| 1.2.2 Ensure that the --token-auth-file parameter is not set | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.2.2 Ensure that the --token-auth-file parameter is not set | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.2.2 Ensure that the --token-auth-file parameter is not set | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.2.2 Ensure that the --token-auth-file parameter is not set | CIS Kubernetes v1.11.1 L1 Master Node | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.2.3 Ensure that the DenyServiceExternalIPs is set | CIS Kubernetes v1.11.1 L1 Master Node | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.2.3 Limit SSH Login Attempts to 3 or less | CIS Cisco NX-OS v1.2.0 L1 | Cisco | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.2.4 Ensure Exec Timeout for Console Sessions is set for less than 10 | CIS Cisco NX-OS v1.2.0 L1 | Cisco | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.2.5 Ensure Exec Timeout for Remote Administrative Sessions (VTY) is set to less than 10 | CIS Cisco NX-OS v1.2.0 L1 | Cisco | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.3 (L1) Host hardware must enable Intel TXT, if available | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.4 (L1) Host hardware must enable and configure a TPM 2.0 | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.6 (L1) Host integrated hardware management controller must enable time synchronization | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.6.4 Ensure 'SCP protocol' is set to Enable for files transfers | CIS Cisco ASA 9.x Firewall L2 v1.1.0 | Cisco | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.6.5 Ensure 'Telnet' is disabled | CIS Cisco ASA 9.x Firewall L1 v1.1.0 | Cisco | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.7.1 Ensure 'HTTP source restriction' is set to an authorized IP address | CIS Cisco ASA 9.x Firewall L2 v1.1.0 | Cisco | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.9.1 Configure SNMPv3 | CIS Cisco NX-OS v1.2.0 L1 | Cisco | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.9.4 Ensure Read Write privileges are not configured for SNMP | CIS Cisco NX-OS v1.2.0 L1 | Cisco | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.10 (L2) Host hardware must enable Intel SGX, if available | CIS VMware ESXi 8.0 v1.2.0 L2 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.10 Use Dedicated "mgmt" Interface and VRF for Administrative Functions | CIS Cisco NX-OS v1.2.0 L2 | Cisco | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 2.6.7 Audit Lockdown Mode | CIS Apple macOS 13.0 Ventura v3.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 2.6.7 Audit Lockdown Mode | CIS Apple macOS 14.0 Sonoma v2.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 2.11 (L1) Host must use sufficient entropy for cryptographic operations | CIS VMware ESXi 8.0 v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 2.12 (L2) Host must enable volatile key destruction | CIS VMware ESXi 8.0 v1.2.0 L2 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 3.6.1.1 OpenSSH - Installation | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 3.24 (L1) Host must display a login banner for the DCUI and Host Client | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 3.25 (L1) Host must display a login banner for SSH connections | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 4.3.3 daemon | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| 4.6.3.1 Ensure latest version of openssh is installed | CIS IBM AIX 7 v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 4.6.3.12 Ensure sshd MaxAuthTries is configured | CIS IBM AIX 7 v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 4.6.3.13 Ensure sshd PermitEmptyPasswords is disabled | CIS IBM AIX 7 v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 4.6.3.15 Ensure sshd PermitRootLogin is disabled | CIS IBM AIX 7 v1.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 6.2.10 Ensure no users have .netrc files | CIS SUSE Linux Enterprise 12 v3.2.1 L1 Server | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 6.2.12 Ensure no users have .netrc files | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 6.2.16 Ensure no users have .netrc files | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 6.2.16 Ensure no users have .netrc files | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 6.2.16 Ensure no users have .netrc files | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 6.5.4 (L1) Host SSH daemon, if enabled, must not allow host-based authentication | CIS VMware ESXi 8.0 v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 6.5.5 (L1) Host SSH daemon, if enabled, must set a timeout count on idle sessions | CIS VMware ESXi 8.0 v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 6.5.6 (L1) Host SSH daemon, if enabled, must set a timeout interval on idle sessions | CIS VMware ESXi 8.0 v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 6.5.7 (L1) Host SSH daemon, if enabled, must display the system login banner before granting access | CIS VMware ESXi 8.0 v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 6.5.8 (L1) Host SSH daemon, if enabled, must ignore .rhosts files | CIS VMware ESXi 8.0 v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 6.5.9 (L1) Host SSH daemon, if enabled, must disable stream local forwarding | CIS VMware ESXi 8.0 v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 6.5.11 (L1) Host SSH daemon, if enabled, must not permit tunnels | CIS VMware ESXi 8.0 v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 6.5.12 (L1) Host SSH daemon, if enabled, must not permit user environment settings | CIS VMware ESXi 8.0 v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 8.3.3 (L1) Ensure secure protocols are used for virtual serial port access | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 8.4 (L2) VMware Tools on deployed virtual machines must prevent being recustomized | CIS VMware ESXi 8.0 v1.2.0 L2 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 10.1 Ensure Web content directory is on a separate partition from the Tomcat system files | CIS Apache Tomcat 11 v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 10.1 Ensure Web content directory is on a separate partition from the Tomcat system files | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 10.1 Ensure Web content directory is on a separate partition from the Tomcat system files | CIS Apache Tomcat 10.1 v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Verify remote disconnection of sessions | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | MAINTENANCE |
| Catalina - Verify remote disconnection of sessions | NIST macOS Catalina v1.5.0 - All Profiles | Unix | MAINTENANCE |
