| 1.1.6 Ensure that the --insecure-port argument is set to 0 | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.2 Ensure daytime services are not enabled - daytime-dgram | CIS CentOS 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.3 Ensure discard services are not enabled - discard-stream | CIS Red Hat 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.4 Ensure echo services are not enabled - echo-dgram | CIS Red Hat 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.4 Ensure echo services are not enabled - echo-stream | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.5 Ensure time services are not enabled - time-stream | CIS CentOS 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.7 Ensure talk server is not enabled | CIS Red Hat 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.9 Ensure rsync service is not enabled | CIS Red Hat 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.12 Ensure Samba is not enabled | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.16 Ensure NIS Server is not enabled | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.16 Ensure nfs-utils is not installed or the nfs-server service is disabled | CIS CentOS 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.6 Restrict Published Information (if publishing is required) - publish-workstation=no | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.2 Restrict Recursive Queries - Caching Name Server | CIS BIND DNS v1.0.0 L1 Caching Only Name Server | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4 Disable Print Server - CUPS | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.5.3 Ensure RDS is disabled | CIS Red Hat 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.5.3 Ensure RDS is disabled | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.5.3 Ensure RDS is disabled | CIS CentOS 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.8 Disable NFS and RPC - nfslock | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.8 Disable NFS and RPC - portmap | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.2.1.6 Ensure remote rsyslog messages are only accepted on designated log hosts - $ModLoad imtcp | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.6.3 Disable RDS | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 5.1.8 Ensure cron is restricted to authorized users - /etc/cron.deny | CIS CentOS 6 Server L1 v3.0.0 | Unix | ACCESS CONTROL |
| 5.2.6 Accept Remote rsyslog Messages Only on Designated Log Hosts - $ModLoad imtcp.so | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.10 (L2) Ensure 'Microsoft iSCSI Initiator Service (MSiSCSI)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 5.12 (L2) Ensure 'Peer Networking Grouping (p2psvc)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 | Windows | CONFIGURATION MANAGEMENT |
| 5.14 (L2) Ensure 'PNRP Machine Name Publication Service (PNRPAutoReg)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 5.16 (L2) Ensure 'Remote Access Auto Connection Manager (RasAuto)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 5.17 (L2) Ensure 'Remote Desktop Configuration (SessionEnv)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 | Windows | CONFIGURATION MANAGEMENT |
| 5.18 (L2) Ensure 'Remote Desktop Services (TermService)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 5.22 (L1) Ensure 'Routing and Remote Access (RemoteAccess)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 5.25 (L2) Ensure 'SNMP Service (SNMP)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 5.28 (L1) Ensure 'UPnP Device Host (upnphost)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 5.33 (L2) Ensure 'Windows Remote Management (WS-Management) (WinRM)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 | Windows | CONFIGURATION MANAGEMENT |
| 5.33 (L2) Ensure 'Windows Remote Management (WS-Management) (WinRM)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 5.34 (L1) Ensure 'WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 6.2.12 Ensure no users have .forward files | CIS CentOS 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.3.3 Use pam_deny.so to Deny Services - auth requisite pam_deny.so /etc/pam.d/sshd | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 18.5.9.1 Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' - AllowLLTDIOOndomain | CIS Windows 7 Workstation Level 2 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.5.9.2 Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled' - AllowRspndrOnPublicNet | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.5.10.1 (L2) Ensure 'Turn off Microsoft Peer-to-Peer Networking Services' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.5.20.1 Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' - DisableInBand802DOT11Registrar | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.37.2 (L1) Ensure 'Restrict Unauthenticated RPC clients' is set to 'Enabled: Authenticated' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 18.8.52.1.2 (L2) Ensure 'Enable Windows NTP Server' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 18.9.59.3.3.4 (L2) Ensure 'Do not allow supported Plug and Play device redirection' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows 10 v21H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows Server 1903 DC v1.19.9 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows 10 v1507 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Ensure rsh server is not enabled - rexec | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure rsh server is not enabled - rlogin | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure rsh server is not enabled - rsh | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
