| 1.3 Secure DNS service operating platform | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | |
| 1.4 Verify Security of Forwarding Partners | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | |
| 1.11 Ensure 'Unknown sources' is set to Disabled | AirWatch - CIS Google Android 7 v1.0.0 L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.1.4.1 Ensure cloud storage is set to enabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 2.2.1.10 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | |
| 3.4.2 Ensure 'Require alphanumeric value' is set to 'Enabled' | AirWatch - CIS Apple iPadOS 18 v1.0.0 L2 Institutionally Owned | MDM | IDENTIFICATION AND AUTHENTICATION |
| 5.2 Protecting Backups | CIS IBM DB2 v10 v1.1.0 Database Level 1 | IBM_DB2DB | |
| 5.2 Protecting Backups | CIS IBM DB2 v10 v1.1.0 Database Level 2 | IBM_DB2DB | |
| 5.2 Protecting Backups | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | |
| 5.2 Set 'Check for server certificate revocation' to 'Enabled' | CIS IE 11 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 7.1 Secure SYSADM authority - SYSADM Group | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | ACCESS CONTROL |
| 8.2 (L1) VMware Tools must have all software updates installed | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 9.1 Start and Stop DB2 Instance | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | |
| 18.7.9 (L2) Ensure 'Configure Windows protected print' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.7.9 (L2) Ensure 'Configure Windows protected print' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| AIOS-18-015100 - Apple iOS/iPadOS 18 must delete eSIM content when the device is erased. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | MEDIA PROTECTION |
| Check for server certificate revocation | MSCT Windows Server v1909 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Check for server certificate revocation | MSCT Windows Server v2004 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Check for server certificate revocation | MSCT Windows Server 2016 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Check for server certificate revocation | MSCT Windows 10 v2004 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Check for server certificate revocation | MSCT Windows 10 1803 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Check for server certificate revocation | MSCT Windows 10 v21H2 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Check for server certificate revocation | MSCT Windows 10 v1507 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Check for server certificate revocation | MSCT MSCT Windows Server 2022 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Check for server certificate revocation | MSCT Windows Server 1903 MS v1.19.9 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Check for server certificate revocation | MSCT Windows Server 2022 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Check for server certificate revocation | MSCT Windows Server v20H2 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Check for server certificate revocation | MSCT Windows 10 1909 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Check for server certificate revocation | MSCT Windows 10 v20H2 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Check for server certificate revocation | MSCT Windows 10 v22H2 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Check for server certificate revocation | MSCT Windows Server 2025 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Check for server certificate revocation | MSCT Windows 11 v24H2 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Check for signatures on downloaded programs | MSCT Windows Server 2016 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Check for signatures on downloaded programs | MSCT Windows Server 2022 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Check for signatures on downloaded programs | MSCT Windows Server 1903 MS v1.19.9 | Windows | CONFIGURATION MANAGEMENT |
| Check for signatures on downloaded programs | MSCT Windows Server v1909 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| GEN000520 - The root user must not own the logon session for an application requiring a continuous display. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN008480-ESXI5-000122 - The system must have USB Mass Storage disabled unless needed. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| Limits print driver installation to Administrators - RestrictDriverInstallationToAdministrators | MSCT Windows Server 2025 DC v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Limits print driver installation to Administrators - RestrictDriverInstallationToAdministrators | MSCT Windows Server 2025 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| SQL2-00-024500 - The Service Master Key must be backed up, stored offline and off-site. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL4-00-024500 - The Service Master Key must be backed up, stored offline and off-site. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| User Authentication Security - Local Authentication - Use a strong password that complies with your organization's password policy | Juniper Hardening JunOS 12 Devices Checklist | Juniper | IDENTIFICATION AND AUTHENTICATION |
| VCENTER-000022 - Network access to the vCenter Server system must be restricted. | DISA STIG VMWare ESXi vCenter 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-70-000285 - The vCenter Server must restrict access to cryptographic permissions. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-70-000291 - The vCenter Server must limit membership to the 'TrustedAdmins' Single Sign-On (SSO) group. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000274 - The vCenter Server must not configure all port groups to virtual local area network (VLAN) values reserved by upstream physical switches. | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000020 - The vCenter Server must not configure all port groups to VLAN values reserved by upstream physical switches. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-65-000020 - The vCenter Server for Windows must not configure all port groups to VLAN values reserved by upstream physical switches. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | CONFIGURATION MANAGEMENT |
| WN12-00-000004 - Users with administrative privilege must be documented. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
