| 1.2 Verify Image Profile and VIB Acceptance Levels | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 1.4 Ensure that the Forged Transmits policy is set to reject | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.22 Ensure 'Wi-Fi assistant' is set to 'Disabled' | MobileIron - CIS Google Android v1.3.0 L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.2.25 Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'Administrators' (DC only) - Administrators (DC only) | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | ACCESS CONTROL |
| 2.2.26 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'Administrators' (DC only) | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.2.26 Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only) - No One | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.2.27 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'Administrators' (DC only) | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.2.27 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | ACCESS CONTROL |
| 2.2.27 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.2.27 Ensure 'Force shutdown from a remote system' is set to 'Administrators' - Administrators | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | ACCESS CONTROL |
| 2.2.27 Ensure 'Force shutdown from a remote system' is set to 'Administrators' - Administrators | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.2.28 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only) | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.2.28 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' (MS only) | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.2.29 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.2.29 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.2.29 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | ACCESS CONTROL |
| 4.1 Ensure Bonjour Advertising Services Is Disabled | CIS Apple macOS 12.0 Monterey v4.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure Bonjour Advertising Services Is Disabled | CIS Apple macOS 13.0 Ventura v3.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure the vpxuser account's password is automatically changed every 10 or fewer days | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | IDENTIFICATION AND AUTHENTICATION |
| 4.4 Ensure only authorized users and groups belong to the esxAdminsGroup group | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | ACCESS CONTROL |
| 5.1 Ensure that system activity is audited | CIS MongoDB 3.2 L1 Unix Audit v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure 'PROCESS' is Not Granted to Non-Administrative Users | CIS MySQL 5.6 Community Database L2 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 5.3 Ensure 'PROCESS' is Not Granted to Non-Administrative Users | CIS MySQL 5.7 Community Database L2 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 5.3 Ensure 'PROCESS' is Not Granted to Non-Administrative Users | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 5.8 Set DCUI.Access to allow trusted users to override lockdown mode | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | ACCESS CONTROL |
| 7.1 Ensure default_authentication_plugin is Set to a Secure Option | CIS MySQL 8.0 Community Database L1 v1.1.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure default_authentication_plugin is Set to a Secure Option | CIS MySQL 8.4 Enterprise v1.0.0 L1 Database | MySQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2.2 Ensure that port groups are not configured to VLAN 4095 except for Virtual Guest Tagging (VGT) | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 7.2.3 Ensure that port groups are not configured to VLAN values reserved by upstream physical switches | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 7.3 Ensure 'sql_mode' Contains 'NO_AUTO_CREATE_USER' - %PROGRAMDATA%\MySQL\MySQL Server 5.7\my.cnf | CIS MySQL 5.7 Community Windows OS L1 v2.0.0 | Windows | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 7.3 Ensure 'sql_mode' Contains 'NO_AUTO_CREATE_USER' - %PROGRAMDATA%\MySQL\MySQL Server 5.7\my.ini | CIS MySQL 5.7 Community Windows OS L1 v2.0.0 | Windows | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 7.3 Ensure 'sql_mode' Contains 'NO_AUTO_CREATE_USER' - %PROGRAMDATA%\MySQL\MySQL Server 5.7\my.ini | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 8.1.1 Disable VM communication through VMCI | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1.2 Limit informational messages from the VM to the VMX file | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | AUDIT AND ACCOUNTABILITY |
| 8.2.2 Disconnect unauthorized devices - CD/DVD Devices | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 8.2.4 Disconnect unauthorized devices - Serial Devices | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 8.3.2 Minimize use of the VM console | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 8.4.5 Disable Autologon | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | ACCESS CONTROL |
| 8.4.14 Disable Shell Action | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.19 Disable Unity Interlock | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.28 Disable VM Console Paste operations | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 8.6.2 Disable virtual disk shrinking | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.7.1 Disable VMware Tools auto install | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 8.7.4 Limit number of VM log files | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | AUDIT AND ACCOUNTABILITY |
| 8.7.5 Limit VM log file size | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | AUDIT AND ACCOUNTABILITY |
| 9.4 Ensure 'super_priv' Is Not Set to 'Y' for Replication Users | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| ESXi : config-snmp - 'snmp.receiver.X.community' | VMWare vSphere 5.X Hardening Guide | VMware | IDENTIFICATION AND AUTHENTICATION |
| GOOG-14-007200 - Google Android 14 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | MobileIron - DISA Google Android 14 COPE v2r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-14-707200 - Google Android 14 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | MobileIron - DISA Google Android 14 BYOAD v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-15-007200 - Google Android 15 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
