| 1.1.14 - MobileIron - Turn off Personal Hotspot when not needed | MobileIron - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.15 - AirWatch - Turn off Personal Hotspot when not needed | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.15 - MobileIron - Turn off Personal Hotspot when not needed | MobileIron - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.6.2 Ensure system wide crypto policy is not set in sshd configuration | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.2 Ensure system wide crypto policy is not set in sshd configuration | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.2 Ensure system wide crypto policy is not set in sshd configuration | CIS Rocky Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.3 Ensure system wide crypto policy is not set in sshd configuration | CIS SUSE Linux Enterprise 15 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.1.7 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled' | MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.2.1.7 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled' | AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.2.1.8 Ensure 'Treat AirDrop as unmanaged destination' is set to 'Enabled' | AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.2.1.8 Ensure 'Treat AirDrop as unmanaged destination' is set to 'Enabled' | AirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.2.1.9 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled' | MobileIron - CIS Apple iOS 18 v1.0.0 L1 End User Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.1.9 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled' | AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.1.9 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled' | MobileIron - CIS Apple iOS 17 v1.1.0 End User Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.1.9 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.1.9 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled' | MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.1.9 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled' | AirWatch - CIS Apple iOS 18 Benchmark v1.0.0 L1 End User Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.1.9 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 End User Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.5 Set 'logging trap informational' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | AUDIT AND ACCOUNTABILITY |
| 2.2.15 Ensure '_trace_files_public' Is Set to 'FALSE' | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 2.11 Java 6 is not the default Java runtime | CIS Apple macOS 10.12 L2 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.12 Only enable GSS daemon if absolutely necessary - Uncomment service 100234 in /etc/inet/inetd.con (Solaris 7 or later) | CIS Solaris 9 v1.3 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1.17 Ensure 'Treat AirDrop as unmanaged destination' is set to 'Enabled' | MobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | |
| 3.2.1.19 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled' | MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.2.1.22 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2.1.22 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled' | MobileIron - CIS Apple iOS 17 Institution Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2.1.22 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled' | AirWatch - CIS Apple iOS 17 Institution Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2.1.22 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2.1.22 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled' | MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2.1.22 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled' | MobileIron - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2.1.22 Ensure 'Allow documents from unmanaged sources in managed destinations' is set to 'Disabled' | MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 3.3 Configure 'Turn off 'Delete Browsing History' functionality' | CIS IE 9 v1.0.0 | Windows | ACCESS CONTROL |
| 3.11 Ensure Java applet filtering is enabled | CIS Cisco ASA 9.x Firewall L2 v1.1.0 | Cisco | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.11 Ensure Java applet filtering is enabled | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | CONFIGURATION MANAGEMENT |
| 4.2.22 Ensure sshd crypto_policy is not set | CIS Red Hat EL8 Server L1 v3.0.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.4.7 Ensure minimum and maximum requirements are set for password changes - difok | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.7 Ensure minimum and maximum requirements are set for password changes - maxclassrepeat | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.7 Ensure minimum and maximum requirements are set for password changes - maxrepeat | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 18.10.75.2.2 Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled: Warn' or 'Enabled: Warn and prevent bypass' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 19.7.15.1.1 Ensure 'Turn off Preview Pane' is set to 'Enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 19.7.15.1.1 Ensure 'Turn off Preview Pane' is set to 'Enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.71 Ensure 'Windows PowerShell 2.0' is 'not installed' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.71 Ensure 'Windows PowerShell 2.0' is 'not installed' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| EX16-ED-000570 - Exchange must render hyperlinks from email sources from non-.mil domains as unclickable. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| GEN002860 - Audit logs must be rotated daily. | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| KNOX-07-003700 - The Samsung Android 7 with Knox must be configured to disable developer modes. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| SQL2-00-013800 - SQL Server must protect audit information from unauthorized deletion. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | AUDIT AND ACCOUNTABILITY |
| SQL2-00-014400 - SQL Server must protect the audit records generated as a result of remote access to privileged accounts and by the execution of privileged functions. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| SQL4-00-013800 - The audit information produced by SQL Server must be protected from unauthorized deletion. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL6-D0-005900 - The audit information produced by SQL Server must be protected from unauthorized access, modification, and deletion. | DISA STIG SQL Server 2016 Instance DB Audit v3r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
