| 2.1.1.6 Audit Find My Mac | CIS Apple macOS 14.0 Sonoma v2.0.0 L2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured' | MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured' | MobileIron - CIS Apple iOS 18 v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured' | AirWatch - CIS Apple iOS 18 Benchmark v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured' | AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured' | MobileIron - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured' | MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured' | AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured' | MobileIron - CIS Apple iOS 17 v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.14 Audit Dictation | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured' | AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured' | MobileIron - CIS Apple iOS 17 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured' | MobileIron - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured' | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured' | MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured' | AirWatch - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured' | MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured' | AirWatch - CIS Apple iOS 18 Benchmark v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/apparmor | CIS Debian Family Workstation L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/apparmor | CIS Debian Family Server L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/apparmor.d | CIS Debian Family Workstation L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/apparmor.d | CIS Debian Family Server L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/apparmor.d/ | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - /usr/share/selinux | CIS Debian Family Server L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - /usr/share/selinux | CIS Debian Family Workstation L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/apparmor.d | CIS Debian Family Server L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/apparmor.d | CIS Debian Family Workstation L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/apparmor/ | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/selinux | CIS Debian Family Server L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/selinux | CIS Debian Family Workstation L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /usr/share/selinux | CIS Debian Family Server L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.6 Ensure nfs server is not running | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 7.10 Repairing permissions is no longer needed | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-010850 - Apple iOS/iPadOS 17 must implement the management setting: not allow use of iPhone widgets on Mac. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-010850 - Apple iOS/iPadOS 18 must implement the management setting: not allow use of iPhone widgets on Mac. | MobileIron - DISA Apple iOS/iPadOS 18 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| Big Sur - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Catalina v1.5.0 - All Profiles | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000720 - The Cisco PE router must be configured to limit the number of MAC addresses it can learn for each Virtual Private LAN Services (VPLS) bridge domain. | DISA STIG Cisco IOS XE Router RTR v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| DISA_STIG_JRE_8_Windows_v2r1.audit for DISA Oracle Java Runtime Environment (JRE) Version 8 for Windows v2r1 STIG | DISA STIG Oracle JRE 8 Windows v2r1 | Windows | |
| DISA_STIG_McAfee_VirusScan_8.8_Managed_Client_v6r1.audit from DISA McAfee VirusScan 8.8 Managed Client Security Technical implementation Guide v6r1 STIG | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | |
| DISA_STIG_Microsoft_Office_Access_2016_v1r1.audit for Microsoft Office Access 2016, from DISA STIG Microsoft Office Access 2016 v1r1 | DISA STIG Microsoft Office Access 2016 v1r1 | Windows | |
| Dynamic ARP Protection - global | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN002860 - Audit logs must be rotated daily. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| Monterey - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Monterey v1.0.0 - All Profiles | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Configure System to Fail to a Known Safe State if System Initialization, Shutdown, or Abort Fails | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
