| 1.2.3 Ensure GPG keys are configured | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.3 Ensure GPG keys are configured | CIS Red Hat 6 Server L1 v3.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.2 Set 'Specify use of ActiveX Installer Service for installation of ActiveX controls' to 'Enabled' | CIS IE 11 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.8 (L1) Host must require TPM-based configuration encryption | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2.1.13 Ensure 'Allow trusting new enterprise app authors' is set to 'Disabled' | AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.3 Review Users, Groups, and Roles - Users list | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | ACCESS CONTROL |
| 8.3.4 Ensure templates are used whenever possible to deploy VMs | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 8.3.4 Use templates to deploy VMs whenever possible | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | |
| 10.2 Ensure BIND Processes Run in the named_t Confined Context Type | CIS BIND DNS v1.0.0 L2 Authoritative Name Server | Unix | ACCESS CONTROL |
| 18.9.7.1.4 (L1) Ensure 'Display a custom message title when device installation is prevented by a policy setting' is set to 'Enabled: <Text>' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 18.9.85.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.90.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.90.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.80.1 Ensure 'Allow user control over installs' is set to 'Disabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | ACCESS CONTROL |
| 18.10.80.1 Ensure 'Allow user control over installs' is set to 'Disabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
| 18.10.80.1 Ensure 'Allow user control over installs' is set to 'Disabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 18.10.80.1 Ensure 'Allow user control over installs' is set to 'Disabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 18.10.80.1 Ensure 'Allow user control over installs' is set to 'Disabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 18.10.80.1 Ensure 'Allow user control over installs' is set to 'Disabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | ACCESS CONTROL |
| 18.10.80.1 Ensure 'Allow user control over installs' is set to 'Disabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | ACCESS CONTROL |
| 18.10.81.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | ACCESS CONTROL |
| 18.10.81.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | ACCESS CONTROL |
| 18.10.81.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 MS | Windows | ACCESS CONTROL |
| 18.10.81.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | ACCESS CONTROL |
| 18.10.81.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | ACCESS CONTROL |
| 18.10.81.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | ACCESS CONTROL |
| 18.10.81.1 (L1) Ensure 'Allow user control over installs' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | ACCESS CONTROL |
| Allow Trusted Locations on the network - allownetworklocations - excel | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow Trusted Locations on the network - allownetworklocations - excel | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow Trusted Locations on the network - allownetworklocations - ms project | MSCT Office 2016 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow Trusted Locations on the network - allownetworklocations - powerpoint | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow Trusted Locations on the network - allownetworklocations - powerpoint | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow Trusted Locations on the network - allownetworklocations - visio | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow Trusted Locations on the network - allownetworklocations - word | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| AS24-U1-000710 - The Apache web server must use a logging mechanism that is configured to allocate log record storage capacity large enough to accommodate the logging requirements of the Apache web server. | DISA STIG Apache Server 2.4 Unix Server v3r2 | Unix | AUDIT AND ACCOUNTABILITY |
| AS24-U1-000710 - The Apache web server must use a logging mechanism that is configured to allocate log record storage capacity large enough to accommodate the logging requirements of the Apache web server. | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| AS24-W1-000710 - The Apache web server must use a logging mechanism that is configured to allocate log record storage capacity large enough to accommodate the logging requirements of the Apache web server. | DISA STIG Apache Server 2.4 Windows Server v3r3 | Windows | AUDIT AND ACCOUNTABILITY |
| CISC-RT-000520 - The Cisco BGP router must be configured to reject outbound route advertisements for any prefixes that do not belong to any customers or the local autonomous system (AS). | DISA Cisco IOS Router RTR STIG v3r3 | Cisco | ACCESS CONTROL |
| CISC-RT-000530 - The Cisco BGP router must be configured to reject outbound route advertisements for any prefixes belonging to the IP core. | DISA Cisco IOS Router RTR STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000530 - The Cisco BGP switch must be configured to reject outbound route advertisements for any prefixes belonging to the IP core. | DISA STIG Cisco IOS XE Switch RTR v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure GPG keys are configured - apt-key list | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND INFORMATION INTEGRITY |
| FGFW-ND-000305 - The FortiGate device must only install patches or updates that are validated by the vendor via digital signature or hash. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT |
| GEN002460 - The system must be checked weekly for unauthorized setgid files as well as unauthorized modification to authorized setgid files. | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN002760-9 - The audit system must be configured to audit all administrative, privileged, and security actions - 'sched_setparam' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN002760-10 - The audit system must be configured to audit all administrative, privileged, and security actions - 'sched_setscheduler' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| KNOX-07-012400 - The Samsung Android 7 with Knox must implement the management setting: Disable Allow New Admin Install. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| O112-P2-010800 - The DBMS software installation account must be restricted to authorized users. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O121-P2-010800 - The DBMS software installation account must be restricted to authorized users. | DISA STIG Oracle 12c v3r2 Database | OracleDB | CONFIGURATION MANAGEMENT |
| SOL-11.1-020100 - The legacy remote network access utilities daemons must not be installed. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
| vNetwork : limit-network-healthcheck | VMWare vSphere 6.0 Hardening Guide | VMware | |
