| 1.3 Do not use development tools in production | CIS Docker 1.6 v1.0.0 L1 Linux | Unix | CONFIGURATION MANAGEMENT |
| 1.3 Ensure 'Directory browsing' is set to Disabled | CIS IIS 10 v1.2.1 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4 Ensure 'application pool identity' is configured for all application pools | CIS IIS 10 v1.2.1 Level 1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.1 Ensure 'global authorization rule' is set to restrict access | CIS IIS 10 v1.2.1 Level 1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 2.5 Ensure 'cookie protection mode' is configured for forms authentication - Applications | CIS IIS 10 v1.2.1 Level 1 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5 Ensure 'cookie protection mode' is configured for forms authentication - Default | CIS IIS 10 v1.2.1 Level 1 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.9 Ensure the default ulimit is configured appropriately | CIS Docker v1.8.0 L1 OS Linux | Unix | CONFIGURATION MANAGEMENT |
| 2.16 Ensure live restore is enabled | CIS Docker v1.8.0 L1 OS Linux | Unix | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.8 Ensure Handler is not granted Write and Script/Execute - Applications | CIS IIS 10 v1.2.1 Level 1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.8 Ensure Handler is not granted Write and Script/Execute - Default | CIS IIS 10 v1.2.1 Level 1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 7.1 Ensure HSTS Header is set - Server | CIS IIS 10 v1.2.1 Level 2 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure HSTS Header is set - Sites | CIS IIS 10 v1.2.1 Level 2 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
