| 1.2 Ensure 'host headers' are on all sites | CIS IIS 8.0 v1.5.1 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.1 Ensure 'Do not prompt to convert older databases' is set to Disabled | CIS Microsoft Office Access 2013 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.6.2 Ensure 'Default File Format' is set to Enabled | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.7.2.4 Ensure 'Trust Access To Visual Basic Project' is set to Disabled | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.7.3 Ensure 'Turn Off File Validation' is set to Disabled | CIS Microsoft Office Excel 2013 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.7.4 Ensure 'Force File Extension to Match File Type' is set to Enabled(Always match file type ) | CIS Microsoft Office Excel 2013 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.6 Ensure 'application pool identity' is configured for anonymous user identity | CIS IIS 8.0 v1.5.1 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.6.6.3 Ensure 'Make Hidden Markup Visible' is set to Enabled | CIS Microsoft Office PowerPoint 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.7.1 (L1) Ensure 'Interactive logon: Do not require CTRL+ALT+DEL' is set to 'Disabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.10.12 (L1) Ensure 'Network access: Sharing and security model for local accounts' is set to 'Classic - local users authenticate as themselves' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.10.13 (L1) Ensure 'Network access: Sharing and security model for local accounts' is set to 'Classic - local users authenticate as themselves' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.15.1 Ensure 'System objects: Require case insensitivity for non-Windows subsystems' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | CONFIGURATION MANAGEMENT |
| 18.1.1.1 Ensure 'Prevent enabling lock screen camera' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | CONFIGURATION MANAGEMENT |
| 18.1.1.2 (L1) Ensure 'Prevent enabling lock screen slide show' is set to 'Enabled' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.1.1.2 Ensure 'Prevent enabling lock screen slide show' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | CONFIGURATION MANAGEMENT |
| 18.4.2 (L1) Ensure 'Configure RPC packet level privacy setting for incoming connections' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.7.4 Ensure 'Configure RPC connection settings: Use authentication for outgoing RPC connections' is set to 'Enabled: Default' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | CONFIGURATION MANAGEMENT |
| 18.7.11 Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | CONFIGURATION MANAGEMENT |
| 18.10.8.1.1 Ensure 'Configure enhanced anti-spoofing' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | CONFIGURATION MANAGEMENT |
| 18.10.14.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 19.7.4.1 (L1) Ensure 'Do not preserve zone information in file attachments' is set to 'Disabled' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 19.7.5.1 Ensure 'Do not preserve zone information in file attachments' is set to 'Disabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.9 (L1) Ensure 'System is used for single purpose' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 20.44 Ensure 'Orphaned security identifiers (SIDs) must be removed from user rights' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.65 Ensure 'The system must have the Roles and Features required for it documented' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| Add-on Management - outlook.exe | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Add-on Management - winproj.exe | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Add-on Management - winword.exe | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow Trusted Locations on the network - allownetworklocations - visio | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow users to demote attachments to Level 2 | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Outlook object model prompt When accessing the Formula property of a UserProperty object | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Outlook object model prompt when executing Save As | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Outlook object model prompt when sending mail | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Consistent Mime Handling - msaccess.exe | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Consistent Mime Handling - mse7.exe | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Consistent Mime Handling - pptview.exe | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Disable user name and password - mse7.exe | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Information Bar - powerpnt.exe | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Information Bar - winproj.exe | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Local Machine Zone Lockdown Security - exprwd.exe | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Local Machine Zone Lockdown Security - onenote.exe | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Local Machine Zone Lockdown Security - powerpnt.exe | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Local Machine Zone Lockdown Security - winproj.exe | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| MS.AAD.6.1v1 - User passwords SHALL NOT expire. | CISA SCuBA Microsoft 365 Entra ID v1.5.0 | microsoft_azure | CONFIGURATION MANAGEMENT |
| MS.EXO.5.1v1 - SMTP AUTH SHALL be disabled. | CISA SCuBA Microsoft 365 Exchange Online v1.5.0 | microsoft_azure | CONFIGURATION MANAGEMENT |
| MS.EXO.12.2v1 - Safe lists SHOULD NOT be enabled. | CISA SCuBA Microsoft 365 Exchange Online v1.5.0 | microsoft_azure | CONFIGURATION MANAGEMENT |
| MS.EXO.17.3v1 - Audit logs SHALL be maintained for at least the minimum duration dictated by OMB M-21-31 (Appendix C). | CISA SCuBA Microsoft 365 Exchange Online v1.5.0 | microsoft_azure | CONFIGURATION MANAGEMENT |
| MS.TEAMS.1.3v1 - Anonymous users and dial-in callers SHOULD NOT be admitted automatically. | CISA SCuBA Microsoft 365 Teams v1.5.0 | microsoft_azure | CONFIGURATION MANAGEMENT |
| MS.TEAMS.1.4v1 - Internal users SHOULD be admitted automatically. | CISA SCuBA Microsoft 365 Teams v1.5.0 | microsoft_azure | CONFIGURATION MANAGEMENT |
| MS.TEAMS.1.7v1 - Record an event SHOULD be set to Organizer can record. | CISA SCuBA Microsoft 365 Teams v1.5.0 | microsoft_azure | CONFIGURATION MANAGEMENT |
