| 1.1 Create local-settings.js file - general.config.obscure | CIS Mozilla Firefox 102 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.1.3.2.1.2 Ensure 'Disable all trusted locations' is set to Enabled | CIS Microsoft Office Access 2013 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.5.1.1 Ensure 'Internet and Network Paths as Hyperlinks' is set to Disabled | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.6.2 Ensure 'Default File Format' is set to Enabled | CIS Microsoft Office Excel 2013 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.7.2.2.4 Ensure 'Document Behavior if File Validation Fails' is set to Enabled (Open in Protected View/Unchecked for 'Do not allow edit') | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.7.2.3.2 Ensure 'Disabled all Trusted Locations' is set to Enabled | CIS Microsoft Office Excel 2013 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.6.5.1 Ensure 'Default file format' is set to Enabled (PowerPoint Presentation (*pptx)) | CIS Microsoft Office PowerPoint 2013 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.6.6.6 Ensure 'Turn Off File Validation' is set to Disabled | CIS Microsoft Office PowerPoint 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.7.1.2 Ensure local login warning banner is configured properly - mrsv | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.5.2 (L1) Ensure 'Domain controller: Allow vulnerable Netlogon secure channel connections' is set to 'Not Configured' (DC Only) | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 2.3.5.2 (L1) Ensure 'Domain controller: Allow vulnerable Netlogon secure channel connections' is set to 'Not Configured' (DC Only) | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 2.3.10.12 (L1) Ensure 'Network access: Sharing and security model for local accounts' is set to 'Classic - local users authenticate as themselves' | CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 2.3.10.12 Ensure 'Network access: Sharing and security model for local accounts' is set to 'Classic - local users authenticate as themselves' - local users authenticate as themselves' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 2.3.10.13 (L1) Ensure 'Network access: Sharing and security model for local accounts' is set to 'Classic - local users authenticate as themselves' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 2.3.15.1 (L1) Ensure 'System objects: Require case insensitivity for non-Windows subsystems' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.15.2 Ensure 'System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 3.1.1 (L2) Ensure 'Default cookies setting' is set to 'Enabled: Keep cookies for the duration of the session' | CIS Google Chrome L2 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.1.1.1 (L1) Ensure 'Prevent enabling lock screen camera' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v3.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.1.1.1 (L1) Ensure 'Prevent enabling lock screen camera' is set to 'Enabled' | CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.1.1.1 Ensure 'Prevent enabling lock screen camera' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 18.1.1.2 (L1) Ensure 'Prevent enabling lock screen slide show' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v3.0.1 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.4.2 (L1) Ensure 'Configure RPC packet level privacy setting for incoming connections' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v3.0.1 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.4.2 (L1) Ensure 'Configure RPC packet level privacy setting for incoming connections' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.4.2 Ensure 'Configure RPC packet level privacy setting for incoming connections' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | CONFIGURATION MANAGEMENT |
| 18.7.3 (L1) Ensure 'Configure RPC connection settings: Protocol to use for outgoing RPC connections' is set to 'Enabled: RPC over TCP' | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.7.3 (L1) Ensure 'Configure RPC connection settings: Protocol to use for outgoing RPC connections' is set to 'Enabled: RPC over TCP' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.7.4 (L1) Ensure 'Configure RPC connection settings: Use authentication for outgoing RPC connections' is set to 'Enabled: Default' | CIS Microsoft Windows Server 2019 v3.0.1 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.7.4 (L1) Ensure 'Configure RPC connection settings: Use authentication for outgoing RPC connections' is set to 'Enabled: Default' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.7.5 (L1) Ensure 'Configure RPC listener settings: Protocols to allow for incoming RPC connections' is set to 'Enabled: RPC over TCP' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT |
| 18.7.5 (L1) Ensure 'Configure RPC listener settings: Protocols to allow for incoming RPC connections' is set to 'Enabled: RPC over TCP' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.7.11 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.7.11 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.7.13 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.8.28.1 (L1) Ensure 'Block user from showing account details on sign-in' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.8.28.1 Ensure 'Block user from showing account details on sign-in' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.27.1 (L2) Ensure 'Disallow copying of user input methods to the system account for sign-in' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.27.1 (L2) Ensure 'Disallow copying of user input methods to the system account for sign-in' is set to 'Enabled' | CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.27.1 (L2) Ensure 'Disallow copying of user input methods to the system account for sign-in' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v3.0.1 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.27.1 (L2) Ensure 'Disallow copying of user input methods to the system account for sign-in' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v3.0.1 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.27.1 (L2) Ensure 'Disallow copying of user input methods to the system account for sign-in' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v3.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.27.1 Ensure 'Disallow copying of user input methods to the system account for sign-in' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L2 Member Server | Windows | CONFIGURATION MANAGEMENT |
| 18.10.14.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.14.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 19.7.5.1 (L1) Ensure 'Do not preserve zone information in file attachments' is set to 'Disabled' | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 19.7.5.1 (L1) Ensure 'Do not preserve zone information in file attachments' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 20.18 Ensure 'Directory data (outside the root DSE) of a non-public directory is configured' (STIG DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.36 Ensure 'Members of the Backup Operators group have separate accounts for backup duties and normal operational tasks' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| Enable browser legacy extension point blocking | MSCT Edge v127 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Enable browser legacy extension point blocking | MSCT Edge v128 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Specifies whether SharedArrayBuffers can be used in a non cross-origin-isolated context | MSCT Edge v127 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
