| 1.1.9 Ensure noexec option set on /var/tmp partition | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | ACCESS CONTROL |
| 1.1.16 Ensure nosuid option set on /dev/shm partition | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 1.1.17 Ensure noexec option set on /dev/shm partition | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 1.1.19 Ensure noexec option set on removable media partitions | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | ACCESS CONTROL |
| 1.2.3.2.1 Set 'Turn on PIN sign-in' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.2.4.3.3 Set 'Enumerate administrator accounts on elevation' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.2.4.11 Set 'Always install with elevated privileges' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.2.4.14 Set 'Pick one of the following settings' to 'Enabled:Require approval from an administrator before running downloaded unknown' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.4 Ensure only trusted users are allowed to control Docker daemon | CIS Docker Community Edition v1.1.0 L1 Linux Host OS | Unix | ACCESS CONTROL |
| 1.5.1 Ensure core dumps are restricted -'hard core (limits.conf/limits.d)' | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | ACCESS CONTROL |
| 2.3.10.2 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 2.3.11.2 Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 2.12.13 - Miscellaneous Config - authorized users in at.allow - 'at.allow contains sys' | CIS AIX 5.3/6.1 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 2.12.14 - Miscellaneous Config - authorized users in cron.allow - 'cron.allow contains no other entries besides sys, adm and %USERNAME%' | CIS AIX 5.3/6.1 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 3.1 Set a nondeterministic Shutdown command value | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | ACCESS CONTROL |
| 3.2 Set password on single user console | CIS FreeBSD v1.0.5 | Unix | ACCESS CONTROL |
| 4.1 Restrict core dumps to protected directory - Check if COREADM_GLOB_PATTERN is set to /var/core/core_%n_%f_%u_%g_%t_%p | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
| 5.1.8 Ensure at/cron is restricted to authorized users - '/etc/at.deny' | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | ACCESS CONTROL |
| 5.1.8 Ensure at/cron is restricted to authorized users - '/etc/at.deny' | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | ACCESS CONTROL |
| 5.1.8 Ensure at/cron is restricted to authorized users - '/etc/cron.allow' | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | ACCESS CONTROL |
| 5.1.8 Ensure at/cron is restricted to authorized users - '/etc/cron.deny' | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | ACCESS CONTROL |
| 6.2 Add 'nosuid' option to /etc/rmmount.conf, Check if nosuid option is set. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
| 6.9 Restrict at/cron To Authorized Users - should pass if /etc/cron.d/at.allow permissions are OK. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 9.1 Set 'Disable the Security page' to 'Enabled' | CIS IE 10 v1.1.0 | Windows | ACCESS CONTROL |
| 10.1 SN.1 Restrict access to suspend feature | CIS Solaris 11.2 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 10.2 Restrict access to the web administration application | CIS Apache Tomcat 8 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 10.14 Do not run applications as privileged | CIS Apache Tomcat 8 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL |
| 18.8.22.1.4 Ensure 'Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com' is set to 'Enabled' | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 18.8.47.11.1 Ensure 'Enable/Disable PerfTrack' is set to 'Disabled' | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 18.9.15.2 Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 19.6.6.1.1 Ensure 'Turn off Help Experience Improvement Program' is set to 'Enabled' | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows 10 v1507 v1.0.0 | Windows | ACCESS CONTROL |
| Always install with elevated privileges | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
| Always install with elevated privileges | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
| Configure Windows Defender SmartScreen - EnableSmartScreen | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
| Enable local admin password management | MSCT Windows 10 1903 v1.19.9 | Windows | ACCESS CONTROL |
| Enable local admin password management | MSCT Windows 10 v21H2 v1.0.0 | Windows | ACCESS CONTROL |
| Ensure at/cron is restricted to authorized users - cron.allow | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
| Ensure noexec option set on /tmp partition | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
| Enumerate administrator accounts on elevation | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
| Enumerate local users on domain-joined computers | MSCT Windows 10 v1507 v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Do not allow anonymous enumeration of SAM accounts | MSCT Windows 10 1903 v1.19.9 | Windows | ACCESS CONTROL |
| Network access: Do not allow anonymous enumeration of SAM accounts and shares | MSCT Windows 10 v1507 v1.0.0 | Windows | ACCESS CONTROL |
| Network security: Allow LocalSystem NULL session fallback | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
| Network security: Allow LocalSystem NULL session fallback | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
| Turn off toast notifications on the lock screen | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
| Turn on PowerShell Script Block Logging - EnableScriptBlockLogging | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
| Turn on PowerShell Script Block Logging - EnableScriptBlockLogging | MSCT Windows 10 1909 v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Behavior of the elevation prompt for standard users | MSCT Windows 10 1909 v1.0.0 | Windows | ACCESS CONTROL |
