| 2.3.11.1 (L1) Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.11.1 (L1) Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.11.1 (L1) Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.3.11.1 (L1) Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.11.1 (L1) Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.11.1 (L1) Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.11.1 (L1) Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.11.1 (L1) Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.11.1 (L1) Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.11.1 (L1) Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.11.1 (L1) Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.11.1 (L1) Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.11.1 Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.11 Ensure SQL Server is configured to use non-standard ports | CIS SQL Server 2014 Database L1 DB v1.5.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 2.13 Ensure 'sa' Login Account is set to 'Disabled' | CIS SQL Server 2012 Database L1 AWS RDS v1.6.0 | MS_SQLDB | ACCESS CONTROL |
| 2.13 Ensure 'sa' Login Account is set to 'Disabled' | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | ACCESS CONTROL |
| 3.2 Ensure CONNECT permissions on the 'guest' user is Revoked within all SQL Server databases | CIS SQL Server 2017 Database L1 AWS RDS v1.3.0 | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2 Ensure CONNECT permissions on the 'guest' user is Revoked within all SQL Server databases | CIS SQL Server 2022 Database L1 AWS RDS v1.1.0 | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2022 Database L1 AWS RDS v1.1.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2016 Database L1 DB v1.4.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2017 Database L1 AWS RDS v1.3.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' | CIS SQL Server 2017 Database L1 AWS RDS v1.3.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 6.2 Ensure the server is physically secure | CIS Sybase 15.0 L2 DB v1.1.0 | SybaseDB | |
| 6.5.4 (L1) Host SSH daemon, if enabled, must not allow host-based authentication | CIS VMware ESXi 8.0 v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| Android Compliance Policy - Number of previous passwords to prevent reuse | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Android Device Configuration - Encryption | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | SYSTEM AND COMMUNICATIONS PROTECTION |
| Android Device Configuration - Encryption on storage cards | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL |
| Android Device Configuration - Required password type | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Android Work Profile Device Configuration - Require Work Profile Password | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| EX16-ED-000550 - Exchange must have antispam filtering configured. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| SQL2-00-010600 - SQL Server must have allocated audit record storage capacity to meet the organization-defined requirements for saving audit record information. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - DATABASE_OBJECT_ACCESS_GROUP | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - DATABASE_OBJECT_PERMISSION_CHANGE_GROUP | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - DATABASE_ROLE_MEMBER_CHANGE_GROUP | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 15 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 16 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 18 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 90 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 106 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 115 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 153 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - Event ID 172 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - FAILED_LOGIN_GROUP | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - SERVER_OBJECT_CHANGE_GROUP | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - SERVER_OPERATION_GROUP | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - SERVER_PRINCIPAL_CHANGE_GROUP | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - SERVER_STATE_CHANGE_GROUP | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-011200 - SQL Server must generate Trace or Audit records for organization-defined auditable events - SUCCESSFUL_LOGIN_GROUP | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-016200 - SQL Server must have the publicly available Northwind sample database removed. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL6-D0-006800 - Database software, including DBMS configuration files, must be stored in dedicated directories, separate from the host OS and other applications. | DISA STIG SQL Server 2016 Instance OS Audit v3r4 | Windows | CONFIGURATION MANAGEMENT |
