| 1.1 Create local-settings.js file - general.config.filename | CIS Mozilla Firefox 102 ESR Linux L1 v1.0.0 | Unix | ACCESS CONTROL |
| 1.2 Use Dedicated Least Privileged Account for MySQL Daemon/Service | CIS MySQL 5.7 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL |
| 1.4 Configure 'Do not allow users to enable or disable add- ons' | CIS IE 9 v1.0.0 | Windows | ACCESS CONTROL |
| 1.10 Limit the number of users with ACCOUNTADMIN and SECURITYADMIN | CIS Snowflake Foundations v1.0.0 L1 | Snowflake | ACCESS CONTROL |
| 2.1.3 Ensure chrony is not run as the root user | CIS Amazon Linux 2 v3.0.0 L1 | Unix | ACCESS CONTROL |
| 2.1.3 Ensure chrony is not run as the root user | CIS Rocky Linux 8 Server L1 v2.0.0 | Unix | ACCESS CONTROL |
| 2.2 Configure the ESXi host firewall to restrict access to services running on the host | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | ACCESS CONTROL |
| 2.2 Configure the ESXi host firewall to restrict access to services running on the host | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | ACCESS CONTROL |
| 2.3.3 Ensure chrony is not run as the root user | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL |
| 2.3.3 Ensure chrony is not run as the root user | CIS Rocky Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL |
| 2.3.3 Ensure chrony is not run as the root user | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL |
| 3.1 Configure 'Prevent Deleting Cookies' | CIS IE 9 v1.0.0 | Windows | ACCESS CONTROL |
| 3.11 Ensure 'encryption providers' are locked down | CIS IIS 8.0 v1.5.1 Level 2 | Windows | ACCESS CONTROL |
| 3.11 Ensure 'encryption providers' are locked down | CIS IIS 7 L2 v1.8.0 | Windows | ACCESS CONTROL |
| 4 - Restrict access to $JETTY_HOME - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 4.1 Create a user for the container | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | ACCESS CONTROL |
| 4.2 Restrict access to $CATALINA_BASE | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 4.3 Restrict access to Tomcat configuration directory | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 4.3 Restrict access to Tomcat configuration directory | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL |
| 4.5.4 Ensure 'ALL' Is Revoked from Unauthorized 'GRANTEE' on 'SYS.USER$' | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | ACCESS CONTROL |
| 4.8 Ensure Handler is not granted Write and Script/Execute - Default | CIS IIS 7 L1 v1.8.0 | Windows | ACCESS CONTROL |
| 4.10 Restrict access to Tomcat context.xml | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL |
| 5.1 Set Sticky Bit on World Writable Directories | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 5.1.3 Check System folder for world writable files | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 5.4 CIFS - 'cifs.restrict_anonymous = 2' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 5.6 Set 'Disable changing certificate settings' to 'Enabled' | CIS IE 11 v1.0.0 | Windows | ACCESS CONTROL |
| 5.7 Do not enable the 'root' account | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 5.8 Do not enable the 'root' account - root account | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | ACCESS CONTROL |
| 6.12 Restrict Access to SYSCAT.SECURITYPOLICIES | CIS IBM DB2 v10 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL |
| 6.19 Restrict Access to SYSCAT.SCHEMATA | CIS IBM DB2 v10 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL |
| 6.20 Restrict Access to SYSCAT.SEQUENCEAUTH | CIS IBM DB2 v10 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL |
| 7.1 Disable System Accounts - Ensure account 'gdm' is locked. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.1 Disable System Accounts - Ensure account 'sys' disallows password login | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.1 Disable System Accounts - should pass if the default shell for 'lp' is set to /usr/bin/false. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.1 Disable System Accounts - should pass if the default shell for 'uucp' is set to /usr/bin/false. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 8.1 Restrict runtime access to sensitive packages | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 8.2 Restrict access to starting and stopping the DB2 administration server | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Windows | Windows | ACCESS CONTROL |
| 8.5.2 Ensure anonymous users and dial-in callers can't start a meeting | CIS Microsoft 365 Foundations E3 L1 v3.1.0 | microsoft_azure | ACCESS CONTROL |
| 9.6 Ensure root PATH Integrity - writeable dir in path | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 9.22 Find World Writable Files | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 10.14 Do not allow symbolic linking | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 12.7 Find World Writable Files | CIS Debian Linux 7 L1 v1.0.0 | Unix | ACCESS CONTROL |
| 18 - Restrict access to context.xml - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 18 - Restrict access to context.xml - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 18.4.9 (L1) Ensure 'Remove 'Run as Different User' from context menus' is set to 'Enabled (recommended)' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | ACCESS CONTROL |
| 20.29 Ensure 'FTP servers are configured to prevent access to the system drive' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 20.51 Ensure 'Permissions for the system drive root directory must conform to minimum requirements' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 20.51 Ensure 'Permissions for the system drive root directory must conform to minimum requirements' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 21 - Restrict access to users.xml - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 45 - Restrict runtime access to sensitive packages | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
