| 1.4 Enable system data files and security update installs - ConfigDataInstall | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.1 Disable Bluetooth, if no paired devices exist | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | |
| 2.2.1 Enable "Set time and date automatically" | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.2 Ensure time set is within appropriate limits | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.3 Restrict NTP server to loopback interface | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.2 Secure screen saver corners - bottom left corner | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | ACCESS CONTROL |
| 2.3.4 Set a screen corner to Start Screen Saver | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 2.4.2 Disable Internet Sharing | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.6.1 Enable FileVault - Encryption Type | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.4 Enable Firewall Stealth Mode | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.6 Enable Location Services | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.11 Java 6 is not the default Java runtime | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.3 Configure Security Auditing Flags - 'audit all failed events across all audit classes' | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events' | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit successful/failed login/logout events' | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.4 Ensure events that modify the system's Mandatory Access Controls are collected | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected | CIS SUSE Linux Enterprise 12 v3.2.1 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/apparmor/ | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/apparmor/ | CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/apparmor/ | CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/selinux/ | CIS Fedora 19 Family Linux Workstation L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/apparmor/ | CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/selinux/ | CIS Oracle Linux 6 Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /usr/share/selinux/ | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - rules.d /etc/selinux/ | CIS CentOS 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - rules.d /etc/selinux/ | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/apparmor.d | CIS Debian 9 Workstation L2 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/apparmor.d | CIS Debian 9 Workstation L2 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /usr/share/selinux | CIS Debian 9 Workstation L2 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/apparmor.d/ | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/selinux/ | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - /usr/share/selinux/ | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/apparmor/ | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/selinux/ | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/selinux/ | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.5 Ensure ftp server is not running | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.9 Ensure the latest iOS device architecture is used by high-value targets | AirWatch - CIS Apple iPadOS 18 v1.0.0 L2 End User Owned | MDM | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT |
| 4.9 Ensure the latest iOS device architecture is used by high-value targets | MobileIron - CIS Apple iOS 18 v1.0.0 L2 End User Owned | MDM | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT |
| 4.10.31.1 (L1) Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.2.3 Complex passwords must contain an Alphabetic Character | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.5 Complex passwords must contain a Symbolic Character | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4 Automatically lock the login keychain for inactivity | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.5 Ensure login keychain is locked when the computer sleeps | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.7 Do not enable the "root" account | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 5.9 Require a password to wake the computer from sleep or screen saver | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 5.13 Create a Login window banner | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | ACCESS CONTROL |
| 6.1.3 Disable guest account login | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 6.2 Turn on filename extensions | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 7.2 iSight Camera Privacy and Confidentiality Concerns | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | |
| vCenter: vcenter-8.network-mac-learning | VMware vSphere Security Configuration and Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
