| 1.45 (L1) Ensure 'Allow remote debugging' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.58 (L2) Ensure 'Browser sign-in settings' is set to 'Enabled: Disable browser sign-in' | CIS Microsoft Edge v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 1.62 (L1) Ensure 'Compose is enabled for writing on the web' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.74 (L2) Ensure 'Control use of the Headless Mode' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 1.87 (L1) Ensure 'Enable component updates in Microsoft Edge' is set to 'Enabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.111 (L2) Ensure 'Enhanced Security Mode configuration for Intranet zone sites' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.114 (L2) Ensure 'Let users snip a Math problem and get the solution with a step-by-step explanation in Microsoft Edge' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 2.2 Ensure 'Protect RE' Firewall Filter includes explicit terms for all Management Services | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.4.7.2.1.2 (L1) Ensure 'Don't allow Dynamic Data Exchange (DDE) server launch in Excel' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.34 Ensure 'Manage auditing and security log' is set to 'Administrators' and (when Exchange is running in the environment) 'Exchange Servers' (DC only) - Exchange Servers (DC only) | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | ACCESS CONTROL |
| 2.5.1.2.3 Ensure 'Enable RPC encryption' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.15 Limit Accepted Transport Layer Security (TLS) Versions | CIS Oracle MySQL Community Server 8.4 v1.0.0 L2 Database | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_ACCEPT : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_CONNECT : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_CONNECT : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_inetd_connect : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_inetd_connect : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_inetd_connect : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_SOCKACCEPT : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_SOCKCONNECT : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_SOCKCONNECT : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 Enable Auditing of File Metadata Modification Events - AUE_FACLSET : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 Enable Auditing of File Metadata Modification Events - AUE_FCHMOD : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 Enable Auditing of File Metadata Modification Events - AUE_FCHOWN : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 Enable Auditing of File Metadata Modification Events - AUE_FCHOWN : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.7 Ensure to set Strong SSH KEY Exchange algorithm | CIS F5 Networks v1.0.0 L1 | F5 | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 5.2.2.3 (L1) Enable Conditional Access policies to block legacy authentication | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 5.2.2.3 (L1) Enable Conditional Access policies to block legacy authentication | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 5.2.15 Ensure only strong Key Exchange algorithms are used - approved algorithms | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.15 Ensure only strong Key Exchange algorithms are used - approved Key Exchange algorithms | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.15 Ensure only strong Key Exchange algorithms are used - weak Key Exchange algorithms | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.8 Disable Host-based Authentication for Login-based Services - rlogin auth sufficient pam_rhosts_auth.so.1 | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 6.8 Disable Host-based Authentication for Login-based Services - rlogin auth sufficient pam_rhosts_auth.so.1 | CIS Solaris 11 L1 v1.1.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 6.8 Disable Host-based Authentication for Login-based Services - rsh auth sufficient pam_rhosts_auth.so.1 | CIS Solaris 11 L1 v1.1.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 6.8 Disable Host-based Authentication for Login-based Services - rsh auth sufficient pam_rhosts_auth.so.1 | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Allow using the deprecated U2F Security Key API (obsolete) | MSCT Edge v107 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| CIS VMware ESXi 5.5 v1.2.0 Level 2 | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | |
| DTOO280 - Outlook must be configured to force authentication when connecting to an Exchange server. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Dynamic Data Exchange | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Dynamic Data Exchange | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Dynamic Data Exchange | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| EDGE-00-000045 - The version of Microsoft Edge running on the system must be a supported version. | DISA STIG Edge v2r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX16-MB-000620 - The Exchange Email application must not share a partition with another application. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX19-MB-000229 - The Exchange email application must not share a partition with another application. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Minimum TLS version enabled | MSCT Microsoft Edge Version 81 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Minimum TLS version enabled | MSCT Edge v86 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Minimum TLS version enabled | MSCT Edge v85 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Minimum TLS version enabled | MSCT Edge v87 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Minimum TLS version enabled | MSCT Edge v91 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-OU-000001 - The Exchange client authentication with Exchange servers must be enabled to use Kerberos Password Authentication. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
