| 1.1.8 - MobileIron - Turn off Ask to Join Networks | MobileIron - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.5 Installing ISC BIND 9 - bind9 installation | CIS BIND DNS v1.0.0 L1 Caching Only Name Server | Unix | CONFIGURATION MANAGEMENT |
| 1.5 Installing ISC BIND 9 - bind9 installation | CIS BIND DNS v3.0.1 Caching Only Name Server | Unix | |
| 1.8.3 Ensure disable-user-list is enabled | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.11 Ensure 'Unknown sources' is set to Disabled | MobileIron - CIS Google Android 7 v1.0.0 L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.1.1 Ensure a 'Consent Message' has been 'Configured' | MobileIron - CIS Apple iOS 17 v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.1.1 Ensure a 'Consent Message' has been 'Configured' | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.1.1 Ensure a 'Consent Message' has been 'Configured' | MobileIron - CIS Apple iOS 18 v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.4 Control access to audit records - /etc/security/audit_control | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | |
| 3.4 Control access to audit records - /var/audit | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.8 Ensure Billing Alerts are enabled for increments of X spend | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | |
| 5.4 Ensure 'Default Restrict' is set in all client lists | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.12 Ensure all HTTP Header Logging options are enabled - Referer | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 6.12 Ensure all HTTP Header Logging options are enabled - X-Forwarded-For | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 12.30 Public dissemination of database information - 'Disallow' | CIS v1.1.0 Oracle 11g OS L1 | Unix | |
| 12.30 Public dissemination of database information - 'Disallow' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | |
| Allow user control over installs | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows 10 v22H2 v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows 10 v1507 v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows Server 1903 MS v1.19.9 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows Server v1909 DC v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows Server v1909 MS v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows Server v20H2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows Server 2019 DC v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows Server 2022 v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows 11 v22H2 v1.0.0 | Windows | ACCESS CONTROL |
| CISC-RT-000920 - The Cisco Multicast Source Discovery Protocol (MSDP) switch must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources. | DISA Cisco NX OS Switch RTR STIG v3r3 | Cisco | ACCESS CONTROL |
| DTAVSEL-102 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find unknown program viruses. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-103 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find unknown macro viruses. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| HP ProCurve - 'Disable HTTP' | TNS HP ProCurve | HPProCurve | CONFIGURATION MANAGEMENT |
| HP ProCurve - 'Enable DHCP snooping' | TNS HP ProCurve | HPProCurve | SYSTEM AND COMMUNICATIONS PROTECTION |
| HP ProCurve - 'Enable SNMPv3' | TNS HP ProCurve | HPProCurve | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| HP ProCurve - 'Enable SSH' | TNS HP ProCurve | HPProCurve | CONFIGURATION MANAGEMENT |
| JUEX-RT-000740 - The Juniper perimeter router must be configured to block inbound packets with source Bogon IP address prefixes. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| List physical storage locations | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| List VM memory allocations | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| Prevent per-user installation of ActiveX controls | MSCT Windows Server v20H2 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows 11 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows Server 1903 DC v1.19.9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows Server v2004 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows Server 2025 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows 11 v24H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Review the list of Current OpenStack Users | Tenable Best Practices OpenStack v2.0.0 | OpenStack | ACCESS CONTROL |
| Review the list of Current Rackspace Users | Tenable Best Practices RackSpace v2.0.0 | Rackspace | ACCESS CONTROL |
| Review the list of Rackspace Database Flavors | Tenable Best Practices RackSpace v2.0.0 | Rackspace | CONFIGURATION MANAGEMENT |
| SonicWALL - Security Services - Gateway AV - Activated | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Security Services - Gateway AV - FTP Outbound | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Security Services - IDP - Signature DB Present | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SQL6-D0-012700 - When updates are applied to SQL Server software, any software components that have been replaced or made unnecessary must be removed. | DISA STIG SQL Server 2016 Instance DB Audit v3r4 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
