| 1.1.4.6 Set 'Increase scheduling priority' to 'Administrators' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.17 Set 'Modify firmware environment values' to 'Administrators' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.22 Set 'Profile system performance' to 'NT SERVICE\WdiServiceHost,Administrators' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.28 Set 'Manage auditing and security log' to 'Administrators' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.38 Set 'Load and unload device drivers' to 'Administrators' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.4.2 Ensure bootloader password is set | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.2 Ensure bootloader password is set | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.3 Ensure authentication required for single user mode - rescue.service | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.5.1 Ensure permissions on bootloader config are configured | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.5.2 Ensure bootloader password is set - 'passwd_pbkdf2' | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.7.1.4 Ensure permissions on /etc/motd are configured | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.8.1.5 Ensure permissions on /etc/issue are configured | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.4 Ensure 'Adjust memory quotas for a process' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.9 Ensure 'Change the time zone' is set to 'Administrators, LOCAL SERVICE, Users' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.28 Ensure 'Log on as a batch job' is set to 'Administrators' | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.34 (L1) Ensure 'Profile single process' is set to 'Administrators' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.37 (L1) Ensure 'Restore files and directories' is set to 'Administrators' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.39 (L1) Ensure 'Take ownership of files or other objects' is set to 'Administrators' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.17.3 (L1) Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation requests' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 3.3.4 Ensure permissions on /etc/hosts.allow are configured | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.4.5 Ensure permissions on /etc/hosts.deny are configured | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.8 Ensure only the default permissions specified by Microsoft are granted to the public server role | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | ACCESS CONTROL |
| 4.1.16 Ensure system administrator actions (sudolog) are collected - auditctl | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.4 Ensure rsyslog default file permissions configured | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.1 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Network' Packages - Network Packages | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.1.1.3 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Encryption' Packages - Encryption Packages | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.1.1.5 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Job Scheduler' Packages | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 5.1.1.5 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Job Scheduler' Packages | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 5.1.1.6 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'SQL Injection Helper' Packages | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 5.1.5 Ensure permissions on /etc/cron.weekly are configured | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | ACCESS CONTROL |
| 5.1.6 Ensure permissions on /etc/cron.monthly are configured | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | ACCESS CONTROL |
| 5.1.7 Ensure permissions on /etc/cron.d are configured | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | ACCESS CONTROL |
| 5.2.2 Ensure 'DBA_SYS_PRIVS.%' Is Revoked from Unauthorized 'GRANTEE' with 'ADMIN_OPTION' Set to 'YES' | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.2.4 Ensure 'EXECUTE ANY PROCEDURE' Is Revoked from 'DBSNMP' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 5.2.10 Ensure 'CREATE PROCEDURE' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.2.10 Ensure 'CREATE PROCEDURE' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.2.12 Ensure 'CREATE ANY LIBRARY' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 5.2.13 Ensure 'CREATE LIBRARY' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 5.2.15 Ensure 'GRANT ANY ROLE' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.3.2 Ensure 'SELECT_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 5.6 Ensure root login is restricted to system console | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.6 Ensure root login is restricted to system console | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.6 Ensure root login is restricted to system console | CIS Red Hat 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.7 Ensure access to the su command is restricted - pam_wheel.so | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | ACCESS CONTROL |
| 5.7 Ensure access to the su command is restricted - wheel group contains root | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | ACCESS CONTROL |
| 6.1.13 Audit SUID executables | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL |
| 6.1.14 Audit SGID executables | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.6 Ensure root is the only UID 0 account | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.2.7 Ensure root PATH Integrity | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 7.3 Set Default Group for root Account | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
