| 1.2.7 Set 'exec-timeout' to less than or equal to 10 minutes 'line console 0' | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | ACCESS CONTROL |
| 1.2.8 Set 'exec-timeout' to less than or equal to 10 minutes 'line vty' | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | ACCESS CONTROL |
| 1.8.5 Ensure GDM screen locks cannot be overridden | CIS Oracle Linux 8 Server L1 v3.0.0 | Unix | ACCESS CONTROL |
| 1.8.5 Ensure GDM screen locks cannot be overridden | CIS Oracle Linux 8 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL |
| 2.2.1.2 Ensure 'Allow Siri while device is locked' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.2.1.15 Ensure 'Show Notification Center in Lock screen' is set to 'Disabled' | AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.4.5 Ensure 'Maximum grace period for device lock' is set to 'Immediately' | AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.4.5 Ensure 'Maximum grace period for device lock' is set to 'Immediately' | AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 3.2.1.2 Ensure 'Allow voice dialing while device is locked' is set to 'Disabled' | MobileIron - CIS Apple iOS 17 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.2.1.3 Ensure 'Allow Siri while device is locked' is set to 'Disabled' | MobileIron - CIS Apple iOS 17 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.4.4 Ensure 'Maximum Auto-Lock' is set to '2 minutes' or less | AirWatch - CIS Apple iOS 17 Institution Owned L1 | MDM | ACCESS CONTROL |
| 4.1.7 Ensure login and logout events are collected - /var/log/tallylog | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl /var/log/lastlog | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl /var/log/lastlog | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl /var/log/tallylog | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl faillog | CIS Fedora 19 Family Linux Workstation L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - lastlog | CIS Debian Family Server L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - rules.d /var/log/lastlog | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - rules.d /var/log/lastlog | CIS Oracle Linux 6 Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - rules.d /var/run/faillock/ | CIS Oracle Linux 6 Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - rules.d /var/run/faillock/ | CIS Oracle Linux 6 Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - /var/log/faillock | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - auditctl faillog | CIS Debian 9 Workstation L2 v1.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - auditctl lastlog | CIS Debian 9 Server L2 v1.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - /var/log/btmp | CIS Debian Family Server L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - /var/log/wtmp | CIS Debian Family Server L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/log/btmp | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/log/btmp | CIS Debian Family Server L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/log/btmp | CIS Oracle Linux 6 Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/log/wtmp | CIS Red Hat 6 Server L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/log/wtmp | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/run/utmp | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/run/utmp | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl utmp | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - rules.d /var/log/wtmp | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - rules.d /var/log/wtmp | CIS Oracle Linux 6 Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - rules.d /var/log/wtmp | CIS Oracle Linux 6 Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - rules.d /var/log/wtmp | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - rules.d /var/run/utmp | CIS Oracle Linux 6 Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - rules.d /var/run/utmp | CIS Red Hat 6 Server L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - utmp | CIS Fedora 19 Family Linux Workstation L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - wtmp | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - wtmp | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - /var/log/btmp | CIS Debian 9 Server L2 v1.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - /var/log/wtmp | CIS Debian 9 Server L2 v1.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - auditctl /var/run/utmp | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.4 Ensure the Sudo Timeout Period Is Set to Zero | CIS Apple macOS 13.0 Ventura v3.1.0 L1 | Unix | ACCESS CONTROL |
| 5.5 Ensure a Separate Timestamp Is Enabled for Each User/tty Combo | CIS Apple macOS 14.0 Sonoma v2.1.0 L1 | Unix | ACCESS CONTROL |
| 5.11 Ensure Logging Is Enabled for Sudo | CIS Apple macOS 15.0 Sequoia v1.1.0 L1 | Unix | ACCESS CONTROL |
| 18.5.9 (L1) Ensure 'MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires' is set to 'Enabled: 5 or fewer seconds' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | ACCESS CONTROL |
