| 1.1.1.3 Configure AAA Authentication - RADIUS if applicable | CIS Cisco NX-OS v1.2.0 L1 | Cisco | ACCESS CONTROL |
| 1.1.10 - AirWatch - Turn Off AirDrop Discoverability | AirWatch - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.10 - MobileIron - Turn Off AirDrop Discoverability | MobileIron - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.11 - MobileIron - Turn Off AirDrop Discoverability | MobileIron - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 2.2.1 Enable 'Set time and date automatically' | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.1 Enable 'Set time and date automatically' | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.7 Ensure kernel module loading and unloading is collected | CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.7 Ensure kernel module loading and unloading is collected - auditctl init_module | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.7 Ensure kernel module loading and unloading is collected - auditctl insmod | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.7 Ensure kernel module loading and unloading is collected - init_module | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.7 Ensure kernel module loading and unloading is collected - insmod | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.16 Ensure kernel module loading and unloading is collected - /etc/audit/rules.d modprobe | CIS Fedora 19 Family Linux Workstation L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - /sbin/modprobe | CIS Debian Family Server L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - auditctl /sbin/insmod | CIS Red Hat 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - auditctl /sbin/insmod | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - auditctl /sbin/modprobe | CIS Oracle Linux 6 Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - auditctl /sbin/rmmod | CIS Oracle Linux 6 Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (64-bit) | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - auditctl insmod | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - auditctl modules | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - auditctl modules | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - auditctl rmmod | CIS Fedora 19 Family Linux Workstation L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - auditctl rmmod | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - rmmod | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - rules.d /sbin/modprobe | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - rules.d /sbin/modprobe | CIS Oracle Linux 6 Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - rules.d /sbin/modprobe | CIS Oracle Linux 6 Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - rules.d /sbin/rmmod | CIS Red Hat 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - rules.d /sbin/rmmod | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - rules.d modules | CIS Oracle Linux 6 Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl /sbin/modprobe | CIS Debian 9 Workstation L2 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.3 Ensure the maximum failed login attempts is set to 5 | CIS VMware ESXi 6.7 v1.3.0 Level 1 | VMware | ACCESS CONTROL |
| 5.1.1 Ensure Home Folders Are Secure | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.12 Ensure all HTTP Header Logging options are enabled - X-Forwarded-For | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000560 - The Arista BGP router must be configured to use the maximum prefixes feature to protect against route table flooding and prefix de-aggregation attacks. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| BIND-9X-001611 - Every NS record in a zone file on a BIND 9.x server must point to an active name server and that name server must be authoritative for the domain specified in that record. | DISA BIND 9.x STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| CIS_IBM_DB2_10_v1.1.0_Level_1_OS_Windows.audit from CIS DB2 10.x Windows OS | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | |
| CIS_IBM_DB2_10_v1.1.0_Level_2_OS_Windows.audit from CIS DB2 10.x Windows OS | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | |
| CIS_MongoDB_5_Benchmark_Level_2_OS_Windows_v1.2.0.audit from CIS MongoDB 5 Benchmark | CIS MongoDB 5 L2 OS Windows v1.2.0 | Windows | |
| Configure IPsec Tunnel Parameters - replay-window | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | ACCESS CONTROL |
| DTAVSEL-201 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to receive all patches, service packs and updates from a DoD-managed source. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | CONFIGURATION MANAGEMENT |
| GEN000000-LNX00360 - The X server must have the correct options enabled - '-auth' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN005180 - All .Xauthority files must have mode 0600 or less permissive. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005180 - All .Xauthority files must have mode 0600 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005180 - All .Xauthority files must have mode 0600 or less permissive. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN005190 - The .Xauthority files must not have extended ACLs. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005190 - The .Xauthority files must not have extended ACLs. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-020510 - All .Xauthority files must have mode 0600 or less permissive. | DISA STIG Solaris 11 SPARC v3r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| SOL-11.1-020510 - All .Xauthority files must have mode 0600 or less permissive. | DISA STIG Solaris 11 X86 v3r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| SOL-11.1-020520 - The .Xauthority files must not have extended ACLs. | DISA STIG Solaris 11 X86 v3r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
