| 1.5.2 Ensure address space layout randomization (ASLR) is enabled - sysctl | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.5.3 Ensure address space layout randomization (ASLR) is enabled - /etc/sysctl | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.5.3 Ensure address space layout randomization (ASLR) is enabled - /etc/sysctl.conf, /etc/sysctl.d/* | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.5.3 Ensure address space layout randomization (ASLR) is enabled - /etc/sysctl.conf, /etc/sysctl.d/* | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.5.3 Ensure address space layout randomization (ASLR) is enabled - config | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.5.3 Ensure address space layout randomization (ASLR) is enabled - sysctl | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.5.3 Ensure address space layout randomization (ASLR) is enabled - sysctl.conf sysctl.d | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.6.2 Ensure address space layout randomization (ASLR) is enabled - config | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.3 Ensure address space layout randomization (ASLR) is enabled - sysctl | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.3.8.3 Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.11.8.7.2.6 Ensure 'Dynamic Data Exchange' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 4.3 Enable auditing - sp_configure 'auditing' | CIS Sybase 15.0 L1 DB v1.1.0 | SybaseDB | AUDIT AND ACCOUNTABILITY |
| 17.1.1 Ensure 'Audit Credential Validation' is set to 'Success and Failure' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller | Windows | AUDIT AND ACCOUNTABILITY |
| 17.2.2 (L1) Ensure 'Audit Security Group Management' is set to include 'Success' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 17.2.3 Ensure 'Audit Distribution Group Management' is set to include 'Success' (DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller | Windows | AUDIT AND ACCOUNTABILITY |
| 17.5.3 (L1) Ensure 'Audit Logoff' is set to include 'Success' | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 17.5.6 Ensure 'Audit Special Logon' is set to include 'Success' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller | Windows | AUDIT AND ACCOUNTABILITY |
| 17.8.1 Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 17.8.1 Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.8.1 Ensure 'Audit Sensitive Privilege Use' is set to 'Success and Failure' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 17.9.3 (L1) Ensure 'Audit Security State Change' is set to include 'Success' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY |
| 17.9.4 (L1) Ensure 'Audit Security System Extension' is set to include 'Success' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY |
| 18.2.4 (L1) Ensure 'Password Settings: Password Complexity' is set to 'Enabled: Large letters + small letters + numbers + special characters' (MS only) | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.2.4 (L1) Ensure 'Password Settings: Password Complexity' is set to 'Enabled: Large letters + small letters + numbers + special characters' (MS only) | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.3.4 (L1) Ensure 'Password Settings: Password Complexity' is set to 'Enabled: Large letters + small letters + numbers + special characters' (MS only) | CIS Microsoft Windows Server 2016 v3.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.3.4 (L1) Ensure 'Password Settings: Password Complexity' is set to 'Enabled: Large letters + small letters + numbers + special characters' (MS only) | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.3.5 Ensure 'WDigest Authentication' is set to 'Disabled' - Disabled | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.4.7 (L1) Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.4.7 (L1) Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.4.7 (L1) Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.4.8 (L1) Ensure 'WDigest Authentication' is set to 'Disabled' | CIS Microsoft Windows Server 2019 v4.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.4.1 (L1) Ensure 'Encryption Oracle Remediation' is set to 'Enabled: Force Updated Clients' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.4.1 (L1) Ensure 'Encryption Oracle Remediation' is set to 'Enabled: Force Updated Clients' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.4.1 (L1) Ensure 'Encryption Oracle Remediation' is set to 'Enabled: Force Updated Clients' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 49.14 (L1) Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO239 - Outlook Security Mode must be configured to use Group Policy settings. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| OL6-00-000206 - The telnet-server package must not be installed. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| SPLK-CL-000350 - Splunk Enterprise must enforce password complexity for the account of last resort by requiring that at least one numeric character be used. | DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API | Splunk | IDENTIFICATION AND AUTHENTICATION |
| WINCC-000078 - EMET system-wide Address Space Layout Randomization (ASLR) must be enabled and configured to Application Opt In. | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WINCC-000080 - EMET Default Protections for Recommended Software must be enabled. - AcroRd32.exe | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WINCC-000080 - EMET Default Protections for Recommended Software must be enabled. - OIS.EXE | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WINCC-000081 - EMET Default Protections for Popular Software must be enabled. - *\opera.exe | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WINCC-000081 - EMET Default Protections for Popular Software must be enabled. - chrome.exe | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WINCC-000081 - EMET Default Protections for Popular Software must be enabled. - communicator.exe | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WINCC-000081 - EMET Default Protections for Popular Software must be enabled. - googletalk.exe | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WINCC-000081 - EMET Default Protections for Popular Software must be enabled. - iTunes.exe | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WINCC-000081 - EMET Default Protections for Popular Software must be enabled. - opera.exe | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WINCC-000081 - EMET Default Protections for Popular Software must be enabled. - winzip32.exe | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WINCC-000081 - EMET Default Protections for Popular Software must be enabled. - WLXPhotoGallery.exe | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WINCC-000082 - EMET system-wide Data Execution Prevention (DEP) must be enabled and configured to at least Application Opt Out. | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND INFORMATION INTEGRITY |
