags = cis,ex,aa,ua,as,ss,lo,ft | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - configured user flags = cis,ex,aa,ua,as,ss,lo,ft | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - var/audit/*.not_terminated.* | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - var/audit/*.not_terminated.* | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Ensure Encryption of Data at Rest | CIS MongoDB 5 L2 OS Windows v1.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1 Ensure that system activity is audited | CIS MongoDB 5 L1 OS Windows v1.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 6.1 Ensure that MongoDB uses a non-default port | CIS MongoDB 5 L1 OS Windows v1.2.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 6.2 Ensure that operating system resource limits are set for MongoDB | CIS MongoDB 5 L2 OS Windows v1.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3.4 (L1) Ensure standard processes are used for VM deployment | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 49.22 (L1) Ensure 'Network Security: Allow PKU2U authentication requests' is set to 'Block' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later) - EncryptionMethodWithXtsFdv | MSCT Windows 10 1803 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later) - EncryptionMethodWithXtsFdv | MSCT Windows 10 1809 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later) - EncryptionMethodWithXtsRdv | MSCT Windows 10 1809 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS_Palo_Alto_Firewall_8_Benchmark_L1_v1.0.0.audit from CIS Palo Alto Firewall 8 Benchmark v1.0.0 | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | |
