| 1.1.2 (L1) Ensure two emergency access accounts have been defined | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | ACCESS CONTROL |
| 1.19 WN19-00-000190 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 1.19 WN19-00-000190 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 1.19 WN22-00-000190 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 1.31 WN22-00-000310 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 1.147 WN16-DC-000020 | CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 1.148 WN19-DC-000020 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 1.187 WN10-SO-000005 | CIS Microsoft Windows 10 STIG v1.0.0 CAT II | Windows | ACCESS CONTROL |
| 1.190 WN10-SO-000020 | CIS Microsoft Windows 10 STIG v1.0.0 CAT II | Windows | ACCESS CONTROL |
| 1.191 WN10-SO-000025 | CIS Microsoft Windows 10 STIG v1.0.0 CAT II | Windows | ACCESS CONTROL |
| 1.208 WN16-SO-000030 | CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 1.208 WN19-SO-000010 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 1.208 WN22-SO-000010 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 1.209 WN16-SO-000040 | CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 1.211 WN22-SO-000040 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 2.1.1.1.5 Set maximimum value for 'ip ssh authentication-retries' | CIS Cisco IOS 12 L1 v4.0.0 | Cisco | ACCESS CONTROL |
| 2.2.17 Ensure 'PDB_OS_CREDENTIAL' is NOT null | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 2.2.17 Ensure 'PDB_OS_CREDENTIAL' is NOT null | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL |
| 2.3.6.4 (L1) Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | ACCESS CONTROL |
| 2.3.6.4 (L1) Ensure 'Domain member: Disable machine account password changes' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | ACCESS CONTROL |
| 3.3 Ensure 'PASSWORD_LIFE_TIME' Is Less than or Equal to '90' | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 4.4 Lock Out Accounts if Not Currently in Use | CIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDB | PostgreSQLDB | ACCESS CONTROL |
| 4.4.2.1.2 Ensure password failed attempts lockout is configured | CIS CentOS Linux 7 v4.0.0 L1 Workstation | Unix | ACCESS CONTROL |
| 4.4.2.1.4 Ensure password failed attempts lockout includes root account | CIS CentOS Linux 7 v4.0.0 L2 Workstation | Unix | ACCESS CONTROL |
| 5.2.1 Ensure Password Account Lockout Threshold Is Configured | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1 | Unix | ACCESS CONTROL |
| 5.2.1 Ensure Password Account Lockout Threshold Is Configured | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1 | Unix | ACCESS CONTROL |
| 5.3.2.1.1 Ensure password failed attempts lockout is configured | CIS SUSE Linux Enterprise 15 v2.0.1 L1 Workstation | Unix | ACCESS CONTROL |
| 5.3.2.1.3 Ensure password failed attempts lockout includes root account | CIS Red Hat Enterprise Linux 10 v1.0.1 L2 Workstation | Unix | ACCESS CONTROL |
| 5.3.2.1.3 Ensure password failed attempts lockout includes root account | CIS Oracle Linux 10 v1.0.0 L2 Server | Unix | ACCESS CONTROL |
| 5.3.3.1.1 Ensure password failed attempts lockout is configured | CIS Red Hat Enterprise Linux 8 v4.0.0 L1 Workstation | Unix | ACCESS CONTROL |
| 5.3.3.1.2 Ensure password unlock time is configured | CIS Red Hat Enterprise Linux 8 v4.0.0 L1 Workstation | Unix | ACCESS CONTROL |
| 5.5 NFS - 'wafl.nt_admin_priv_map_to_root = on' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 5.5.2 Ensure lockout for failed password attempts is configured | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | ACCESS CONTROL |
| 6.1.4 Disable 'Allow guests to connect to shared folders' - SMB Sharing | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | ACCESS CONTROL |
| 6.1.4 Disable 'Allow guests to connect to shared folders' - SMB Sharing | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 6.1.5 Remove Guest home folder | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 6.9 Ensure that 'Number of days before users are asked to re-confirm their authentication information' is not set to '0' | CIS Microsoft Azure Foundations v4.0.0 L1 | microsoft_azure | ACCESS CONTROL |
| 7.2.11 (L1) Ensure the SharePoint default sharing link permission is set | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | ACCESS CONTROL |
| 8.5.4 (L1) Ensure users dialing in can't bypass the lobby | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | ACCESS CONTROL |
| 8.5.7 (L1) Ensure external participants can't give or request control | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | ACCESS CONTROL |
| 8.5.7 (L1) Ensure external participants can't give or request control | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | ACCESS CONTROL |
| 18.10.13.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | ACCESS CONTROL |
| 18.10.13.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | ACCESS CONTROL |
| 18.10.13.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | ACCESS CONTROL |
| 18.10.13.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | ACCESS CONTROL |
| Brocade - administrator account is enabled with admin role assigned | Tenable Best Practices Brocade FabricOS | Brocade | ACCESS CONTROL |
| Fortigate - Ensure default admin usernames are not used | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | ACCESS CONTROL |
| Review Users per Rackspace Database Instance | Tenable Best Practices RackSpace v2.0.0 | Rackspace | ACCESS CONTROL |
| Salesforce.com : Monitoring Login History - 'No users are password locked' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : Setting Session Security - 'PermissionsPasswordNeverExpires = true' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
