| 1.2.10 Set 'transport input none' for 'line aux 0' | CIS Cisco IOS 12 L1 v4.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.6.1 Disable Telnet Access | CIS Cisco IOS XR 7.x v1.0.0 L1 | Cisco | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.9.1 Ensure 'Enable Gamer Mode' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.11.2 (L1) Ensure 'Guided Switch Enabled' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.25.3 (L1) Ensure 'Enable Microsoft Defender SmartScreen DNS requests' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.26.1 (L1) Ensure 'Disable Bing chat entry-points on Microsoft Edge Enterprise new tab page' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.33 (L1) Ensure 'Allow importing of autofill form data' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.134 (L1) Ensure 'Wallet Donation Enabled' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 4.2 Enable Auditing of Incoming Network Connections | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.11 Ensure sshd KexAlgorithms is configured | CIS Red Hat EL8 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.11 Ensure sshd KexAlgorithms is configured | CIS Rocky Linux 8 Workstation L1 v2.0.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.11 Ensure sshd KexAlgorithms is configured | CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.12 Ensure sshd KexAlgorithms is configured | CIS CentOS Linux 7 v4.0.0 L1 Workstation | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.12 Ensure sshd KexAlgorithms is configured | CIS Oracle Linux 7 v4.0.0 L1 Server | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Enable Auditing of File Metadata Modification Events | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.7.3.9 Ensure sshd KexAlgorithms is configured | CIS IBM AIX 7 v1.0.0 L1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.1 Ensure 'sslEnabled' is set to 'true' within the CSIv2 Transport Layer | CIS IBM WebSphere Liberty v1.0.0 L1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.5 Ensure sshd KexAlgorithms is configured | CIS AlmaLinux OS 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.5 Ensure sshd KexAlgorithms is configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.5 Ensure sshd KexAlgorithms is configured | CIS SUSE Linux Enterprise 15 v2.0.0 L1 Server | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.1 Ensure 'sslEnabled' is set to 'true' within the CSIv2 TransportLayer - needsReview/Zech | CIS IBM WebSphere Liberty v1.0.0 L1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.15 Ensure only strong Key Exchange algorithms are used | CIS Debian 8 Workstation L1 v2.0.2 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.15 Ensure only strong Key Exchange algorithms are used | CIS Debian 8 Server L1 v2.0.2 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.16 Ensure only strong Key Exchange algorithms are used - approved algorithms | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.16 Ensure only strong Key Exchange algorithms are used - approved algorithms | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.16 Ensure only strong Key Exchange algorithms are used - sshd | CIS CentOS 6 Server L1 v3.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.16 Ensure only strong Key Exchange algorithms are used - sshd_config | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.16 Ensure only strong Key Exchange algorithms are used - weak algorithms | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.16 Ensure only strong Key Exchange algorithms are used - weak algorithms | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.18 Ensure only strong Key Exchange algorithms are used - approved algorithms | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.3.18 Ensure only strong Key Exchange algorithms are used - approved algorithms | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.3.18 Ensure only strong Key Exchange algorithms are used - weak algorithms | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.3.18 Ensure only strong Key Exchange algorithms are used - weak algorithms | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.2.3 (L1) Ensure email from external senders is identified | CIS Microsoft 365 Foundations v4.0.0 L1 E3 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 6.10.1.10 Ensure Only Suite B Key Exchange Methods are set for SSH - key-exchange restriction | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| ARST-RT-000760 - The PE router providing MPLS Virtual Private Wire Service (VPWS) must be configured to have the appropriate virtual circuit identification (VC ID) for each attachment circuit. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | CONTINGENCY PLANNING |
| Authentication with Exchange Server | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Authentication with Exchange Server | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Authentication with Exchange Server | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000010 - The Cisco router must be configured to limit the number of concurrent management sessions to an organization-defined number. | DISA STIG Cisco IOS Router NDM v3r2 | Cisco | ACCESS CONTROL |
| CISC-RT-000230 - The Cisco switch must be configured to disable the auxiliary port unless it is connected to a secured modem providing encryption and authentication. | DISA STIG Cisco IOS Switch RTR v3r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000230 - The Cisco switch must be configured to disable the auxiliary port unless it is connected to a secured modem providing encryption and authentication. | DISA STIG Cisco IOS XE Switch RTR v3r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000392 - The Cisco perimeter router must be configured to drop IPv6 undetermined transport packets. | DISA STIG Cisco IOS XE Router RTR v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000392 - The Cisco perimeter switch must be configured to drop IPv6 undetermined transport packets. | DISA STIG Cisco IOS XE Switch RTR v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| Dont allow Dynamic Data Exchange (DDE) server launch in Excel | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| EDGE-00-000001 - User control of proxy settings must be disabled. | DISA STIG Edge v2r2 | Windows | ACCESS CONTROL |
| EDGE-00-000006 - Background processing must be disabled. | DISA STIG Edge v2r2 | Windows | CONFIGURATION MANAGEMENT |
| EDGE-00-000068 - FriendlyURLs must be disabled. | DISA STIG Edge v2r2 | Windows | CONFIGURATION MANAGEMENT |
| JUEX-RT-000950 - The Juniper PE router providing MPLS Virtual Private Wire Service (VPWS) must be configured to have the appropriate virtual circuit identification (VC ID) for each attachment circuit. | DISA Juniper EX Series Router v2r1 | Juniper | CONFIGURATION MANAGEMENT |
