| 1.3.2 Ensure 'Maximum lifetime for service ticket' is set to '600 or fewer minutes, but not 0' (STIG DC only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.3.2 Ensure 'Maximum lifetime for service ticket' is set to '600 or fewer minutes, but not 0' (STIG DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.3.2 Ensure 'Maximum lifetime for service ticket' is set to '600 or fewer minutes, but not 0' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.3.3 Ensure 'Maximum lifetime for user ticket' is set to '10 or fewer hours, but not 0' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.3.3 Ensure 'Maximum lifetime for user ticket' is set to '10 or fewer hours, but not 0' (STIG DC only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.3.3 Ensure 'Maximum lifetime for user ticket' is set to '10 or fewer hours, but not 0' (STIG DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG DC & MS only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG DC & MS only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG DC & MS only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG DC & MS only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.3.10.3 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled' (STIG DC & MS only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.3.10.3 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled' (STIG DC & MS only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.3.10.7 (L1) Configure 'Network access: Remotely accessible registry paths' is configured | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.10.7 (L1) Ensure 'Network access: Remotely accessible registry paths' is configured | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | ACCESS CONTROL |
| 2.3.10.7 (L1) Ensure 'Network access: Remotely accessible registry paths' is configured | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | ACCESS CONTROL |
| 2.3.10.7 (L1) Ensure 'Network access: Remotely accessible registry paths' is configured | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | ACCESS CONTROL |
| 2.3.10.7 Ensure 'Network access: Remotely accessible registry paths' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 2.3.10.8 (L1) Configure 'Network access: Remotely accessible registry paths' is configured | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | ACCESS CONTROL |
| 2.3.10.8 (L1) Configure 'Network access: Remotely accessible registry paths' is configured | CIS Microsoft Windows Server 2016 v3.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.10.8 (L1) Configure 'Network access: Remotely accessible registry paths' is configured | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | ACCESS CONTROL |
| 2.3.10.8 (L1) Configure 'Network access: Remotely accessible registry paths' is configured | CIS Microsoft Windows Server 2019 v3.0.1 L1 MS | Windows | ACCESS CONTROL |
| 2.3.10.8 (L1) Configure 'Network access: Remotely accessible registry paths' is configured | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.3.10.8 (L1) Ensure 'Network access: Remotely accessible registry paths' is configured | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.10.8 (L1) Ensure 'Network access: Remotely accessible registry paths' is configured | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | ACCESS CONTROL |
| 2.3.10.8 Configure 'Network access: Remotely accessible registry paths and sub-paths' is configured - Network access: Remotely accessible registry paths and sub-paths is configured | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.10.8 Configure 'Network access: Remotely accessible registry paths and sub-paths' is configured - Network access: Remotely accessible registry paths and sub-paths is configured | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | ACCESS CONTROL |
| 2.3.10.10 Configure 'Network access: Remotely accessible registry paths' is configured | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | ACCESS CONTROL |
| 17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG Only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG Only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.4.1 (L1) Ensure 'Encryption Oracle Remediation' is set to 'Enabled: Force Updated Clients' | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.4.1 (L1) Ensure 'Encryption Oracle Remediation' is set to 'Enabled: Force Updated Clients' | CIS Microsoft Windows Server 2019 v3.0.1 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.51.1.1 Ensure 'Configure Windows NTP Client' is set to 'Enabled: NT5DS' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.51.1.1 Ensure 'Configure Windows NTP Client' is set to 'Enabled: NT5DS' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 20.21 Ensure 'DoD Root Certificate Authority (CA) certificates' are installed in the 'Trusted Root Store' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Choose drive encryption method and cipher strength | MSCT Windows 10 v1507 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| F5BI-AP-000231 - The F5 BIG-IP appliance must be configured to deny access when revocation data is unavailable using OCSP. | DISA F5 BIG-IP Access Policy Manager STIG v2r4 | F5 | IDENTIFICATION AND AUTHENTICATION |
| WA00520 A22 - The web server must not be configured as a proxy server. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | |
| WN10-00-000165 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB server. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000165 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB server. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000170 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB server. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000170 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB server. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN16-00-000411 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB server. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | CONFIGURATION MANAGEMENT |
| WN19-00-000390 - Windows Server 2019 must have the Server Message Block (SMB) v1 protocol disabled on the SMB server. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN19-DC-000070 - Windows Server 2019 permissions on the Active Directory data files must only allow System and Administrators access. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL |
| WN19-DC-000110 - Windows Server 2019 organization created Active Directory Organizational Unit (OU) objects must have proper access control permissions. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL |
| WN22-00-000390 - Windows Server 2022 must have the Server Message Block (SMB) v1 protocol disabled on the SMB server. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-DC-000070 - Windows Server 2022 permissions on the Active Directory data files must only allow System and Administrators access. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| WN22-DC-000110 - Windows Server 2022 organization created Active Directory Organizational Unit (OU) objects must have proper access control permissions. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL |
