| 1.2.1 Ensure the container host has been Hardened | CIS Docker v1.7.0 L1 Docker - Linux | Unix | CONFIGURATION MANAGEMENT |
| 1.8 Ensure the System is Managed by a Mobile Device Management (MDM) Software | CIS Apple macOS 15.0 Sequoia v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.8 Ensure the System is Managed by a Mobile Device Management (MDM) Software | CIS Apple macOS 14.0 Sonoma v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.9 Ensure the System is Managed by a Mobile Device Management (MDM) Software | CIS Apple macOS 12.0 Monterey v4.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.1.1 Backup Policy in Place | CIS MariaDB 10.6 Database L1 v1.1.0 | MySQLDB | CONTINGENCY PLANNING |
| 2.1.2 Verify Backups are Good | CIS MariaDB 10.6 Database L1 v1.1.0 | MySQLDB | CONTINGENCY PLANNING |
| 2.5.6 Ensure Limit Ad Tracking Is Enabled | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5.6 Ensure Limit Ad Tracking Is Enabled | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.6.1.4 Audit Find My Mac | CIS Apple macOS 12.0 Monterey v4.0.0 L2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2.1.14 Ensure 'Allow trusting new enterprise app authors' is set to 'Disabled' | AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | CONFIGURATION MANAGEMENT |
| 4.7 Ensure the 'secure_file_priv' is Configured Correctly | CIS MariaDB 10.6 Database L1 v1.1.0 | MySQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2 Ensure 'FILE' is Not Granted to Non-Administrative Users | CIS MariaDB 10.6 Database L1 v1.1.0 | MySQLDB | ACCESS CONTROL |
| 5.9 Ensure DML/DDL Grants are Limited to Specific Databases and Users | CIS MariaDB 10.6 Database L1 v1.1.0 | MySQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1 Ensure 'log_error' is configured correctly | CIS MariaDB 10.6 Database L1 v1.1.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.5 Ensure the Audit Plugin Can't be Unloaded | CIS MariaDB 10.6 Database L1 v1.1.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 7.1 Disable use of the mysql_old_password plugin | CIS MariaDB 10.6 Database L1 v1.1.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2.7 Ensure Advertising Privacy Protection in Safari Is Enabled | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3 Ensure strong authentication is utilized for all accounts | CIS MariaDB 10.6 Database L1 v1.1.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 8.2 Ensure 'ssl_type' is Set to 'ANY', 'X509', or 'SPECIFIED' for All Remote Users | CIS MariaDB 10.6 Database L1 v1.1.0 | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3 Set Maximum Connection Limits for Server and per User | CIS MariaDB 10.6 Database L1 v1.1.0 | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1 Ensure Replication Traffic is Secured | CIS MariaDB 10.6 Database L1 v1.1.0 | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2 Ensure 'MASTER_SSL_VERIFY_SERVER_CERT' is enabled | CIS MariaDB 10.6 Database L1 v1.1.0 | MySQLDB | CONFIGURATION MANAGEMENT |
| 9.3 Ensure 'super_priv' is Not Set to 'Y' for Replication Users | CIS MariaDB 10.6 Database L1 v1.1.0 | MySQLDB | ACCESS CONTROL |
| 9.5 Ensure mutual TLS is enabled | CIS MariaDB 10.6 Database L1 v1.1.0 | MySQLDB | CONFIGURATION MANAGEMENT |
| AIOS-02-090103 - Apple iOS device must have the latest available iOS operating system installed. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-10-080103 - Apple iOS must implement the management setting: not allow user to remove profiles that enforce DoD security requirements. | AirWatch - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-12-010900 - Apple iOS must implement the management setting: not allow use of Handoff. | AirWatch - DISA Apple iOS 12 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-12-011400 - Apple iOS device must have the latest available iOS operating system installed. | AirWatch - DISA Apple iOS 12 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-12-011400 - Apple iOS device must have the latest available iOS operating system installed. | MobileIron - DISA Apple iOS 12 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-13-011900 - Apple iOS/iPadOS must implement the management setting: not share location data through iCloud. | AirWatch - DISA Apple iOS/iPadOS 13 v2r1 | MDM | ACCESS CONTROL |
| AIOS-14-010100 - Apple iOS/iPadOS must implement the management setting: not share location data through iCloud. | AirWatch - DISA Apple iOS/iPadOS 14 v1r3 | MDM | ACCESS CONTROL |
| AIOS-14-011900 - Apple iOS must implement the management setting: not allow a user to remove Apple iOS configuration profiles that enforce DoD security requirements. | MobileIron - DISA Apple iOS/iPadOS 14 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-011700 - Apple iOS/iPadOS 15 must implement the management setting: not share location data through iCloud. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-013500 - Apple iOS must implement the management setting: not allow a user to remove Apple iOS configuration profiles that enforce DoD security requirements. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-011700 - Apple iOS/iPadOS 16 must implement the management setting: Not share location data through iCloud. | MobileIron - DISA Apple iOS/iPadOS 16 v2r1 | MDM | ACCESS CONTROL |
| AIOS-17-011700 - Apple iOS/iPadOS 17 must implement the management setting: not share location data through iCloud. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | ACCESS CONTROL |
| AIOS-17-013500 - Apple iOS must implement the management setting: not allow a user to remove Apple iOS configuration profiles that enforce DOD security requirements. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-013500 - Apple iOS must implement the management setting: not allow a user to remove Apple iOS configuration profiles that enforce DOD security requirements. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| APPL-14-002210 The macOS system must disable sending Siri and Dictation information to Apple. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002050 - The macOS system must disable Screen Sharing and Apple Remote Desktop. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL |
| APPL-15-002210 - The macOS system must disable sending Siri and Dictation information to Apple. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| Big Sur - Disable Sending Siri and Dictation Information to Apple | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Disable Sending Siri and Dictation Information to Apple | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Disable Sending Siri and Dictation Information to Apple | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Disable Sending Siri and Dictation Information to Apple | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Disable Sending Siri and Dictation Information to Apple | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Enforce Enrollment in Mobile Device Management | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | CONFIGURATION MANAGEMENT |
| Catalina - Enforce Enrollment in Mobile Device Management | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | CONFIGURATION MANAGEMENT |
| Monterey - Disable Sending Siri and Dictation Information to Apple | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Disable Sending Siri and Dictation Information to Apple | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
