| 1.1.1 - AirWatch - Update 'firmware' to latest version | AirWatch - CIS Google Android 4 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 1.1.1 - AirWatch - Update firmware to latest version | AirWatch - CIS Apple iOS 9 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 1.1.1 - AirWatch - Update firmware to latest version | AirWatch - CIS Apple iOS 8 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 1.2.1.2 Ensure hosts can give participants the permission to record locally is set to enabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.20 Ensure 'Scan device for security threats' is set to Enabled | MobileIron - CIS Google Android 7 v1.0.0 L1 | MDM | |
| 2.2 Set 'Specify use of ActiveX Installer Service for installation of ActiveX controls' to 'Enabled' | CIS IE 11 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.4 Password Security - 'maximum password age <= 90' | TNS NetApp Data ONTAP 7G | NetApp | IDENTIFICATION AND AUTHENTICATION |
| 2.7.2 iCloud keychain | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | |
| 2.9 (L2) Ensure VDS health check is disabled | CIS VMware ESXi 7.0 v1.4.0 L2 | VMware | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.9 Ensure VDS health check is disabled | CIS VMware ESXi 6.7 v1.3.0 Level 1 | VMware | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.127 - IPSec Exemptions are limited. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.1 Enable Backup Redundancy | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | |
| 5.1 Enable Backup Redundancy | CIS IBM DB2 v10 v1.1.0 Database Level 2 | IBM_DB2DB | |
| 5.1 Enable Backup Redundancy | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | |
| 5.1 Enable Backup Redundancy | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | |
| 5.127 - Windows Messenger prevented from collecting anonymous information. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.246 - Windows Mail - Disable Application | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 6.6 Remove sample databases if installed | CIS Sybase 15.0 L1 DB v1.1.0 | SybaseDB | |
| 18.9.7.1.2 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Prevent installation of devices using drivers for these device setup' is set to 'IEEE 1394 device setup classes' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.7.1.2 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Prevent installation of devices using drivers for these device setup' is set to 'IEEE 1394 device setup classes' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.7.1.4 (L1) Ensure 'Display a custom message title when device installation is prevented by a policy setting' is set to 'Enabled: <Text>' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 18.9.7.1.5 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Prevent installation of devices using drivers for these device setup' is set to 'IEEE 1394 device setup classes' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.7.1.5 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Prevent installation of devices using drivers for these device setup' is set to 'IEEE 1394 device setup classes' | CIS Microsoft Windows 10 Enterprise v4.0.0 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.7.1.5 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Prevent installation of devices using drivers for these device setup' is set to 'IEEE 1394 device setup classes' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.7.1.5 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Prevent installation of devices using drivers for these device setup' is set to 'IEEE 1394 device setup classes' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.7.1.5 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Prevent installation of devices using drivers for these device setup' is set to 'IEEE 1394 device setup classes' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.7.1.5 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Prevent installation of devices using drivers for these device setup' is set to 'IEEE 1394 device setup classes' | CIS Microsoft Windows 10 Stand-alone v3.0.0 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.7.1.5 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Prevent installation of devices using drivers for these device setup' is set to 'IEEE 1394 device setup classes' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.7.1.9 (L1) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Prevent installation of devices using drivers for these device setup' is set to 'IEEE 1394 device setup classes' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| ALMA-09-052050 - AlmaLinux OS 9 must allocate audit record storage capacity to store at least one week's worth of audit records. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN000402 - The Department of Defense (DoD) banner must be displayed immediately prior to, or as part of, graphical desktop login prompts. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN001560 - All files and directories contained in user's home directories must have mode 0750 or less permissive. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001570 - All files and directories contained in user home directories must not have extended ACLs. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001570 - All files and directories contained in user home directories must not have extended ACLs. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN001570 - All files and directories contained in user home directories must not have extended ACLs. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001570 - All files and directories contained in user home directories must not have extended ACLs. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| Salesforce.com : AuthConfig - 'Auth Providers = Facebook is not configured' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS is not configured' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| SLES-12-020020 - The SUSE operating system must allocate audit record storage capacity to store at least one weeks worth of audit records when audit records are not immediately sent to a central audit record storage facility. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-15-030660 - The SUSE operating system must allocate audit record storage capacity to store at least one week of audit records when audit records are not immediately sent to a central audit record storage facility. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-020130 - The FTP daemon must not be installed unless required. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-020130 - The FTP daemon must not be installed unless required. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-020140 - The TFTP service daemon must not be installed unless required. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-020140 - The TFTP service daemon must not be installed unless required. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-18-010314 - The Ubuntu operating system must allocate audit record storage capacity to store at least one weeks worth of audit records, when audit records are not immediately sent to a central audit record storage facility. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010215 - The Ubuntu operating system must allocate audit record storage capacity to store at least one weeks' worth of audit records, when audit records are not immediately sent to a central audit record storage facility. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCSA-70-000281 - The vCenter Server must disable or restrict the connectivity between vSAN Health Check and public Hardware Compatibility List (HCL) by use of an external proxy server. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000281 - The vCenter Server must disable or restrict the connectivity between vSAN Health Check and public Hardware Compatibility List (HCL) by use of an external proxy server. | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-65-000053 - The vCenter Server for Windows must enable the vSAN Health Check. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | CONFIGURATION MANAGEMENT |
| WG470 W22 - Wscript.exe and Cscript.exe must only be accessible by the SA and/or the web administrator. - 'Wscript.exe' | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | |
