| 1.3.1 Pre-authentication Banner | CIS Cisco NX-OS v1.2.0 L1 | Cisco | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 1.4.1 Enable Password Complexity Requirements for Local Credentials | CIS Cisco NX-OS v1.2.0 L1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| 1.7.2 Disable iPXE (Pre-boot eXecution Environment) | CIS Cisco NX-OS v1.2.0 L2 | Cisco | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 1.8 (L2) Host integrated hardware management controller must secure authentication | CIS VMware ESXi 8.0 v1.2.0 L2 | VMware | ACCESS CONTROL |
| 1.9.3 Configure source interface for SNMP Traps | CIS Cisco NX-OS v1.2.0 L1 | Cisco | CONFIGURATION MANAGEMENT |
| 1.9.4 Ensure Read Write privileges are not configured for SNMP | CIS Cisco NX-OS v1.2.0 L1 | Cisco | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.10 (L2) Host hardware must enable Intel SGX, if available | CIS VMware ESXi 8.0 v1.2.0 L2 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.12 (L2) Host integrated hardware management controller must deactivate internal networking | CIS VMware ESXi 8.0 v1.2.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 2.3.24.2 Ensure 'Remove Office Presentation Service from the list of online presentation services in PowerPoint and Word' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L2 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5 (L1) Host must only run binaries delivered via signed VIB | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.6.6.6.7 Ensure 'Unblock automatic download of linked images' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8.4.1.4 Ensure 'VBA Macro Notification Settings' is set to 'Enabled: Disable all except digitally signed macros' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.8.4.2 Ensure 'Publisher Automation Security Level' is set to 'Enabled: By UI (prompted)' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.9 (L1) Host must not suppress warnings about unmitigated hyperthreading vulnerabilities | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | AUDIT AND ACCOUNTABILITY |
| 2.10 (L1) Host must restrict inter-VM transparent page sharing | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.11.8.7.2.3.2 Ensure 'Disable all trusted locations' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 3.1.3.1 Set Interfaces with no Peers to Passive-Interface | CIS Cisco NX-OS v1.2.0 L1 | Cisco | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.1.4.2 Create and use a single Loopback Address for Routing Protocol Peering | CIS Cisco NX-OS v1.2.0 L2 | Cisco | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.1.4.3 Use Unicast Routing Protocols Only | CIS Cisco NX-OS v1.2.0 L2 | Cisco | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.2.5 Disable IP Source-Routing | CIS Cisco NX-OS v1.2.0 L1 | Cisco | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3 Ensure that MongoDB is run using a non-privileged, dedicated service account | CIS MongoDB 6 v1.2.0 L1 MongoDB | Unix | ACCESS CONTROL |
| 3.4 (L1) Host must deactivate SLP | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 3.4.1 Configure LLDP | CIS Cisco NX-OS v1.2.0 L1 | Cisco | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 3.4.2 Configure CDP | CIS Cisco NX-OS v1.2.0 L2 | Cisco | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5 (L1) Host must deactivate CIM | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 3.6 (L1) Host should deactivate SNMP | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 3.25 (L1) Host must display a login banner for SSH connections | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 4.4 (L1) Host must set the logging informational level to info | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | AUDIT AND ACCOUNTABILITY |
| 4.11 (L1) Host must use strict x509 verification for TLS-enabled remote logging endpoints | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 5.3 (L1) Host must restrict use of the dvFilter network API | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.8 (L1) Host should reject promiscuous mode requests on standard virtual switches and port groups | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.9 (L1) Host must restrict access to a default or native VLAN on standard virtual switches | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.10 (L1) Host must restrict the use of Virtual Guest Tagging (VGT) on standard virtual switches | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.2.1 (L1) Host must isolate storage communications | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.3 Ensure that server-side scripting is disabled if not needed | CIS MongoDB 6 v1.2.0 L2 MongoDB | Unix | CONFIGURATION MANAGEMENT |
| 6.5.1 (L1) Host SSH daemon, if enabled, must use FIPS 140-2/140-3 validated ciphers | CIS VMware ESXi 8.0 v1.2.0 L1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.5.2 (L1) Host SSH daemon, if enabled, must use FIPS 140-2/140-3 validated cryptographic modules | CIS VMware ESXi 8.0 v1.2.0 L1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.5.3 (L1) Host SSH daemon, if enabled, must not allow use of gateway ports | CIS VMware ESXi 8.0 v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 6.5.6 (L1) Host SSH daemon, if enabled, must set a timeout interval on idle sessions | CIS VMware ESXi 8.0 v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 6.5.9 (L1) Host SSH daemon, if enabled, must disable stream local forwarding | CIS VMware ESXi 8.0 v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 6.5.12 (L1) Host SSH daemon, if enabled, must not permit user environment settings | CIS VMware ESXi 8.0 v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 7.7 (L1) Virtual machines must limit PCI/PCIe device passthrough functionality | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 7.11 (L1) Virtual machines must remove unnecessary AHCI devices | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 7.19 (L1) Virtual machines must deactivate console paste operations | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 8.4 (L2) VMware Tools on deployed virtual machines must prevent being recustomized | CIS VMware ESXi 8.0 v1.2.0 L2 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 8.12 (L1) VMware Tools must limit the use of MSI transforms when reconfiguring VMware Tools | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 8.13 (L1) VMware Tools must enable VMware Tools logging | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | AUDIT AND ACCOUNTABILITY |
| CIS_Apache_Tomcat_8_L1_v1.1.0.audit from CIS Apache Tomcat 8 Benchmark | CIS Apache Tomcat 8 L1 v1.1.0 | Unix | |
| CIS_IBM_DB2_9_Benchmark_v3.0.1_Level_2_OS_Windows.audit from CIS IBM DB2 9 Benchmark v3.0.1 | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Windows | Windows | |
| CIS_VMware_ESXi_6.5_v1.0.0_L1_Bare_Metal.audit from CIS VMware ESXi 6.5 v1.0.0 benchmark | CIS VMware ESXi 6.5 v1.0.0 Level 2 Bare Metal | Unix | |
