| 1.1.8 - AirWatch - Forget Wi-Fi networks to prevent automatic rejoin | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.8.2 Ensure GDM login banner is configured | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 1.8.2 Ensure GDM login banner is configured - banner message enabled | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.8.2 Ensure GDM login banner is configured - system-db:gdm | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1.3.1 Ensure changes to system administration scope (sudoers) is collected | CIS CentOS Linux 8 Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.1 Ensure changes to system administration scope (sudoers) is collected | CIS CentOS Linux 8 Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.1 Ensure changes to system administration scope (sudoers) is collected | CIS Fedora 28 Family Linux Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/apparmor.d/ | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/apparmor.d/ | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/apparmor/ | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - /usr/share/selinux/ | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - /usr/share/selinux/ | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/apparmor.d/ | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/selinux/ | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /usr/share/selinux/ | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /usr/share/selinux/ | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.2.3.1 Ensure changes to system administration scope (sudoers) is collected | CIS Rocky Linux 8 Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.1 Ensure changes to system administration scope (sudoers) is collected | CIS Red Hat EL8 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.1 Ensure changes to system administration scope (sudoers) is collected | CIS Red Hat EL8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.1 Ensure changes to system administration scope (sudoers) is collected | CIS Debian 10 Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.1 Ensure changes to system administration scope (sudoers) is collected | CIS CentOS Linux 7 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.1 Ensure changes to system administration scope (sudoers) is collected | CIS Ubuntu Linux 20.04 LTS Server L2 v2.0.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.1 Ensure changes to system administration scope (sudoers) is collected | CIS Ubuntu Linux 18.04 LTS v2.2.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.1 Ensure changes to system administration scope (sudoers) is collected | CIS Ubuntu Linux 18.04 LTS v2.2.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.1 Ensure changes to system administration scope (sudoers) is collected | CIS Amazon Linux 2 v3.0.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.5 Ensure events that modify the system's network environment are collected | CIS Ubuntu Linux 20.04 LTS Server L2 v2.0.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.5 Ensure events that modify the system's network environment are collected | CIS Debian 10 Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.1 Ensure changes to system administration scope (sudoers) is collected | CIS Debian Linux 12 v1.1.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.1 Ensure changes to system administration scope (sudoers) is collected | CIS Debian Linux 12 v1.1.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 9.0.4 DB2 Activity Monitor Utility | CIS IBM DB2 OS L1 v1.2.0 | Unix | |
| 11.1 Ensure SELinux Is Enabled in Enforcing Mode | CIS Apache HTTP Server 2.4 v2.2.0 L2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 12.14 All database objects - 'Monitor' | CIS v1.1.0 Oracle 11g OS L1 | Unix | |
| 18.5.11.2 Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.5.11.2 Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.5.11.2 Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL |
| 18.5.11.2 Ensure 'Prohibit installation and configuration of Network Bridge on your DNS domain network' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 18.8.7.1.6 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked) | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.8.7.1.6 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked) | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-80-000201 - The ESXi host lockdown mode exception users list must be verified. | DISA VMware vSphere 8.0 ESXi STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
| RHEL-07-010291 - The Red Hat Enterprise Linux operating system must not have accounts configured with blank or null passwords. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-021340 - The Red Hat Enterprise Linux operating system must use a separate file system for /tmp (or equivalent). | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-030740 - The Red Hat Enterprise Linux operating system must audit all uses of the mount command and syscall. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SOL-11.1-020030 - The operating system must protect audit tools from unauthorized access. | DISA STIG Solaris 11 X86 v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-020030 - The operating system must protect audit tools from unauthorized access. | DISA STIG Solaris 11 SPARC v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-020040 - The operating system must protect audit tools from unauthorized modification. | DISA STIG Solaris 11 SPARC v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-020050 - The operating system must protect audit tools from unauthorized deletion. | DISA STIG Solaris 11 SPARC v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-020050 - The operating system must protect audit tools from unauthorized deletion. | DISA STIG Solaris 11 X86 v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-020080 - System packages must be configured with the vendor-provided files, permissions, and ownerships. | DISA STIG Solaris 11 X86 v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SPLK-CL-000175 - Splunk Enterprise forwarders must be configured with Indexer Acknowledgement enabled. | DISA STIG Splunk Enterprise 7.x for Windows v3r1 OS | Windows | CONFIGURATION MANAGEMENT |
| WG610 W22 - Web sites must utilize ports, protocols, and services according to PPSM guidelines. | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | |
