| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 7 v1.2.0 L1 Unix | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.2.4.7.2.2.2 Ensure 'Dif and Sylk files' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.7.2.2.4 Ensure 'Excel 2 worksheets' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.7.2.2.5 Ensure 'Excel 3 macrosheets and add-in files' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.7.2.2.7 Ensure 'Excel 4 macrosheets and add-in files' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.7.2.2.9 Ensure 'Excel 4 worksheets' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.7.2.3.1 Ensure 'Always open untrusted database files in Protected View' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.4.7.2.6 Ensure 'Block macros from running in Office files from the internet' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.7.2.8 Ensure 'Macro Notification Settings' is set to 'Enabled: Disable VBA macros except digitally signed macros' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.3.18.1 Ensure 'Allow users with earlier versions of Office to read with browsers...' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | ACCESS CONTROL |
| 2.3.18.3 Ensure 'Always require users to connect to verify permission' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.25.1.1 Ensure 'Allow users to submit feedback to Microsoft' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.25.1.4 Ensure 'Enable Customer Experience Improvement Program' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.27.4 Ensure 'ActiveX Control Initialization' is set to 'Enabled: 6' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.27.10 Ensure 'Disable all Trust Bar notifications for security issues' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.3.27.15 Ensure 'Load Controls in Forms3' is set to 'Enabled: 4' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.27.18 Ensure 'Protect document metadata for rights managed Office Open XML Files' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.31.2 Ensure 'Suppress external signature services menu item' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.1.2.1 Ensure 'Authentication with Exchange server' is set to 'Enabled: Kerberos Password Authentication' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND SERVICES ACQUISITION |
| 2.5.1.6.1 Ensure 'Download full text of articles as HTML attachments' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.1.6.2 Ensure 'Synchronize Outlook RSS Feeds with Common Feed List' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.9.2.1 Ensure 'PST Null Data on Delete' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | MEDIA PROTECTION |
| 2.5.10.8.1.2.4 Ensure 'Restrict level of calendar details users can publish' is set to 'Enabled: Disables Full details and Limited details' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.10.8.4.1 Ensure 'Add e-mail recipients to users' Safe Senders Lists' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.10.8.4.2 Ensure 'Hide Junk Mail UI' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.10.8.4.4 Ensure 'Trust e-mail from contacts' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.11.1 Ensure 'Turn off Outlook Social Connector' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.1.3 Ensure 'Display pictures and external content in HTML e-mail' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.2.1.2 Ensure 'Missing CRLs' is set to 'Enabled: Error' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.5.14.2.2 Ensure 'Do not display 'Publish to GAL' button' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.14.2.3 Ensure 'Do not provide Continue option on Encryption warning dialog boxes' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.3.1.2 Ensure 'Display Level 1 attachments' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.14.3.1.4 Ensure 'Do not prompt about Level 1 attachments when sending an item' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.14.3.2.2 Ensure 'Set Outlook object model custom actions execution prompt' is set to 'Enabled: Automatically Deny' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.3.3.2 Ensure 'Configure Outlook object model prompt when accessing an address book' is set to 'Enabled: Automatically Deny' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.3.3.4 Ensure 'Configure Outlook object model prompt when executing Save As' is set to 'Enabled: Automatically Deny' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.3.3.5 Ensure 'Configure Outlook object model prompt when reading address information' is set to 'Enabled: Automatically Deny' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.3.3.7 Ensure 'Configure Outlook object model prompt when sending mail' is set to 'Enabled: Automatically Deny' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.5 Ensure 'Allow Active X One Off Forms' is set to 'Enabled: Load only Outlook Controls' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.6.6.2.2.1 Ensure 'Do not open files from the Internet zone in Protected View' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.6.6.2.2.5 Ensure 'Turn off Protected View for attachments opened from Outlook' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.6.6.2.5 Ensure 'Disable Trust Bar Notification for unsigned application add-ins and block them' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.6.6.6.2.7 Ensure 'Trust Access to Visual Basic Project' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.6.6.6.4 Ensure 'Run Programs' is set to 'Enabled: disable (don't run any programs)' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.6.6.6.7 Ensure 'Unblock automatic download of linked images' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8.4.1.4 Ensure 'VBA Macro Notification Settings' is set to 'Enabled: Disable all except digitally signed macros' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.8.4.2 Ensure 'Publisher Automation Security Level' is set to 'Enabled: By UI (prompted)' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2 Ensure that role-based access control is enabled and configured appropriately | CIS MongoDB 7 v1.2.0 L1 MongoDB | MongoDB | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 7 v1.2.0 L2 Unix | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 7.2 Ensure appropriate database file permissions are set. | CIS MongoDB 7 v1.2.0 L1 Unix | Unix | ACCESS CONTROL, MEDIA PROTECTION |
