| 1.1.2.3 Ensure 'Authentication with Exchange server.' is set to 'Enabled:Kerberos/NTLM Password Authentication' | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.2.1 (L1) Ensure 'Enable Google Cast' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.96 (L1) Ensure 'Enable profile creation from the Identity flyout menu or the Settings page' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | ACCESS CONTROL |
| 1.113 (L1) Ensure 'In-app support Enabled' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.35 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' (MS only) | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.2.36 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' (MS only) | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.2.38 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' (MS only) | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.2.38 (L1) Ensure 'Manage auditing and security log' is set to 'Administrators' (MS only) | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.2.50 Ensure 'Manage auditing and security log' is set to 'Administrators' (MS only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.51 Ensure 'Manage auditing and security log' is set to 'Administrators' (MS only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure detailed logging is enabled | CIS NGINX Benchmark v2.1.0 L1 Webserver | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure HTTP Strict Transport Security (HSTS) is enabled | CIS NGINX Benchmark v2.1.0 L1 Proxy | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.3 Ensure HSTS (HTTP Strict Transport Security) is enabled | CIS IBM WebSphere Liberty v1.0.0 L1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.5.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | CONFIGURATION MANAGEMENT, RISK ASSESSMENT |
| 18.5.19.2.1 Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.6.19.2.1 (L1) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.6.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Microsoft Windows Server 2016 v3.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.6.19.2.1 Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Microsoft Windows Server 2019 STIG v3.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| CIS VMware ESXi 6.5 v1.0.0 Level 2 | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | |
| Configure Microsoft Defender SmartScreen | MSCT Edge v114 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Microsoft Defender SmartScreen | MSCT Edge v117 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Microsoft Defender SmartScreen | MSCT Microsoft Edge Version 79 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Microsoft Defender SmartScreen | MSCT Microsoft Edge Version 83 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Microsoft Defender SmartScreen | MSCT Edge v85 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Microsoft Defender SmartScreen | MSCT Edge v89 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Configure Microsoft Defender SmartScreen | MSCT Edge v136 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Control which extensions cannot be installed | MSCT Edge v107 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Control which extensions cannot be installed | MSCT Edge v132 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Control which extensions cannot be installed | MSCT Edge v134 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Control which extensions cannot be installed | MSCT Edge v137 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| DTOO426 - Word must be configured to warn when opening a document with custom XML markup. | DISA STIG Microsoft Word 2013 v1r7 | Windows | CONFIGURATION MANAGEMENT |
| Enable browser legacy extension point blocking | MSCT Edge v124 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Enable browser legacy extension point blocking | MSCT Edge v137 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Enable RPC encryption | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Enable RPC encryption | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Enable RPC encryption | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Enable RPC encryption | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Enable RPC encryption | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Enable RPC encryption | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Enable site isolation for every site | MSCT Microsoft Edge Version 81 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Enable site isolation for every site | MSCT Edge v89 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Enable site isolation for every site | MSCT Edge v136 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Enable site isolation for every site | MSCT Edge v137 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| JUSX-VN-000014 - The Juniper SRX Services Gateway VPN must use Encapsulating Security Payload (ESP) in tunnel mode. | DISA Juniper SRX Services Gateway VPN v3r1 | Juniper | CONFIGURATION MANAGEMENT |
| O365-OU-000002 - Outlook must use remote procedure call (RPC) encryption to communicate with Microsoft Exchange servers. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Prevent certificate error overrides | MSCT Windows 10 1909 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Supported authentication schemes | MSCT Edge v133 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Supported authentication schemes | MSCT Edge v135 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Supported authentication schemes | MSCT Edge v137 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN10-CC-000235 - Users must not be allowed to ignore Windows Defender SmartScreen filter warnings for unverified files in Microsoft Edge. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
