| 2.2.2 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users, ENTERPRISE DOMAIN CONTROLLERS' (DC only) | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.2 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users, ENTERPRISE DOMAIN CONTROLLERS' (DC only) | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.2 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users, ENTERPRISE DOMAIN CONTROLLERS' (DC only) | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.2 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users, ENTERPRISE DOMAIN CONTROLLERS' (DC only) | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.2 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users, ENTERPRISE DOMAIN CONTROLLERS' (DC only) | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 2.2.2 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users, ENTERPRISE DOMAIN CONTROLLERS' (DC only) | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.2 Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users, ENTERPRISE DOMAIN CONTROLLERS' (DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.2 Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users, ENTERPRISE DOMAIN CONTROLLERS' (DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.2 Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users, ENTERPRISE DOMAIN CONTROLLERS' (DC only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.3 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users' (MS only) | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.3 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users' (MS only) | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 2.2.3 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users' (MS only) | CIS Microsoft Windows Server 2019 v3.0.1 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.3 Enable Debug Level Daemon Logging - Check if daemon.debug is set to /var/log/connlog | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Capture syslog AUTH Messages - Check if auth.info is set to var/log/authlog | CIS Solaris 10 L1 v5.2 | Unix | |
| 4.9 Enable Kernel Level Auditing - Check audit condition is set to auditing | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.12 Set EEPROM Security Mode and Log Failed Access - SPARC only. Should *not* be 'security-mode=none'. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.3 Set Strong Password Creation Policies - Check HISTORY is set to 10 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.6 Set Default umask for Users - Check if 'umask' is set to 077 - Check /etc/.login. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.persLabelString' is not set to default string. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.persLabelString' is set appropriately. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| AADC-CL-000990 - Adobe Acrobat Pro DC Classic periodic downloading of Adobe European certificates must be disabled. | DISA STIG Adobe Acrobat Pro DC Classic Track v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AADC-CL-001310 - The Adobe Acrobat Pro DC Classic Welcome Screen must be disabled. | DISA STIG Adobe Acrobat Pro DC Classic Track v2r1 | Windows | CONFIGURATION MANAGEMENT |
| ARDC-CL-000055 - Adobe Reader DC must disable the Adobe Send and Track plugin for Outlook. | DISA STIG Adobe Acrobat Reader DC Classic Track v2r1 | Windows | CONFIGURATION MANAGEMENT |
| ARDC-CL-000065 - Adobe Reader DC must disable Cloud Synchronization. | DISA STIG Adobe Acrobat Reader DC Classic Track v2r1 | Windows | CONFIGURATION MANAGEMENT |
| ARDC-CN-000010 - Adobe Reader DC must enable Enhanced Security in a Browser. | DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Excel 97-2003 workbooks and templates | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| TCAT-AS-000690 - LDAP authentication must be secured. | DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| Visio 2003-2010 Binary Drawings Templates and Stencils | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Visio 2003-2010 Binary Drawings, Templates and Stencils | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Visio 2003-2010 Binary Drawings, Templates and Stencils | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Visio 2003-2010 Binary Drawings, Templates and Stencils | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Web pages and Excel 2003 XML spreadsheets | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Web pages and Excel 2003 XML spreadsheets | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Web pages and Excel 2003 XML spreadsheets | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WN10-00-000160 - The Server Message Block (SMB) v1 protocol must be disabled on the system. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN10-00-000165 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB server. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN10-00-000170 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000160 - The Server Message Block (SMB) v1 protocol must be disabled on the system. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000165 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB server. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000170 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000160 - The Server Message Block (SMB) v1 protocol must be disabled on Windows 2012 R2. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000160 - The Server Message Block (SMB) v1 protocol must be disabled on Windows 2012 R2. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000170 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB server. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000170 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB server. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000180 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client - LanManWorkstation | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000180 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client - LanManWorkstation | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000180 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client - mrxsmb10 | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000180 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client - mrxsmb10 | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| Word 2003 binary documents and templates | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Word 2003 binary documents and templates | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
