| 1.1.3 (L1) Ensure that between two and four global admins are designated | CIS Microsoft 365 Foundations v4.0.0 L1 E5 | microsoft_azure | ACCESS CONTROL |
| 2.2.26 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only) | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.2.27 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'Administrators' (DC only) | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.2.27 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only) | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.2.29 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 3.10 Secure MySQL Keyring - keyring_file_data_path | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1 - System Administration Methods - CLI Session Timeout | NetApp Security Hardening Guide for ONTAP 9 v1.7.0 | Netapp_API | |
| 4.1 Create a user for the container | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | ACCESS CONTROL |
| 4.1 Create a user for the container | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | ACCESS CONTROL |
| 4.1 Create a user for the container | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | |
| 4.1 Ensure All Default Passwords Are Changed | CIS Oracle Database 23ai v1.0.0 L1 RDBMS | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 4.1 Ensure All Default Passwords Are Changed | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 4.1 Ensure All Default Passwords Are Changed | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 4.1 Ensure Bonjour Advertising Services Is Disabled | CIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure Bonjour Advertising Services Is Disabled | CIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure Bonjour Advertising Services Is Disabled | CIS Apple macOS 15.0 Sequoia v1.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure Bonjour Advertising Services Is Disabled | CIS Apple macOS 10.14 v2.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure Device is not Obviously Jailbroken | AirWatch - CIS Apple iOS 10 v2.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 4.1 Ensure device is not obviously jailbroken | AirWatch - CIS Apple iOS 12 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 4.1 Ensure device is not obviously jailbroken | MobileIron - CIS Apple iOS 12 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 4.1 Ensure device is not obviously jailbroken | AirWatch - CIS Apple iOS 12 v1.0.0 Institution Owned L1 | MDM | ACCESS CONTROL |
| 4.1 Ensure device is not obviously jailbroken | AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.1 Ensure device is not obviously jailbroken | AirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.1 Ensure device is not obviously jailbroken | MobileIron - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.1 Ensure Device is not Obviously Jailbroken | MobileIron - CIS Apple iOS 10 v2.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 4.1 Ensure Device is not Obviously Jailbroken | AirWatch - CIS Apple iOS 10 v2.0.0 Institution Owned L1 | MDM | ACCESS CONTROL |
| 4.1 Ensure Device is not Obviously Jailbroken | MobileIron - CIS Apple iOS 10 v2.0.0 Institution Owned L1 | MDM | ACCESS CONTROL |
| 4.1 Ensure device is not obviously jailbroken | AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.1 Ensure device is not obviously jailbroken | MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 5 L2 OS Windows v1.2.0 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure that logging is enabled. - logback.xml | CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1 Restrict Core Dumps - 'hard core 0' | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | ACCESS CONTROL |
| 4.2 Enable Auditing of Incoming Network Connections | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.9 Ensure 'sql_mode' Contains 'STRICT_ALL_TABLES' | CIS MySQL 5.6 Enterprise Database L2 v2.0.0 | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.9 Ensure 'sql_mode' Contains 'STRICT_ALL_TABLES' | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 5.1 Do not disable AppArmor Profile | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | ACCESS CONTROL |
| 5.1 MultiStore - 'MultiStore protocol is disabled' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 5.1.4 Ensure an Inventory of Administrator accounts is established and maintained | CIS IBM AIX 7 v1.0.0 L1 | Unix | ACCESS CONTROL |
| 5.3.3 Ensure server parameter 'audit_log_enabled' is set to 'ON' for MySQL flexible server | CIS Microsoft Azure Foundations v3.0.0 L2 | microsoft_azure | AUDIT AND ACCOUNTABILITY |
| 8.3 Set Maximum Connection Limits for Server and per User | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 8.3 Set Maximum Connection Limits for Server and per User | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 8.3 Set Maximum Connection Limits for Server and per User | CIS MySQL 8.0 Community Database L1 v1.1.0 | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3 Set Maximum Connection Limits for Server and per User | CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 Database | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.4 Ensure 'super_priv' Is Not Set to 'Y' for Replication Users | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| GOOG-10-002300 - Google Android 10 must be configured to disable trust agents. Note: This requirement is not applicable (NA) for specific biometric authentication factors included in the products Common Criteria evaluation - NA for specific biometric authentication factors included in the products Common Criteria evaluation. | AirWatch - DISA Google Android 10.x v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-007200 - Google Android 14 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | AirWatch - DISA Google Android 14 COPE v2r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| MSFT-11-002300 - Microsoft Android 11 must be configured to disable trust agents. Note: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation - NA for specific biometric authentication factors included in the products Common Criteria evaluation. | AirWatch - DISA Microsoft Android 11 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MYS8-00-007500 - The MySQL Database Server 8.0 and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | SYSTEM AND INFORMATION INTEGRITY |
| ZEBR-11-002300 - Zebra Android 11 must be configured to disable trust agents - NA for specific biometric authentication factors included in the products Common Criteria evaluation. | AirWatch - DISA Zebra Android 11 COBO v1r3 | MDM | CONFIGURATION MANAGEMENT |
