| 1.1.4.1.10 Ensure 'Protection From Zone Elevation' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.5.1.7 (L1) Ensure 'Mime Sniffing Safety Feature' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.5.8 Ensure DNS is servers are configured | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.9.3 Configure source interface for SNMP Traps | CIS Cisco NX-OS v1.2.0 L1 | Cisco | CONFIGURATION MANAGEMENT |
| 2.1.1.3.2.1.2 (L2) Ensure 'Disable all trusted locations' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 2.1.1.4.1.1 Ensure 'Underline hyperlinks' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.4.1.2 (L1) Ensure 'Ask to update automatic links' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.4.7.2.4.1 (L1) Ensure 'Allow Trusted Locations on the network' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.7.2 (L1) Ensure 'Interactive logon: Do not require CTRL+ALT+DEL' is set to 'Disabled' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.10.13 (L1) Ensure 'Network access: Sharing and security model for local accounts' is set to 'Classic - local users authenticate as themselves' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.18.3 Ensure 'Always require users to connect to verify permission' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.27.4 Ensure 'ActiveX Control Initialization' is set to 'Enabled: 6' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.31.2 (L1) Ensure 'Suppress external signature services menu item' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.31.2 Ensure 'Suppress external signature services menu item' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.10.8.1.2.4 Ensure 'Restrict level of calendar details users can publish' is set to 'Enabled: Disables Full details and Limited details' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.10.8.4.1 Ensure 'Add e-mail recipients to users' Safe Senders Lists' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.10.8.4.4 Ensure 'Trust e-mail from contacts' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.6.6.6.2.2.4 (L1) Ensure 'Set document behavior if file validation fails' is set to 'Unchecked: Do not allow edit' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.6.6.6.2.3.1 (L1) Ensure 'Allow Trusted Locations on the network' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.6.6.6.2.7 Ensure 'Trust Access to Visual Basic Project' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.11.8.7.2.3.2 (L2) Ensure 'Disable all trusted locations' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 2.11.8.7.2.3.2 Ensure 'Disable all trusted locations' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 2.11.8.7.3 Ensure 'Make hidden markup visible' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 4.1.1 Ensure cron daemon is enabled and active | CIS Debian 10 Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.1.1 Ensure cron daemon is enabled and active | CIS CentOS Linux 7 v4.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 4.1.1.1 Ensure cron daemon is enabled and active | CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 4.7.3 (L1) Ensure 'Configure RPC connection settings: Protocol to use for outgoing RPC connections' is set to 'Enabled: RPC over TCP' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 4.7.4 (L1) Ensure 'Configure RPC connection settings: Use authentication for outgoing RPC connections' is set to 'Enabled: Default' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 4.11.5.1 (L1) Ensure 'Do not preserve zone information in file attachments (User)' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.4.3.1 Ensure nologin is not listed in /etc/shells | CIS Debian Linux 12 v1.1.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 18.1.1.2 (L1) Ensure 'Prevent enabling lock screen slide show' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.1.1.2 Ensure 'Prevent enabling lock screen slide show' is set to 'Enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.7.3 (L1) Ensure 'Configure RPC connection settings: Protocol to use for outgoing RPC connections' is set to 'Enabled: RPC over TCP' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT |
| 18.7.3 (L1) Ensure 'Configure RPC connection settings: Protocol to use for outgoing RPC connections' is set to 'Enabled: RPC over TCP' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 18.7.3 (L1) Ensure 'Configure RPC connection settings: Protocol to use for outgoing RPC connections' is set to 'Enabled: RPC over TCP' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.7.5 (L1) Ensure 'Configure RPC listener settings: Protocols to allow for incoming RPC connections' is set to 'Enabled: RPC over TCP' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.7.5 Ensure 'Configure RPC listener settings: Protocols to allow for incoming RPC connections' is set to 'Enabled: RPC over TCP' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.7.7 (L1) Ensure 'Configure RPC over TCP port' is set to 'Enabled: 0' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT |
| 18.7.12 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.7.12 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.7.12 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 18.7.12 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows Server 2022 v4.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 19.7.5.1 (L1) Ensure 'Do not preserve zone information in file attachments' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 19.7.5.1 (L1) Ensure 'Do not preserve zone information in file attachments' is set to 'Disabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 19.7.5.1 Ensure 'Do not preserve zone information in file attachments' is set to 'Disabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| Configure NetBIOS settings - EnableNetbios | MSCT Windows Server 2025 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| NetBT NodeType configuration - NodeType | MSCT Windows Server 2025 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Prevent enabling lock screen camera - NoLockScreenCamera | MSCT Windows Server 2025 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Prevent enabling lock screen slide show - NoLockScreenSlideshow | MSCT Windows Server 2025 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
