| 1.1 Ensure Latest SQL Server Cumulative and Security Updates are Installed | CIS SQL Server 2022 Database L1 AWS RDS v1.1.0 | MS_SQLDB | SYSTEM AND SERVICES ACQUISITION |
| 1.1 Ensure Latest SQL Server Cumulative and Security Updates are Installed | CIS SQL Server 2022 Database L1 DB v1.1.0 | MS_SQLDB | SYSTEM AND SERVICES ACQUISITION |
| 1.2 Ensure Single-Function Member Servers are Used | CIS SQL Server 2012 Database L1 OS v1.6.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5 Do not use the aufs storage driver | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 2.5 Do not use the aufs storage driver | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 2.5 Ensure aufs storage driver is not used | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 2.7 Do not use the aufs storage driver | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 2.11 Ensure SQL Server is configured to use non-standard ports | CIS SQL Server 2017 Database L1 AWS RDS v1.3.0 | MS_SQLDB | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.11 Ensure SQL Server is configured to use non-standard ports | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 2.11 Ensure SQL Server is configured to use non-standard ports | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 3.2 Ensure CONNECT permissions on the 'guest' user is Revoked within all SQL Server databases | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2 Ensure CONNECT permissions on the 'guest' user is Revoked within all SQL Server databases | CIS SQL Server 2017 Database L1 DB v1.3.0 | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2 Ensure CONNECT permissions on the 'guest' user is Revoked within all SQL Server databases | CIS SQL Server 2016 Database L1 DB v1.4.0 | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2 Ensure CONNECT permissions on the 'guest' user is Revoked within all SQL Server databases | CIS SQL Server 2022 Database L1 DB v1.1.0 | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.5 Ensure the SQL Server's MSSQL Service Account is Not an Administrator | CIS SQL Server 2022 Database L1 AWS RDS v1.1.0 | MS_SQLDB | ACCESS CONTROL |
| 3.5 Ensure the SQL Server's MSSQL Service Account is Not an Administrator | CIS SQL Server 2012 Database L1 OS v1.6.0 | Windows | ACCESS CONTROL |
| 4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2017 Database L1 DB v1.3.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2022 Database L1 DB v1.1.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 5.1.1.4 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Java' Packages | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 5.1.1.4 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Java' Packages | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 5.1.1.4 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Java' Packages - Java Packages | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.1.1.4 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Java' Packages - Java Packages | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.1.1.4 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "Java" Packages | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.1.4 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "Java" Packages | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 6.4 Ensure That the Cloud SQL Database Instance Requires All Incoming Connections To Use SSL | CIS Google Cloud Platform v3.0.0 L1 | GCP | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Android Compliance Policy - Password expiration (days) | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Android Compliance Policy - Require a password to unlock mobile devices | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Android Device Configuration - Camera | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Android Device Configuration - Google account auto sync | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Android Device Configuration - Password | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Android Work Profile Device Configuration - Maximum minutes of inactivity until work profile locks | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL |
| Android Work Profile Device Configuration - Required password type | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| iOS Compliance Policy - Device Threat Level | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL |
| iOS Compliance Policy - Jailbroken devices | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Compliance Policy - Maximum minutes after screen lock before password is required | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL |
| SQL4-00-012200 - SQL Server must produce Trace or Audit records containing sufficient information to establish the outcome (success or failure) of the events - success/failure of the events. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-016830 - SQL Server must have the Data Quality Client software component removed if it is unused. | DISA STIG SQL Server 2014 Instance OS Audit v2r4 | Windows | CONFIGURATION MANAGEMENT |
| SQL4-00-016850 - SQL Server must have the Management Tools software component removed if it is unused. | DISA STIG SQL Server 2014 Instance OS Audit v2r4 | Windows | CONFIGURATION MANAGEMENT |
| SQL6-D0-010000 - Access to database files must be limited to relevant processes and to authorized, administrative users. | DISA STIG SQL Server 2016 Instance OS Audit v3r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Windows Compliance Policy - Block USB debugging on device | Tenable Best Practices for Microsoft Intune Windows v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Windows Compliance Policy - Maximum minutes of inactivity before password is required | Tenable Best Practices for Microsoft Intune Windows v1.0 | microsoft_azure | ACCESS CONTROL |
| Windows Compliance Policy - Number of previous passwords to prevent reuse | Tenable Best Practices for Microsoft Intune Windows v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Windows Compliance Policy - Require a password to unlock mobile devices | Tenable Best Practices for Microsoft Intune Windows v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Windows Device Configuration - Behavior monitoring | Tenable Best Practices for Microsoft Intune Windows v1.0 | microsoft_azure | CONFIGURATION MANAGEMENT |
| Windows Device Configuration - Camera | Tenable Best Practices for Microsoft Intune Windows v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Windows Device Configuration - End-user access to Defender | Tenable Best Practices for Microsoft Intune Windows v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Windows Device Configuration - Geolocation | Tenable Best Practices for Microsoft Intune Windows v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Windows Device Configuration - Network and Internet | Tenable Best Practices for Microsoft Intune Windows v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Windows Device Configuration - NFC | Tenable Best Practices for Microsoft Intune Windows v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
