| 1.6.2 Ensure 'SSH version 2' is enabled | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1 Ensure 'Ad Hoc Distributed Queries' Server Configuration Option is set to '0' | CIS SQL Server 2008 R2 DB Engine L1 v1.7.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 2.1 Ensure 'Ad Hoc Distributed Queries' Server Configuration Option is set to '0' | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.1 Ensure chargen services are not enabled | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.1.2 Ensure systemd-timesyncd is configured - systemctl | CIS Debian Family Workstation L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.1.1.3 Ensure chrony is configured - timesyncd masked | CIS Debian Family Server L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.1.5 Ensure time services are not enabled | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.7 Ensure talk server is not enabled - ntalk | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.10 Ensure xinetd is not enabled | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.11 Ensure IMAP and POP3 server are not installed | CIS Debian Family Workstation L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.3 Ensure Avahi Server is not enabled | CIS Debian 9 Workstation L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.5 Ensure DHCP Server is not enabled | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.5 Ensure DHCP Server is not enabled - isc-dhcp-server6 | CIS Debian 9 Workstation L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.6 Ensure LDAP Server is not enabled | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.6 Ensure RPC is not installed | CIS Debian Family Server L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.7 Ensure NFS and RPC are not enabled - NFS | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.7 Ensure NFS and RPC are not enabled - nfs-server | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.8 Ensure DNS Server is not enabled | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.9 Ensure FTP Server is not enabled | CIS Debian 9 Workstation L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.9 Ensure FTP Server is not enabled | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.10 Ensure HTTP server is not enabled | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.11 Ensure IMAP and POP3 server is not enabled | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.11 Ensure IMAP and POP3 server is not enabled | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.13 Ensure HTTP Proxy Server is not enabled | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.14 Ensure SNMP Server is not enabled | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.16 Ensure rsync service is not enabled | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.17 Ensure NIS Server is not enabled | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.4 Ensure the Status Module Is Disabled | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.7 Ensure 'Remote Admin Connections' Server Configuration Option is set to '0' | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 2.11 Ensure Unnecessary SQL Server Protocols are set to 'Disabled' - 'Named Pipes protocol is disabled' | CIS SQL Server 2008 R2 DB OS L1 v1.7.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.16 Ensure 'xp_cmdshell' Server Configuration Option is set to '0' | CIS SQL Server 2008 R2 DB Engine L1 v1.7.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.1 Ensure DCCP is disabled - lsmod | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.1 Ensure DCCP is disabled - modprobe | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.2 Ensure SCTP is disabled - lsmod | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.2 Ensure SCTP is disabled - modprobe | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.4.4 Ensure TIPC is disabled - lsmod | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.4 Ensure TIPC is disabled - modprobe | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.5.2 Ensure SCTP is disabled - modprobe | CIS Debian Family Server L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.5.3 Ensure RDS is disabled - modprobe | CIS Debian Family Workstation L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 4.2.1.6 Ensure remote rsyslog messages are only accepted on designated log hosts. - InputTCPServerRun 514 | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.1.1 Ensure cron daemon is enabled | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 5.1.1 Ensure cron daemon is enabled and running - is-enabled | CIS Debian Family Workstation L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.8 Ensure the HTTP TRACE Method Is Disabled | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'httpd.conf <VirtualHost> RewriteEngine = on' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'httpd.conf RewriteCond = %{THE_REQUEST} !HTTP/1.1$' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'RewriteEngine on' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.12 Ensure IP Address Based Requests Are Disallowed - Rewrite module not loaded | CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.13 Ensure the IP Addresses for Listening for Requests Are Specified - 'httpd.conf Listen [::ffff:0.0.0.0]:80 does not exists' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 6.2.7 Ensure no users have .netrc files | CIS Debian Family Server L1 v1.0.0 | Unix | ACCESS CONTROL |
| 8.1 Ensure 'SQL Server Browser Service' is configured correctly | CIS SQL Server 2014 Database L1 DB v1.5.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
