| 1.1.1.1 Ensure cramfs kernel module is not available | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.4 Ensure overlay kernel module is not available | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.2.3.3 Ensure nosuid option set on /home partition | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.4.2 Ensure nodev option set on /var partition | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.5.4 Ensure noexec option set on /var/tmp partition | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION |
| 1.1.2.7.3 Ensure nosuid option set on /var/log/audit partition | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION |
| 1.2.1 Ensure GPG keys are configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.4 Ensure package manager repositories are configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.4.1.3 Ensure SELinux policy is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.4.1.4 Ensure the SELinux mode is not disabled | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.5.4 Ensure fs.suid_dumpable is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 1.5.7 Ensure kernel.yama.ptrace_scope is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.5.10 Ensure systemd-coredump Storage is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.6.2 Ensure local login warning banner is configured properly | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.1.1 Ensure time synchronization is in use | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 2.1.2 Ensure chrony is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.5 Ensure dnsmasq services are not in use | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.6 Ensure samba file server services are not in use | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.10 Ensure nis server services are not in use | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.16 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests, Local account' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.16 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests, Local account' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.16 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.16 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.16 Ensure 'Deny access to this computer from the network' to include 'Guests, Local account' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 2.3.1 Ensure ftp client is not installed | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure can kernel module is not available | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.2.2 Ensure sctp kernel module is not available | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.3.1.3 Ensure net.ipv4.conf.default.forwarding is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.3.1.8 Ensure net.ipv4.conf.all.accept_redirects is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.3.1.11 Ensure net.ipv4.conf.default.secure_redirects is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.3.1.12 Ensure net.ipv4.conf.all.rp_filter is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.3.1.13 Ensure net.ipv4.conf.default.rp_filter is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.3.1.16 Ensure net.ipv4.conf.all.log_martians is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.3.1.17 Ensure net.ipv4.conf.default.log_martians is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.3.1.18 Ensure net.ipv4.tcp_syncookies is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3.2.1 Ensure net.ipv6.conf.all.forwarding is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.3.2.5 Ensure net.ipv6.conf.all.accept_source_route is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 4.10.9.1.1 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v4.0.0 BL | Windows | MEDIA PROTECTION |
| 5.1.1.2 Ensure access to /etc/crontab is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.1.4 Ensure access to /etc/cron.daily is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.1.5 Ensure access to /etc/cron.weekly is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.1.8 Ensure access to crontab is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | ACCESS CONTROL |
| 5.2.1 Ensure access to /etc/ssh/sshd_config is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 18.9.7.1.3 Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked) | CIS Microsoft Windows 11 Enterprise v5.0.1 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.7.1.4 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 BL | Windows | MEDIA PROTECTION |
| 18.9.7.1.4 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | MEDIA PROTECTION |
| 18.9.7.1.6 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked) | CIS Microsoft Windows 10 Enterprise v4.0.0 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.7.1.6 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked) | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| VM : disable-unexposed-features-getcreds | VMWare vSphere 6.0 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-launchmenu | VMWare vSphere 6.0 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
