| 1.1.6 Ensure separate partition exists for /var | CIS Amazon Linux v2.1.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 1.5 Configure DB2 to use non-standard ports - Port 50000 | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | CONFIGURATION MANAGEMENT |
| 1.13 WN16-00-000150 | CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT I | Windows | CONFIGURATION MANAGEMENT |
| 1.29 WN19-00-000290 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.43 WN16-00-000440 | CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.43 WN19-00-000430 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.45 WN19-00-000450 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.66 (L1) Ensure 'Clear browsing data when Microsoft Edge closes' is set to 'Disabled' | CIS Microsoft Edge v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.82 (L2) Ensure 'Default sensors setting' is set to 'Enabled: Do not allow any site to access sensors' | CIS Microsoft Edge v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 1.111 WN19-CC-000180 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.113 (L2) Ensure 'Enforce Bing SafeSearch' is set to 'Enabled: Configure moderate search restrictions in Bing' | CIS Microsoft Edge v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 1.123 WN16-CC-000350 | CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.124 WN16-CC-000360 | CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.131 WN16-CC-000421 | CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.253 WN19-UC-000010 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | CONFIGURATION MANAGEMENT |
| 2.2.2 Ensure time set is within appropriate limits | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.2 Ensure time set is within appropriate limits | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.10.13 (L1) Ensure 'Network access: Sharing and security model for local accounts' is set to 'Classic - local users authenticate as themselves' | CIS Microsoft Windows Server 2016 v4.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 2.3.15.1 (L1) Ensure 'System objects: Require case insensitivity for non-Windows subsystems' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v4.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 2.3.15.2 (L1) Ensure 'System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 2.4.1.1 Ensure cron daemon is enabled and active | CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.1 Set a nondeterministic Shutdown command value. | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2 Verify that docker.service file permissions are set to 644 or more restrictive | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.3.2 clean_partial_conns | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.4 Verify that docker.socket file permissions are set to 644 or more restrictive | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.10 Verify that TLS CA certificate file permissions are set to 444 or more restrictive | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.11 Verify that Docker server certificate file ownership is set to root:root | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.12 Verify that Docker server certificate file permissions are set to 444 or more restrictive | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 4.1.1.1 Ensure cron daemon is enabled and active | CIS Oracle Linux 7 v4.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 4.1.13 Ensure a Secure Connect Procedure is Used (CONNECT_PROC) | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | CONFIGURATION MANAGEMENT |
| 4.2 Enable 'Show Wi-Fi status in menu bar' - Show Wi-Fi status in menu bar | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.10 Verify iPhone Mirroring Settings | AirWatch - CIS Apple iOS 18 Benchmark v1.1.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT |
| 5.4.3.1 Ensure nologin is not listed in /etc/shells | CIS Debian Linux 12 v1.1.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 5.4.3.1 Ensure nologin is not listed in /etc/shells | CIS Ubuntu Linux 20.04 LTS v3.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 6.2 Turn on filename extensions | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.5.2 (L1) Ensure MailTips are enabled for end users | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 7.2.2 (L1) Ensure SharePoint and OneDrive integration with Azure AD B2B is enabled | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 8.2.11 Keep Master Key Labels Unique | CIS IBM DB2 11 v1.1.0 Database Level 2 | IBM_DB2DB | CONFIGURATION MANAGEMENT |
| 9.1 Starting Tomcat with Security Manager | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.1 Starting Tomcat with Security Manager | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 10.1 Ensure Web content directory is on a separate partition from the Tomcat system files (verify Web content directory) | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 10.20 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - web.xml | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 18.1.1.1 (L1) Ensure 'Prevent enabling lock screen camera' is set to 'Enabled' | CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.1.1.2 (L1) Ensure 'Prevent enabling lock screen slide show' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v4.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.7.3 (L1) Ensure 'Configure RPC connection settings: Protocol to use for outgoing RPC connections' is set to 'Enabled: RPC over TCP' | CIS Microsoft Windows Server 2016 v4.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.7.12 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows Server 2016 v4.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.9.1.1 (L1) Ensure 'Configure enhanced anti-spoofing' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v4.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 19.7.5.1 (L1) Ensure 'Do not preserve zone information in file attachments' is set to 'Disabled' | CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| Enhanced secure mode | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | CONFIGURATION MANAGEMENT |
| Management VLAN | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | CONFIGURATION MANAGEMENT |
