| 2.5.7 Monitor Location Services Access | CIS Apple macOS 10.13 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.6.7 Monitor Location Services Access | CIS Apple macOS 10.12 L2 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.11 Java 6 is not the default Java runtime | CIS Apple macOS 10.13 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.3.14 Ensure events that modify the system's Mandatory Access Controls are collected | CIS CentOS Linux 8 Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.14 Ensure only strong MAC algorithms are used | CIS Debian 10 Server L1 v2.0.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Ensure the latest iOS device architecture is used by high-value targets | AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L2 | MDM | SYSTEM AND INFORMATION INTEGRITY |
| 4.5 Ensure the latest iOS device architecture is used by high-value targets | AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L2 | MDM | SYSTEM AND INFORMATION INTEGRITY |
| 4.5 Ensure the latest iOS device architecture is used by high-value targets | MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L2 | MDM | SYSTEM AND INFORMATION INTEGRITY |
| 4.5 Ensure the latest iOS device architecture is used by high-value targets | AirWatch - CIS Apple iOS 12 v1.0.0 End User Owned L2 | MDM | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.3.14 Ensure events that modify the system's Mandatory Access Controls are collected | CIS Red Hat Enterprise Linux 7 v4.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.14 Ensure events that modify the system's Mandatory Access Controls are collected | CIS Oracle Linux 7 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.14 Ensure events that modify the system's Mandatory Access Controls are collected | CIS CentOS Linux 7 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.11 Ensure only approved MAC algorithms are used | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.11 Ensure only approved MAC algorithms are used | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.13 Ensure only strong MAC algorithms are used | CIS Debian Family Server L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.13 Ensure only strong MAC algorithms are used | CIS Debian Family Workstation L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.14 Ensure only strong MAC algorithms are used | CIS Debian 8 Workstation L1 v2.0.2 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.14 Ensure only strong MAC algorithms are used | CIS Debian 9 Server L1 v1.0.1 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.17 Ensure only strong MAC algorithms are used | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.2.3.14 Ensure events that modify the system's Mandatory Access Controls are collected | CIS Debian Linux 12 v1.1.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.14 Ensure events that modify the system's Mandatory Access Controls are collected | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.14 Ensure events that modify the system's Mandatory Access Controls are collected | CIS Ubuntu Linux 22.04 LTS v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.4.3.14 Ensure events that modify the system's Mandatory Access Controls are collected | CIS Debian Linux 11 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 (L1) Ensure the vSwitch MAC Address Change policy is set to reject | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure the vSwitch MAC Address Change policy is set to reject | CIS VMware ESXi 6.7 v1.3.0 Level 1 | VMware | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Disable Apple ID Setup during Setup Assistant | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Big Sur - Disable Apple ID Setup during Setup Assistant | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Big Sur - Disable Apple ID Setup during Setup Assistant | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Big Sur - Disable Power Nap | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | CONFIGURATION MANAGEMENT |
| Big Sur - Disable Remote Apple Events | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Big Sur - Disable Remote Apple Events | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Big Sur - Disable Remote Apple Events | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Big Sur - Disable the System Preference Pane for Apple ID | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Big Sur - Disable the System Preference Pane for Apple ID | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Catalina - Disable Apple ID Setup during Setup Assistant | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Catalina - Disable Apple ID Setup during Setup Assistant | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Catalina - Disable Power Nap | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | CONFIGURATION MANAGEMENT |
| Catalina - Disable Remote Apple Events | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Catalina - Disable the System Preference Pane for Apple ID | NIST macOS Catalina v1.5.0 - 800-171 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| CISC-RT-000720 - The Cisco PE router must be configured to limit the number of MAC addresses it can learn for each Virtual Private LAN Services (VPLS) bridge domain. | DISA Cisco IOS XR Router RTR STIG v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI5-VMNET-000013 - The system must ensure that the virtual switch Forged Transmits policy is set to reject. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| ESXI5-VMNET-000014 - The system must ensure that the dvPortgroup Forged Transmits policy is set to reject. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| Monterey - Disable Apple ID Setup during Setup Assistant | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Power Nap | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | CONFIGURATION MANAGEMENT |
| Monterey - Disable Remote Apple Events | NIST macOS Monterey v1.0.0 - 800-171 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Remote Apple Events | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable the System Preference Pane for Apple ID | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable the System Preference Pane for Apple ID | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable the System Preference Pane for Apple ID | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable the System Preference Pane for Apple ID | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
