| 1.192 WN16-MS-000040 | CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.193 WN16-MS-000050 | CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.193 WN22-MS-000030 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.194 WN16-MS-000120 | CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT I | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.197 WN22-MS-000070 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 1.198 WN22-MS-000080 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 1.201 WN16-MS-000410 | CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 1.203 WN19-MS-000130 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 1.204 WN22-MS-000140 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT I | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.11.3 (L1) Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.11.3 Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 4.4.5 (L1) Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.8.48.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.48.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled' | CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.19.1 (L1) Ensure 'Turn off desktop gadgets' is set to 'Enabled' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.19.1 (L1) Ensure 'Turn off desktop gadgets' is set to 'Enabled' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.19.1 (L1) Ensure 'Turn off desktop gadgets' is set to 'Enabled' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.46.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled' | CIS Windows Server 2012 R2 DC L2 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled' | CIS Microsoft Windows Server 2016 v4.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled' | CIS Microsoft Windows Server 2019 v4.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled' | CIS Microsoft Windows Server 2016 v4.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled' | CIS Microsoft Windows Server 2019 v4.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.49.11.1 Ensure 'Enable/Disable PerfTrack' is set to 'Disabled' | CIS Microsoft Windows Server 2022 v5.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.49.11.1 Ensure 'Enable/Disable PerfTrack' is set to 'Disabled' | CIS Microsoft Windows Server 2025 v2.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.49.11.1 Ensure 'Enable/Disable PerfTrack' is set to 'Disabled' | CIS Microsoft Windows Server 2022 Stand-alone v2.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| Block Flash activation in Office documents | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents - ActivationFilterOverride - D27CDB70-AE6D-11CF-96B8-444553540000 - Office 16.0 | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents - Compatibility Flags - D27CDB70-AE6D-11CF-96B8-444553540000 - Office 16.0 | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-CA-000010 - Exchange must use Encryption for OWA access. | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | ACCESS CONTROL |
| EX16-MB-002910 - Exchange must use encryption for Outlook Web App (OWA) access. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | ACCESS CONTROL |
| MYS8-00-002600 - The MySQL Database Server 8.0 must generate audit records when privileges/permissions are modified. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-002700 - The MySQL Database Server 8.0 must generate audit records when unsuccessful attempts to modify privileges/permissions occur. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| NetBT NodeType configuration | MSCT Windows 10 v20H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| NetBT NodeType configuration | MSCT Windows 10 v21H1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| NetBT NodeType configuration | MSCT Windows Server 2025 MS v2506 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| NetBT NodeType configuration | MSCT Windows 10 v22H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| NetBT NodeType configuration | MSCT Windows 11 v24H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Restrict legacy JScript execution for Office - excel.exe | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Restrict legacy JScript execution for Office - mspub.exe | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Restrict legacy JScript execution for Office - outlook.exe | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-010000 - DBA OS or domain accounts must be granted only those host system privileges necessary for the administration of SQL Server. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | CONFIGURATION MANAGEMENT |
| SQL6-D0-014200 - SQL Server must generate audit records when successful and unsuccessful attempts to delete privileges/permissions occur. | DISA MS SQL Server 2016 Instance STIG v3r6 MS_SQLDB | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| VCFL-67-000007 - vSphere Client must be configured to only communicate over TLS 1.2. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | ACCESS CONTROL |
| WN19-MS-000040 - Windows Server 2019 must restrict unauthenticated Remote Procedure Call (RPC) clients from connecting to the RPC server on domain-joined member servers and standalone or nondomain-joined systems. | DISA Microsoft Windows Server 2019 STIG v3r8 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-MS-000040 - Windows Server 2022 must restrict unauthenticated Remote Procedure Call (RPC) clients from connecting to the RPC server on domain-joined member servers and standalone or nondomain-joined systems. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | IDENTIFICATION AND AUTHENTICATION |
