| 1.3.1 Ensure 'Minimum Password Complexity' is enabled | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| 1.3.1 Ensure 'Minimum Password Complexity' is enabled | CIS Palo Alto Firewall 11 v1.1.0 L1 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| 2.2.24 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.24 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.27 Ensure 'Deny log on as a service' to include 'Enterprise Admins Group and Domain Admins Group' (STIG MS only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.2.30 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (DC only) | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.2.31 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (DC only) | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.2.32 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (DC only) | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.32 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' and (when the Web Server (IIS) Role with Web Services Role Service is installed) 'IIS_IUSRS' (MS only) | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.2.37 Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.41 Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (DC only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.41 Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (DC only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.42 Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.42 Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' and (when the Web Server (IIS) Role with Web Services Role Service is installed) 'IIS_IUSRS' (MS only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure detailed logging is enabled | CIS NGINX Benchmark v2.1.0 L1 Loadbalancer | Unix | AUDIT AND ACCOUNTABILITY |
| 18.6.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.6.19.2.1 (L2) Disable IPv6 (Ensure TCPIP6 Parameter 'DisabledComponents' is set to '0xff (255)') | CIS Microsoft Windows Server 2019 v4.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.10.75.2.2 Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.75.2.2 Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 20.30 Ensure 'FTP servers must be configured to prevent anonymous logons' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.30 Ensure 'FTP servers must be configured to prevent anonymous logons' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.30 Ensure 'FTP servers must be configured to prevent anonymous logons' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.30 Ensure 'FTP servers must be configured to prevent anonymous logons' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.30 Ensure 'FTP servers must be configured to prevent anonymous logons' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| CIS_Apache_HTTP_Server_2.4_v2.2.0_L1.audit from CIS Apache HTTP Server 2.4 Benchmark v2.2.0 | CIS Apache HTTP Server 2.4 v2.2.0 L1 | Unix | |
| CIS_Apple_macOS_10.15_Catalina_v3.0.0_L2.audit from CIS Apple macOS 10.15 Catalina Benchmark v3.0.0 | CIS Apple macOS 10.15 Catalina v3.0.0 L2 | Unix | |
| CIS_Apple_macOS_14.0_Sonoma_v2.1.0_L1.audit from CIS Apple macOS 14.0 Sonoma Benchmark v2.1.0 | CIS Apple macOS 14.0 Sonoma v2.1.0 L1 | Unix | |
| CIS_Apple_macOS_15.0_Sequoia_v1.1.0_L1.audit from CIS Apple macOS 15.0 Sequoia Benchmark v1.1.0 | CIS Apple macOS 15.0 Sequoia v1.1.0 L1 | Unix | |
| CIS_Apple_macOS_15.0_Sequoia_v1.1.0_L2.audit from CIS Apple macOS 15.0 Sequoia Benchmark v1.1.0 | CIS Apple macOS 15.0 Sequoia v1.1.0 L2 | Unix | |
| CIS_Fedora_28_Family_Linux_Server_L1_v2.0.0.audit from CIS Fedora 28 Family Linux Benchmark v2.0.0 | CIS Fedora 28 Family Linux Workstation L2 v2.0.0 | Unix | |
| CIS_Fedora_28_Family_Linux_Server_L1_v2.0.0.audit from CIS Fedora 28 Family Linux Benchmark v2.0.0 | CIS Fedora 28 Family Linux Server L2 v2.0.0 | Unix | |
| CIS_Google_Container-Optimized_OS_v1.2.0_L2_Server.audit from CIS Google Container-Optimized OS Benchmark v1.2.0 | CIS Google Container-Optimized OS v1.2.0 L2 Server | Unix | |
| CIS_Google_Kubernetes_Engine_GKE_v1.7.0_L1.audit from CIS Google Kubernetes Engine (GKE) Benchmark v1.7.0 | CIS Google Kubernetes Engine (GKE) v1.7.0 L1 | Unix | |
| CIS_Microsoft_Exchange_Server_2013_Level_1_Mailbox_v1.1.0.audit from CIS Microsoft Exchange Server 2013 v1.1.0 Benchmark | CIS Microsoft Exchange Server 2013 Mailbox v1.1.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| CIS_Microsoft_Intune_for_Office_v1.1.0_L1.audit from CIS Microsoft Intune for Office Benchmark v1.1.0 | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | |
| CIS_Microsoft_Windows_10_Enterprise_v4.0.0_L2.audit from CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 | CIS Microsoft Windows 10 Enterprise v4.0.0 L2 | Windows | |
| CIS_Microsoft_Windows_11_Enterprise_v4.0.0_L1.audit from CIS Microsoft Windows 11 Enterprise Benchmark v4.0.0 | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | |
| CIS_Microsoft_Windows_Server_2016_STIG_v3.0.0_L1_MS.audit from CIS Microsoft Windows Server 2016 STIG Benchmark v3.0.0 | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | |
| CIS_Microsoft_Windows_Server_2016_STIG_v3.0.0_L2_DC.audit from CIS Microsoft Windows Server 2016 STIG Benchmark v3.0.0 | CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 DC | Windows | |
| CIS_Microsoft_Windows_Server_2016_STIG_v3.0.0_L2_MS.audit from CIS Microsoft Windows Server 2016 STIG Benchmark v3.0.0 | CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 MS | Windows | |
| CIS_Microsoft_Windows_Server_2022_STIG_v2.0.0_L2_Member_Server.audit from CIS Microsoft Windows Server 2022 STIG Benchmark v2.0.0 | CIS Microsoft Windows Server 2022 STIG v2.0.0 L2 Member Server | Windows | |
| CIS_MS_Office_Word_2013_v1.1.0.audit from CIS Microsoft Office Word 2013 Benchmark v1.1.0 | CIS Microsoft Office Word 2013 v1.1.0 | Windows | |
| CIS_MySQL_5.6_Community_Benchmark_v2.0.0_OS_MS_L1.audit from CIS Oracle MySQL 5.6 Community Edition Benchmark | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | |
| CIS_MySQL_5.6_Enterprise_Benchmark_v2.0.0_OS_UNIX_L2.audit from CIS Oracle MySQL 5.6 Enterprise Edition Benchmark | CIS MySQL 5.6 Enterprise Linux OS L2 v2.0.0 | Unix | |
| CIS_Red_Hat_Enterprise_Linux_7_v4.0.0_L2_Workstation.audit from CIS Red Hat Enterprise Linux 7 Benchmark v4.0.0 | CIS Red Hat Enterprise Linux 7 v4.0.0 L2 Workstation | Unix | |
| CIS_Red_Hat_Enterprise_Linux_9_v2.0.0_L1_Workstation.audit from CIS Red Hat Enterprise Linux 9 Benchmark v2.0.0 | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | |
| DISA_STIG_IIS_10.0_Web_Server_v2r10.audit from DISA Microsoft IIS 10.0 Server v2r10 STIG | DISA IIS 10.0 Server v2r10 | Windows | |
| DISA_STIG_IIS_10.0_Web_Server_v3r3.audit from DISA Microsoft IIS 10.0 Server v3r3 STIG | DISA IIS 10.0 Server v3r3 | Windows | |
| DISA_STIG_IIS_10.0_Web_Site_v2r11.audit from DISA Microsoft IIS 10.0 Site v2r11 STIG | DISA IIS 10.0 Site v2r11 | Windows | |
| EX13-CA-000040 - Exchange must have IIS map client certificates to an approved certificate server. | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | ACCESS CONTROL |
