| 1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.4 Ensure 'Minimum password length' is set to '14 or more character(s)' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.5 (L1) Ensure 'Password must meet complexity requirements' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.5 (L1) Ensure 'Password must meet complexity requirements' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.5 (L1) Ensure 'Password must meet complexity requirements' is set to 'Enabled' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.6 Ensure 'Password must meet complexity requirements' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.2.29 (L2) Configure 'Log on as a service' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.29 (L2) Ensure 'Log on as a service' is configured | CIS Microsoft Windows 11 Stand-alone v4.0.0 L2 BL | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.29 (L2) Ensure 'Log on as a service' is configured | CIS Microsoft Windows 10 Enterprise v4.0.0 L2 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.29 (L2) Ensure 'Log on as a service' is configured | CIS Microsoft Windows 10 Enterprise v4.0.0 L2 NG | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.5 Verify that docker.socket file ownership is set to root:root | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 5.4 Ensure 'HomeGroup Provider (HomeGroupProvider)' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.2.3 Ensure all users' home directories exist | CIS Debian Family Server L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.3 Ensure all users' home directories exist | CIS Debian Family Workstation L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.4 Ensure all users' home directories exist | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.4 Ensure all users' home directories exist | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.8 Ensure all users' home directories exist | CIS Red Hat 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.8 Ensure all users' home directories exist | CIS CentOS 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.8 Ensure all users' home directories exist | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.8 Ensure all users' home directories exist | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.9 Ensure all users' home directories exist | CIS CentOS Linux 8 Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.2.9 Ensure all users' home directories exist | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.2.11 Ensure all users' home directories exist | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 6.2.11 Ensure all users' home directories exist | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.2.11 Ensure all users' home directories exist | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.2.11 Ensure all users' home directories exist | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.2.11 Ensure all users' home directories exist | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.2.11 Ensure all users' home directories exist - such as /home or an equivalent. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 7.1 Set Password Expiration Parameters on Active Accounts - logins | CIS Solaris 11.1 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.1 Set Password Expiration Parameters on Active Accounts - MINWEEKS = 1 | CIS Solaris 11 L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.1 Set Password Expiration Parameters on Active Accounts - WARNWEEKS = 4 | CIS Solaris 11 L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 8.3.30 Set 'Use SmartScreen Filter' to 'Enabled:Enable' | CIS IE 9 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 8.6.1 Set 'Use SmartScreen Filter' to 'Enabled:Enable' | CIS IE 9 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.11.2.9 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Configure storage of BitLocker recovery information to AD DS:' is set to 'Enabled: Store recovery passwords and key packages' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, CONTINGENCY PLANNING |
| 18.10.9.1.11 (BL) Ensure 'Configure use of passwords for fixed data drives' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.10.10.1.11 (BL) Ensure 'Configure use of passwords for fixed data drives' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.10.10.1.11 (BL) Ensure 'Configure use of passwords for fixed data drives' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.10.10.3.11 (BL) Ensure 'Configure use of passwords for removable data drives' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.10.10.3.11 (BL) Ensure 'Configure use of passwords for removable data drives' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| KNOX-07-001100 - The Samsung Android 7 with Knox must be configured to enforce an application installation policy. Disable Google Play. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-001200 - The Samsung Android 7 with Knox must be configured to enforce an application installation policy. Disable unknown sources. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-001200 - The Samsung Android 7 with Knox must be configured to enforce an application installation policy. Disable unknown sources. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-012300 - The Samsung Android 7 with Knox must implement the management setting: Install DoD root and intermediate PKI certificates. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-013000 - The Samsung Android 7 with Knox must implement the management setting: Enable Certificate Revocation Status (CRL) Check. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-913500 - The Samsung Android 7 with Knox must be configured to disable sharing of contact information outside the Container. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| MS.TEAMS.5.3v1 - Agencies SHOULD only allow installation of custom apps approved by the agency. | CISA SCuBA Microsoft 365 Teams v1.5.0 | microsoft_azure | ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND INFORMATION INTEGRITY |
| OL07-00-040110 - The Oracle Linux 7 operating system must implement DoD-approved encryption to protect the confidentiality of SSH connections. | DISA Oracle Linux 7 STIG v3r2 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| WBSP-AS-000211 - The WebSphere Application Server Java 2 security must be enabled. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | ACCESS CONTROL |
| WBSP-AS-000211 - The WebSphere Application Server Java 2 security must be enabled. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | ACCESS CONTROL |
| WBSP-AS-000211 - The WebSphere Application Server Java 2 security must be enabled. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | ACCESS CONTROL |
