| 2.2 Ensure 'Protect RE' Firewall Filter includes explicit terms for all Management Services | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.7 Prevent unintended use of dvfilter network APIs | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | ACCESS CONTROL |
| 3.1 Configure a centralized location to collect ESXi host core dumps | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 3.9 Ensure 'audit_log_file' Has Appropriate Permissions | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1 Create a non-root user account for local admin access | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_ACCEPT : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_ACCEPT : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_CONNECT : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_CONNECT : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_inetd_connect : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_inetd_connect : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_SOCKACCEPT : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_SOCKCONNECT : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Use Active Directory for local user authentication - Enabled = 'true' | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | IDENTIFICATION AND AUTHENTICATION |
| 4.4 Use Active Directory for local user authentication - Review Domain | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | IDENTIFICATION AND AUTHENTICATION |
| 4.9 Ensure 'sql_mode' Contains 'STRICT_ALL_TABLES' | CIS MySQL 5.7 Community Database L2 v2.0.0 | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 5.2 Disable ESXi Shell unless needed for diagnostics or troubleshooting | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 5.3 Ensure 'PROCESS' is Not Granted to Non-Administrative Users | CIS Oracle MySQL Community Server 8.0 v1.2.0 L2 MySQL RDBMS MySQLDB | MySQLDB | ACCESS CONTROL |
| 5.3 Ensure 'PROCESS' is Not Granted to Non-Administrative Users | CIS Oracle MySQL Community Server 8.0 v1.2.0 L2 MySQL RDBMS on Linux MySQLDB | MySQLDB | ACCESS CONTROL |
| 5.3 Ensure 'PROCESS' is Not Granted to Non-Administrative Users | CIS Oracle MySQL Community Server 8.4 v1.1.0 L2 MySQL RDBMS on Linux MySQLDB | MySQLDB | ACCESS CONTROL |
| 5.3 Ensure 'PROCESS' is Not Granted to Non-Administrative Users | CIS Oracle MySQL Community Server 8.4 v1.1.0 L2 MySQL RDBMS MySQLDB | MySQLDB | ACCESS CONTROL |
| 5.3 Ensure 'PROCESS' is Not Granted to Non-Administrative Users | CIS Oracle MySQL Enterprise Edition 8.0 v1.5.0 L2 MySQL RDBMS MySQLDB | MySQLDB | ACCESS CONTROL |
| 5.3 Ensure 'PROCESS' is Not Granted to Non-Administrative Users | CIS Oracle MySQL Enterprise Edition 8.0 v1.5.0 L2 MySQL RDBMS on Linux MySQLDB | MySQLDB | ACCESS CONTROL |
| 5.3 Ensure 'PROCESS' is Not Granted to Non-Administrative Users | CIS Oracle MySQL Enterprise Edition 8.4 v1.1.0 L2 MySQL RDBMS on Linux MySQLDB | MySQLDB | ACCESS CONTROL |
| 5.4 Enable lockdown mode to restrict remote access | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 5.7 Set a timeout for Shell Services | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | ACCESS CONTROL |
| 6.8 Disable Host-based Authentication for Login-based Services - rlogin auth sufficient pam_rhosts_auth.so.1 | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 6.8 Disable Host-based Authentication for Login-based Services - rlogin auth sufficient pam_rhosts_auth.so.1 | CIS Solaris 11 L1 v1.1.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 7.1 Ensure default_authentication_plugin is Set to a Secure Option | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure default_authentication_plugin is Set to a Secure Option | CIS Oracle MySQL Enterprise Edition 8.0 v1.5.0 L1 MySQL RDBMS MySQLDB | MySQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1.1 Disable VDS network healthcheck if not used | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 7.1.5 Ensure that VDS Port Mirror traffic is only being sent to authorized collector ports or VLANs | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 7.2.2 Ensure that port groups are not configured to VLAN 4095 except for Virtual Guest Tagging (VGT) | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 7.2.3 Ensure that port groups are not configured to VLAN values reserved by upstream physical switches | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 8.1.1 Disable VM communication through VMCI | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.2.3 Disconnect unauthorized devices - Parallel Devices | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 8.2.5 Disconnect unauthorized devices - USB Devices | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | MEDIA PROTECTION |
| 8.3 Set Maximum Connection Limits for Server and per User | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3 Set Maximum Connection Limits for Server and per User | CIS Oracle MySQL Enterprise Edition 8.0 v1.5.0 L1 MySQL RDBMS MySQLDB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3.4 Use templates to deploy VMs whenever possible | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 8.4.3 Control VMsafe Agent Port | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.11 Disable Unity Push Update | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.12 Disable Drag and Drop Version Get | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.21 Disable Host Guest File System Server | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.22 Disable Guest Host Interaction Launch Menu | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.23 Disable memSchedFakeSampleStats | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.6.2 Disable virtual disk shrinking | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.7.1 Disable VMware Tools auto install | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| CIS Docker Community Edition v1.1.0 L1 Docker | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | |
| MOTS-11-002300 - Motorola Solutions Android 11 must be configured to disable trust agents. | AirWatch - DISA Motorola Solutions Android 11 COBO v1r3 | MDM | CONFIGURATION MANAGEMENT |
