| 1.2.11 Set 'transport input none' for 'line aux 0' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL |
| 1.5.1 (L1) Ensure 'Configure Edge Website Typo Protection' is set to 'Enabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.17.1 (L1) Ensure 'Enable saving passwords to the password manager' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.35 (L1) Ensure 'Allow importing of home page settings' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.38 (L1) Ensure 'Allow importing of search engine settings' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.70 (L1) Ensure 'Configure the Share experience' is set to 'Enabled: Don't allow using the Share experience' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.84 (L1) Ensure 'Enable AutoFill for addresses' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.91 (L2) Ensure 'Enable Drop feature in Microsoft Edge' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 1.92 (L1) Ensure 'Enable Follow service in Microsoft Edge' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.97 (L1) Ensure 'Enable resolution of navigation errors using a web service' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.99 (L1) Ensure 'Enable security warnings for command-line flags' is set to 'Enabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.101 (L1) Ensure 'Enable tab organization suggestions' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.1.6 (L1) Ensure Exchange Online Spam Policies are set to notify administrators | CIS Microsoft 365 Foundations v4.0.0 L1 E3 | microsoft_azure | INCIDENT RESPONSE |
| 2.1.6 (L1) Ensure Exchange Online Spam Policies are set to notify administrators | CIS Microsoft 365 Foundations v4.0.0 L1 E5 | microsoft_azure | INCIDENT RESPONSE |
| 2.2.4.7.2.1.3 Ensure 'Don't allow Dynamic Data Exchange (DDE) server lookup in Excel' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.34 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' and (when Exchange is running in the environment) 'Exchange Servers' (DC only) | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | ACCESS CONTROL |
| 2.2.35 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' and (when Exchange is running in the environment) 'Exchange Servers' (DC only) | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.2.37 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' and (when Exchange is running in the environment) 'Exchange Servers' (DC only) | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.2.38 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' and (when Exchange is running in the environment) 'Exchange Servers' (DC only) | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.38 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' and (when Exchange is running in the environment) 'Exchange Servers' (DC only) | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.49 Ensure 'Manage auditing and security log' is set to 'Administrators' and (when Exchange is running in the environment) 'Exchange Servers' (DC only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.49 Ensure 'Manage auditing and security log' is set to 'Administrators' and (when Exchange is running in the environment) 'Exchange Servers' (DC only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.50 Ensure 'Manage auditing and security log' is set to 'Administrators' and (when Exchange is running in the environment) 'Exchange Servers' (DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.50 Ensure 'Manage auditing and security log' is set to 'Administrators' and (when Exchange is running in the environment) 'Exchange Servers' (DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.5.14.3.19 (L1) Ensure 'Enable RPC encryption' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.12 Limit Accepted Transport Layer Security (TLS) Versions | CIS MySQL 5.7 Community Database L2 v2.0.0 | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.12 Limit Accepted Transport Layer Security (TLS) Versions | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.15 Limit Accepted Transport Layer Security (TLS) Versions | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L2 Database | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.15 Limit Accepted Transport Layer Security (TLS) Versions | CIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L2 MySQL RDBMS | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.15 Ensure only strong Key Exchange algorithms are used | CIS Debian 9 Workstation L1 v1.0.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.15 Ensure only strong Key Exchange algorithms are used - approved algorithms | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.15 Ensure only strong Key Exchange algorithms are used - weak algorithms | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.15 Ensure only strong Key Exchange algorithms are used - weak algorithms | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.15 Ensure only strong Key Exchange algorithms are used - weak Key Exchange algorithms | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.11 Ensure HTTP Strict Transport Security Is Enabled | CIS Apache HTTP Server 2.4 v2.2.0 L2 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Authentication with Exchange Server | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Authentication with Exchange Server | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| CISC-RT-000230 - The Cisco router must be configured to disable the auxiliary port unless it is connected to a secured modem providing encryption and authentication. | DISA STIG Cisco IOS XE Router RTR v3r2 | Cisco | ACCESS CONTROL |
| CISC-RT-000230 - The Cisco router must be configured to disable the auxiliary port unless it is connected to a secured modem providing encryption and authentication. | DISA STIG Cisco IOS Router RTR v3r2 | Cisco | ACCESS CONTROL |
| CISC-RT-000392 - The Cisco perimeter router must be configured to drop IPv6 undetermined transport packets. | DISA STIG Cisco IOS Router RTR v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000392 - The Cisco perimeter switch must be configured to drop IPv6 undetermined transport packets. | DISA STIG Cisco IOS Switch RTR v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO280 - Outlook - Authentication with Exchange Server must be required. | DISA STIG Office 2010 Outlook v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO280 - Outlook must be configured to force authentication when connecting to an Exchange server. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| EDGE-00-000009 - The default search provider must be set to use an encrypted connection. | DISA STIG Edge v2r2 | Windows | CONFIGURATION MANAGEMENT |
| FireEye - Reports are run on a schedule | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| JUSX-DM-000150 - For nonlocal maintenance sessions using SSH, the Juniper SRX Services Gateway must securely configured SSHv2 with privacy options to protect the confidentiality of maintenance and diagnostic communications for nonlocal maintenance sessions. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | MAINTENANCE |
| Minimum TLS version enabled | MSCT Edge v98 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Minimum TLS version enabled | MSCT Edge v107 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Minimum TLS version enabled (deprecated) | MSCT edge v96 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN10-CC-000250 - The Windows Defender SmartScreen filter for Microsoft Edge must be enabled. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
