| 1.7 Ensure Software Update Deferment Is Less Than or Equal to 30 Days | CIS Apple macOS 14.0 Sonoma v2.1.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.6.1.1 Audit iCloud Configuration | CIS Apple macOS 10.14 v2.0.0 L2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2.1.13 Ensure 'Allow trusting new enterprise app authors' is set to 'Disabled' | AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 7.1 (L1) Ensure the vSwitch Forged Transmits policy is set to reject | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-12-011300 - Apple iOS must implement the management setting: Disable Allow Shared Albums. | MobileIron - DISA Apple iOS 12 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-13-011200 - Apple iOS/iPadOS must implement the management setting: Disable Allow MailDrop. | AirWatch - DISA Apple iOS/iPadOS 13 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-13-011200 - Apple iOS/iPadOS must implement the management setting: Disable Allow MailDrop. | MobileIron - DISA Apple iOS/iPadOS 13 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-14-009400 - Apple iOS/iPadOS must implement the management setting: Disable Allow MailDrop. | AirWatch - DISA Apple iOS/iPadOS 14 v1r3 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-14-009400 - Apple iOS/iPadOS must implement the management setting: Disable Allow MailDrop. | MobileIron - DISA Apple iOS/iPadOS 14 v1r3 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-15-011000 - Apple iOS/iPadOS 15 must implement the management setting: Disable Allow MailDrop. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-011000 - Apple iOS/iPadOS 15 must implement the management setting: Disable Allow MailDrop. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-011000 - Apple iOS/iPadOS 17 must implement the management setting: Disable Allow MailDrop. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-18-011000 - Apple iOS/iPadOS 18 must implement the management setting: disable Allow MailDrop. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-18-011000 - Apple iOS/iPadOS 18 must implement the management setting: disable Allow MailDrop. | MobileIron - DISA Apple iOS/iPadOS 18 v1r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| ARST-L2-000020 - The Arista MLS layer 2 switch must uniquely identify all network-connected endpoint devices before establishing any connection. | DISA STIG Arista MLS EOS 4.2x L2S v2r1 | Arista | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable Infrared (IR) support | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Big Sur - Disable Infrared (IR) support | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Big Sur - Disable Infrared (IR) support | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Big Sur - Disable Infrared (IR) support | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Big Sur - Disable TouchID for Unlocking the Device | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL |
| Big Sur - Disable TouchID for Unlocking the Device | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL |
| Catalina - Disable Infrared (IR) support | NIST macOS Catalina v1.5.0 - 800-171 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Catalina - Disable Infrared (IR) support | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Catalina - Disable Infrared (IR) support | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Microsoft Publisher 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO111 - The Internet Explorer Bind to Object functionality must be enabled. | DISA STIG Microsoft Publisher 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO117 - The Saved from URL mark must be selected to enforce Internet zone processing. | DISA STIG Microsoft Publisher 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO126 - Add-on Management functionality must be allowed. | DISA STIG Microsoft Publisher 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft Publisher 2013 v1r6 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft InfoPath 2013 v1r6 | Windows | CONFIGURATION MANAGEMENT |
| DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked. | DISA STIG Microsoft Publisher 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Microsoft Publisher 2013 v1r6 | Windows | CONFIGURATION MANAGEMENT |
| DTOO132 - File Downloads must be configured for proper restrictions. | DISA STIG Microsoft Publisher 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO133 - All automatic loading from Trusted Locations must be disabled. | DISA STIG Microsoft InfoPath 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO156 - Offline Mode capability to cache queries for offline mode must be configured. | DISA STIG Microsoft InfoPath 2013 v1r6 | Windows | CONFIGURATION MANAGEMENT |
| DTOO159 - Disabling of Fully Trusted Solutions access to computers must be configured. | DISA STIG Microsoft InfoPath 2013 v1r6 | Windows | CONFIGURATION MANAGEMENT |
| DTOO164 - Beaconing UI shown for opened forms must be configured. | DISA STIG Microsoft InfoPath 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO165 - Beaconing of UI forms with ActiveX controls must be enforced. | DISA STIG Microsoft InfoPath 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO168 - Disabling sending form templates with the email forms must be configured. | DISA STIG Microsoft InfoPath 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO169 - Disable dynamic caching of the form template in InfoPath eMail forms. | DISA STIG Microsoft InfoPath 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO170 - InfoPath 2003 forms as email forms in InfoPath 2013 must be disallowed. | DISA STIG Microsoft InfoPath 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO171 - Disabling email forms running in Restricted Security Level must be configured. | DISA STIG Microsoft InfoPath 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO172 - Disabling email forms from the Internet Security Zone must be configured. | DISA STIG Microsoft InfoPath 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO295 - InfoPath email forms in Outlook must be disallowed. | DISA STIG Microsoft InfoPath 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO296 - Disabling opening forms with managed code from the Internet security zone must be configured. | DISA STIG Microsoft InfoPath 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO309 - The InfoPath APTCA Assembly Allowable List must be enforced. | DISA STIG Microsoft InfoPath 2013 v1r6 | Windows | CONFIGURATION MANAGEMENT |
| DTOO323 - The Publisher Automation Security Level must be configured for high security. | DISA STIG Microsoft Publisher 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO999-Pub13 - The version of Microsoft Publisher running on the system must be a supported version. | DISA STIG Microsoft Publisher 2013 v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Disable Infrared (IR) support | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable TouchID for Unlocking the Device | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
