| 1.1.3.2.1.1 Ensure 'Allow Trusted Locations on the network' is set to Disabled | CIS Microsoft Office Access 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.7.2.3.1 Ensure 'Allow Trusted Locations on The Network' to Disabled | CIS Microsoft Office Excel 2013 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.7.2.3.1 Ensure 'Allow Trusted Locations on The Network' to Disabled | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.5.6 Create an 'access-list' for use with SNMP - 'SNMP permit secured by ACL' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8.7.2.3.1 Ensure 'Allow Trusted Locations on the Network' is set to Disabled | CIS Microsoft Office Word 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.1.1 Ensure a 'Consent Message' has been 'Configured' | AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.1.1 Ensure a 'Consent Message' has been 'Configured' | MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.1.1 Ensure a 'Consent Message' has been 'Configured' | AirWatch - CIS Apple iOS 18 Benchmark v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.3 Review Users, Groups, and Roles - Groups list | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | ACCESS CONTROL |
| 4.3.8 Ensure nftables default deny firewall policy | CIS Debian Linux 12 v1.1.0 L1 Workstation | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3.8 Ensure nftables default deny firewall policy | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3.8 Ensure nftables default deny firewall policy | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.12 Ensure all HTTP Header Logging options are enabled - Log Container Page | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 18.7.9 (L1) Ensure 'Limits print driver installation to Administrators' is set to 'Enabled' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.9 (L1) Ensure 'Limits print driver installation to Administrators' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.9 (L1) Ensure 'Limits print driver installation to Administrators' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.9 (L1) Ensure 'Limits print driver installation to Administrators' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.9 (L1) Ensure 'Limits print driver installation to Administrators' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v4.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| AIOS-18-015000 - Apple iOS/iPadOS 18 must disable app installation from a website. | MobileIron - DISA Apple iOS/iPadOS 18 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-015000 - Apple iOS/iPadOS 18 must disable app installation from a website. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| Allow Trusted Locations on the network - access | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| CISC-RT-000520 - The Cisco BGP router must be configured to reject outbound route advertisements for any prefixes that do not belong to any customers or the local autonomous system (AS). | DISA Cisco IOS XE Router RTR STIG v3r3 | Cisco | ACCESS CONTROL |
| CISC-RT-000520 - The Cisco BGP switch must be configured to reject outbound route advertisements for any prefixes that do not belong to any customers or the local autonomous system (AS). | DISA STIG Cisco IOS XE Switch RTR v3r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000520 - The Cisco BGP switch must be configured to reject outbound route advertisements for any prefixes that do not belong to any customers or the local autonomous system (AS). | DISA Cisco NX OS Switch RTR STIG v3r3 | Cisco | ACCESS CONTROL |
| EX16-ED-000570 - Exchange must render hyperlinks from email sources from non-.mil domains as unclickable. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX19-ED-000238 - Exchange must render hyperlinks from email sources from non-.mil domains as unclickable. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN002400 - The system must be checked weekly for unauthorized setuid files, as well as, unauthorized modification to authorized setuid files. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN002400 - The system must be checked weekly for unauthorized setuid files, as well as, unauthorized modification to authorized setuid files. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| O19C-00-019900 - Oracle Database must, for password-based authentication, require immediate selection of a new password upon account recovery. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| Prevent per-user installation of ActiveX controls | MSCT Windows 10 1803 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows 10 v21H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows Server 2019 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows 10 v1507 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows Server 1903 MS v1.19.9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows Server v20H2 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows 11 v22H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows 10 v20H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows 10 v21H1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows 10 1909 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows 10 v2004 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows 11 v23H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows Server 2025 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Review the list of Ports and their details | Tenable Best Practices OpenStack v2.0.0 | OpenStack | CONFIGURATION MANAGEMENT |
| SOL-11.1-020120 - The pidgin IM client package must not be installed. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-020130 - The FTP daemon must not be installed unless required. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-020130 - The FTP daemon must not be installed unless required. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-020150 - The telnet service daemon must not be installed unless required. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| Windows Firewall: Prohibit notifications | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Windows Firewall: Prohibit notifications | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Windows Firewall: Prohibit notifications | MSCT Windows 10 v1507 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
