| 1.3 Verify no unauthorized kernel modules are loaded on the host | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 2.1 Configure NTP time synchronization | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | AUDIT AND ACCOUNTABILITY |
| 2.2 Configure the ESXi host firewall to restrict access to services running on the host | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | ACCESS CONTROL |
| 2.2 Dedicate the Machine Running MySQL | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2 Dedicate the Machine Running MySQL | CIS MySQL 5.6 Enterprise Linux OS L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2 Dedicate the Machine Running MySQL | CIS MySQL 5.7 Community Linux OS L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.10 Use Dual Passwords to Enable Higher Frequency Password Rotation | CIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L2 MySQL RDBMS | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.11 Lock Out Accounts if Not Currently in Use | CIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L2 MySQL RDBMS | MySQLDB | ACCESS CONTROL |
| 2.12 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L2 MySQL RDBMS | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.16 Require Client-Side Certificates (X.509) | CIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L2 MySQL RDBMS | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1 Configure a centralized location to collect ESXi host core dumps | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 3.2 Configure Host Profiles to monitor and alert on configuration changes | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 3.7 Ensure SSL Key Files Have Appropriate Permissions | CIS MySQL 8.0 Community Linux OS L1 v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.9 Ensure 'audit_log_file' Has Appropriate Permissions | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1 Ensure Prelogin 'Login Banner' is set - Enabled | CIS F5 Networks v1.0.0 L1 | F5 | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure that logging is enabled. - nodetool getlogginglevels | CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1 Ensure that logging is enabled. - nodetool getlogginglevels | CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1 Review Organization's Policies against DB2 RCAC Policies | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | |
| 4.1 Review Organization's Policies against DB2 RCAC Policies | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | |
| 4.3 Enable Auditing of File Metadata Modification Events - AUE_FACLSET : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 Enable Auditing of File Metadata Modification Events - AUE_FCHMOD : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 Establish a password policy for password complexity | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | IDENTIFICATION AND AUTHENTICATION |
| 4.4 Use Active Directory for local user authentication - Enabled = 'true' | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | IDENTIFICATION AND AUTHENTICATION |
| 4.5 Verify Active Directory group membership for the 'ESX Admins' group | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | ACCESS CONTROL |
| 4.9 Ensure 'sql_mode' Contains 'STRICT_ALL_TABLES' | CIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L2 MySQL RDBMS | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 5.1 Ensure all resources are correctly tagged | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | |
| 5.1 Ensure that system activity is audited | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 3.6 L1 Unix Audit v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 7 v1.1.0 L1 MongoDB | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 7 v1.1.0 L1 MongoDB | Windows | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 6 v1.2.0 L1 MongoDB | Unix | AUDIT AND ACCOUNTABILITY |
| 5.4 Enable lockdown mode to restrict remote access | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 5.5 Remove keys from SSH authorized_keys file | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 6.2 Ensure uniqueness of CHAP authentication secrets | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 6.8 Disable Host-based Authentication for Login-based Services - rlogin auth sufficient pam_rhosts_auth.so.1 | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 6.8 Disable Host-based Authentication for Login-based Services - rlogin auth sufficient pam_rhosts_auth.so.1 | CIS Solaris 11 L1 v1.1.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 7.3.1 Ensure that the vSwitch Forged Transmits policy is set to reject | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3.1 Disable unnecessary or superfluous functions inside VMs | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 8.4.2 Control VMsafe Agent Address | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.3 Control VMsafe Agent Port | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.6 Disable BIOS BBS | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.9 Disable Unity Active | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.11 Disable Unity Push Update | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.16 Disable Trash Folder State | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.18 Disable Unity | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.22 Disable Guest Host Interaction Launch Menu | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.5.1 Prevent virtual machines from taking over resources - Num CPU Shares | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 10.1 Ensure All Group Replication Traffic is Secured | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L1 Database | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-snmp - 'snmp.receiver.X.enabled' | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| HONW-09-002300 - The Honeywell Mobility Edge Android Pie device must be configured to disable trust agents. | AirWatch - DISA Honeywell Android 9.x COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
