| 1.1.2.4 Ensure 'Automatically configure profile based on Active Directory Primary SMTP address' is set to Enabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.2 Ensure 'Default file format' is set to Enabled (Access 2007) | CIS Microsoft Office Access 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.7.2.2.4 Ensure 'Document Behavior if File Validation Fails' is Enabled (Open in Protected View and Unchecked for 'Do not allow edit') | CIS Microsoft Office Excel 2013 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.7.4 Ensure 'Force File Extension to Match File Type' is set to Enabled(Always match file type) | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.5.2 Ensure 'Disable Slide Update' is set to Enabled | CIS Microsoft Office PowerPoint 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.6.5.1 Ensure 'Default file format' is set to Enabled (PowerPoint Presentation (*pptx)) | CIS Microsoft Office PowerPoint 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.6.6.2.3.2 Ensure 'Disable all trusted locations' is set to Enabled | CIS Microsoft Office PowerPoint 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.7.1.1 Ensure message of the day is configured properly - mrsv | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.2 Ensure time set is within appropriate limits | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.5.2 (L1) Ensure 'Domain controller: Allow vulnerable Netlogon secure channel connections' is set to 'Not Configured' (DC Only) | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.7.1 (L1) Ensure 'Interactive logon: Do not display last user name' is set to 'Enabled' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.7.2 (L1) Ensure 'Interactive logon: Do not require CTRL+ALT+DEL' is set to 'Disabled' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only) | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.10.12 (L1) Ensure 'Network access: Sharing and security model for local accounts' is set to 'Classic - local users authenticate as themselves' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 2.3.15.1 (L1) Ensure 'System objects: Require case insensitivity for non-Windows subsystems' is set to 'Enabled' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.15.1 (L1) Ensure 'System objects: Require case insensitivity for non-Windows subsystems' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.15.1 (L1) Ensure 'System objects: Require case insensitivity for non-Windows subsystems' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 2.4.2 Disable Internet Sharing | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.17.3 Ensure 'Always Require Users to Connect to Verify Permission' is set to Enabled | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.24.1.2 Ensure 'Enable Customer Experience Improvement Program' is set to Disabled | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.24.1.3 Ensure 'Allow including screenshot with Office Feedback' is set to Disabled | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.24.1.4 Ensure 'Send Office Feedback' is set to Disabled | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.35.3.1 Ensure 'Open Office Documents as Read/Write While Browsing' is set to Disabled | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 3.6 Validate Proxy Settings | CIS Mozilla Firefox 102 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 4.1 Set SSL Override Behavior | CIS Mozilla Firefox 38 ESR Windows L2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 5.2.4 Ensure SSH X11 forwarding is disabled | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.4.3.1 Ensure nologin is not listed in /etc/shells | CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 5.4.3.1 Ensure nologin is not listed in /etc/shells | CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 8.3.30 Set 'Allow META REFRESH' to 'Enabled:Disable' | CIS IE 11 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.1.1.2 Ensure 'Prevent enabling lock screen slide show' is set to 'Enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 18.6.3 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 18.7.3 (L1) Ensure 'Configure RPC connection settings: Protocol to use for outgoing RPC connections' is set to 'Enabled: RPC over TCP' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.7.4 (L1) Ensure 'Configure RPC connection settings: Use authentication for outgoing RPC connections' is set to 'Enabled: Default' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 18.7.4 (L1) Ensure 'Configure RPC connection settings: Use authentication for outgoing RPC connections' is set to 'Enabled: Default' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT |
| 18.7.4 (L1) Ensure 'Manage processing of Queue-specific files' is set to 'Enabled: Limit Queue-specific files to Color profiles' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.7.5 (L1) Ensure 'Configure RPC listener settings: Protocols to allow for incoming RPC connections' is set to 'Enabled: RPC over TCP' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.7.5 (L1) Ensure 'Configure RPC listener settings: Protocols to allow for incoming RPC connections' is set to 'Enabled: RPC over TCP' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.7.6 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.7.13 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.65.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.65.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.65.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.65.3.11.2 (L1) Ensure 'Do not use temporary folders per session' is set to 'Disabled' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.65.3.11.2 (L1) Ensure 'Do not use temporary folders per session' is set to 'Disabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.14.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT |
| 18.10.57.3.11.1 (L1) Ensure 'Do not delete temp folders upon exit' is set to 'Disabled' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 19.7.5.1 (L1) Ensure 'Do not preserve zone information in file attachments' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 19.7.5.1 Ensure 'Do not preserve zone information in file attachments' is set to 'Disabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.12 Ensure 'Administrative accounts cannot be used with applications that access the Internet, such as web browsers, or with potential Internet sources, such as email' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.30 Ensure 'FTP servers must be configured to prevent anonymous logons' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
