| 1.1.6 Ensure separate partition exists for /var | CIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.6 Ensure separate partition exists for /var | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.3.9 (L1) Ensure 'Default geolocation setting' is set to 'Enabled: Don't allow any site to track users' physical location' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.7.1.2 Ensure local login warning banner is configured properly - mrsv | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.99 (L1) Ensure 'Enable security warnings for command-line flags' is set to 'Enabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.4.5 Ensure 'SMTP automated banner response' is set to '220 SMTP Server Ready' | CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.10 Enable Secure Keyboard Entry in terminal.app | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.22 Use Docker's secret management commands for managing secrets in a Swarm cluster | CIS Docker 1.13.0 v1.0.0 L2 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.1 Set a nondeterministic Shutdown command value. | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 3.1 Verify that docker.service file ownership is set to root:root | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.1 Verify that docker.service file ownership is set to root:root | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.2 Verify that docker.service file permissions are set to 644 or more restrictive | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.7 Set 'Enable non-delivery reports to remote domains' to 'False' | CIS Microsoft Exchange Server 2013 Hub v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 3.7 Set 'Enable non-delivery reports to remote domains' to 'False' | CIS Microsoft Exchange Server 2016 Hub v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 3.9 Verify that TLS CA certificate file ownership is set to root:root | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.9 Verify that TLS CA certificate file ownership is set to root:root | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.11 Verify that Docker server certificate file ownership is set to root:root | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.12 Verify that Docker server certificate file permissions are set to 444 or more restrictive | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.12 Verify that Docker server certificate file permissions are set to 444 or more restrictive | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.13 Verify that Docker server certificate key file ownership is set to root:root | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.14 Configuration: /etc/motd | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.16 Verify that Docker socket file permissions are set to 660 or more restrictive | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.17 Verify that daemon.json file ownership is set to root:root | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.18 Verify that daemon.json file permissions are set to 644 or more restrictive | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.18 Verify that daemon.json file permissions are set to 644 or more restrictive | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.20 Verify that /etc/default/docker file permissions are set to 644 or more restrictive | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 4.6 Add HEALTHCHECK instruction to the container image | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 5.1 Use secure Realms | CIS Apache Tomcat 7 L2 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 5.7 Choosing Wildfire public cloud region | CIS Palo Alto Firewall 11 v1.1.0 L2 | Palo_Alto | CONFIGURATION MANAGEMENT |
| 5.7 Do not map privileged ports within containers | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 5.26 Check container health at runtime | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 6.2 Turn on filename extensions | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 7.2.2 Ensure that port groups are not configured to VLAN 4095 except for Virtual Guest Tagging (VGT) | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 8.2.2 Ensure the rsyslog Service is activated - run level 2 | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.2.2 Ensure the rsyslog Service is activated - run level 3 | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.1.1 Enable cron Daemon - anacron run level 2 | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.1.1 Enable cron Daemon - cron run level 2 | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.1.1 Enable cron Daemon - cron run level 4 | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 10.1 Ensure Web content directory is on a separate partition from the Tomcat system files (verify Web content directory) | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 10.6 Enable strict servlet Compliance | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 10.20 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - context.xml | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 18.1.1.2 Ensure 'Prevent enabling lock screen slide show' is set to 'Enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller | Windows | CONFIGURATION MANAGEMENT |
| 18.7.5 Ensure 'Configure RPC listener settings: Protocols to allow for incoming RPC connections' is set to 'Enabled: RPC over TCP' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller | Windows | CONFIGURATION MANAGEMENT |
| 18.10.8.1.1 Ensure 'Configure enhanced anti-spoofing' is set to 'Enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller | Windows | CONFIGURATION MANAGEMENT |
| Configure Edge TyposquattingChecker | MSCT Edge v98 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Enable browser legacy extension point blocking | MSCT Edge v98 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Enhance images enabled | MSCT Edge v98 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Routing Protocol Security - BGP communication should source from a loopback interface | Juniper Hardening JunOS 12 Devices Checklist | Juniper | CONFIGURATION MANAGEMENT |
| Show the Reload in Internet Explorer mode button in the toolbar | MSCT Edge v124 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Show the Reload in Internet Explorer mode button in the toolbar | MSCT Edge v98 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
