| 2.2.24 (L1) Ensure 'Deny log on through Remote Desktop Services' to include 'Guests' (DC only) | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.2.25 (L1) Ensure 'Deny log on through Remote Desktop Services' to include 'Guests' (DC only) | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.2.26 (L1) Ensure 'Deny log on through Remote Desktop Services' to include 'Guests' (DC only) | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.26 (L1) Ensure 'Deny log on through Remote Desktop Services' to include 'Guests' (DC only) | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.27 (L1) Ensure 'Deny log on through Remote Desktop Services' is set to 'Guests, Local account' (MS only) | CIS Microsoft Windows Server 2016 v3.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.27 (L1) Ensure 'Deny log on through Remote Desktop Services' is set to 'Guests, Local account' (MS only) | CIS Microsoft Windows Server 2019 v3.0.1 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.34 Ensure 'Deny log on through Remote Desktop Services' to include 'Guests' (DC only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.3.8.1 Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.9.3 Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.9.3 Ensure 'Microsoft network server: Digitally sign communications (if client agrees)' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.17.4 Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | ACCESS CONTROL |
| 3.2.1 Restrict Recursive Queries | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Configure Solaris Auditing - active audit policies = argv,cnt,zonename | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - active user flags = cis,ex,aa,ua,as,ss,lo,ft | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - audit condition = auditing | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - audit_binfile (active) | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - configured non-attributable flags = lo | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.5 Ensure 'Simple TCP/IP Services (simptcp)' is set to 'Not Installed' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 5.5 Ensure 'Simple TCP/IP Services (simptcp)' is set to 'Not Installed' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 5.5 Ensure 'Simple TCP/IP Services (simptcp)' is set to 'Not Installed' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 5.007 - An approved, up-to-date, DoD antivirus program must be installed and used. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.23 (L1) Ensure 'Simple TCP/IP Services (simptcp)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 5.24 Ensure 'Simple TCP/IP Services (simptcp)' is set to 'Disabled' or 'Not Installed' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 5.24 Ensure 'Simple TCP/IP Services (simptcp)' is set to 'Disabled' or 'Not Installed' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 5.044 - Terminal Services is configured to use a common temporary folder for all sessions. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 18.6.5.1 (L2) Ensure 'Enable Font Providers' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.6.5.1 (L2) Ensure 'Enable Font Providers' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 18.6.5.1 (L2) Ensure 'Enable Font Providers' is set to 'Disabled' | CIS Microsoft Windows Server 2025 v1.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.6.5.1 (L2) Ensure 'Enable Font Providers' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.6.5.1 (L2) Ensure 'Enable Font Providers' is set to 'Disabled' | CIS Microsoft Windows Server 2019 v3.0.1 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.6.5.1 Ensure 'Enable Font Providers' is set to 'Disabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.10.66.1 (L2) Ensure 'Disable all apps from Microsoft Store' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| 18.10.66.1 (L2) Ensure 'Disable all apps from Microsoft Store' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.66.1 (L2) Ensure 'Disable all apps from Microsoft Store' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L2 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 18.10.66.1 (L2) Ensure 'Disable all apps from Microsoft Store' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 19.6.6.1.1 (L1) Ensure 'Turn off Help Experience Improvement Program' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 19.6.6.1.1 (L2) Ensure 'Turn off Help Experience Improvement Program' is set to 'Enabled' | CIS Windows Server 2012 DC L2 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 19.6.6.1.1 (L2) Ensure 'Turn off Help Experience Improvement Program' is set to 'Enabled' | CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 19.6.6.1.1 (L2) Ensure 'Turn off Help Experience Improvement Program' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 19.6.6.1.1 (L2) Ensure 'Turn off Help Experience Improvement Program' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 19.6.6.1.1 (L2) Ensure 'Turn off Help Experience Improvement Program' is set to 'Enabled' | CIS Windows Server 2012 R2 DC L2 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 19.6.6.1.1 Ensure 'Turn off Help Experience Improvement Program' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L2 Member Server | Windows | CONFIGURATION MANAGEMENT |
| 19.6.6.1.1 Ensure 'Turn off Help Experience Improvement Program' is set to 'Enabled' | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 19.6.6.1.1 Ensure 'Turn off Help Experience Improvement Program' is set to 'Enabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 80.1 (L2) Ensure 'Allow Font Providers' is set to 'Not allowed' | CIS Microsoft Intune for Windows 10 v4.0.0 L2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 80.1 (L2) Ensure 'Allow Font Providers' is set to 'Not allowed' | CIS Microsoft Intune for Windows 11 v4.0.0 L2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DISA_STIG_Splunk_Enterprise_7.x_for_Windows_OS_v3r1.audit from DISA Splunk Enterprise 7.x for Windows v3r1 STIG | DISA STIG Splunk Enterprise 7.x for Windows v3r1 OS | Windows | |
| WBLC-08-000236 - Oracle WebLogic must protect against or limit the effects of HTTP types of Denial of Service (DoS) attacks. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-CC-000024 - Device driver searches using Windows Update must be prevented. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
