| 1.6 Ensure Warn users before password expiration is set to 7 days | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | ACCESS CONTROL |
| 1.10 Ensure Force users to change password at first login after password was changed from Users page is selected | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | IDENTIFICATION AND AUTHENTICATION |
| 2.1.2 Ensure 'Message Of The Day (MOTD)' is set - motd banner msgvalue | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | ACCESS CONTROL |
| 2.1.2 Ensure 'Message Of The Day (MOTD)' is set - motd banner on | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | ACCESS CONTROL |
| 2.1.6 Ensure DNS server is configured - secondary | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.9 Ensure Telnet is disabled | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | CONFIGURATION MANAGEMENT |
| 3.1 Enable the Firewall Stealth Rule | CIS Check Point Firewall L2 v1.1.0 | CheckPoint | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Ensure 'Install iOS Updates' of 'Automatic Updates' is set to 'Enabled' | MobileIron - CIS Apple iOS 18 v1.0.0 L1 End User Owned | MDM | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.3 Ensure 'Install iOS Updates' of 'Automatic Updates' is set to 'Enabled' | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 End User Owned | MDM | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.3 Ensure 'Install iOS Updates' of 'Automatic Updates' is set to 'Enabled' | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.3 Ensure 'Install iOS Updates' of 'Automatic Updates' is set to 'Enabled' | MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.3 Ensure 'Install iOS Updates' of 'Automatic Updates' is set to 'Enabled' | MobileIron - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.2.11 Minimize the admission of Windows HostProcess Containers | CIS Kubernetes v1.10.0 L1 Master | Unix | CONFIGURATION MANAGEMENT |
| 5.5 Do not mount sensitive host system directories on containers | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 5.5 Do not mount sensitive host system directories on containers | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 18.8.7.1.3 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Also apply to matching devices that are already installed.' is set to 'True' (checked) | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.8.7.1.3 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Also apply to matching devices that are already installed.' is set to 'True' (checked) | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.8.7.1.3 Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked) | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | MEDIA PROTECTION |
| 18.8.7.1.3 Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked) | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | MEDIA PROTECTION |
| 18.8.7.1.3 Ensure 'Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already installed.' is set to 'True' (checked) | CIS Windows 7 Workstation Bitlocker v3.2.0 | Windows | MEDIA PROTECTION |
| 20.59 Ensure 'Software certificate installation files must be removed' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.59 Ensure 'Software certificate installation files must be removed' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.59 Ensure 'Software certificate installation files must be removed' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.59 Ensure 'Software certificate installation files must be removed' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| AIOS-13-013700 - The Apple iOS/iPadOS must be Supervised by the MDM. | MobileIron - DISA Apple iOS/iPadOS 13 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-16-013200 - The Apple iOS/iPadOS 16 must be supervised by the MDM. | AirWatch - DISA Apple iOS/iPadOS 16 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-18-013200 - The Apple iOS/iPadOS 18 must be supervised by the MDM. | MobileIron - DISA Apple iOS/iPadOS 18 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| Allow user control over installs | MSCT Windows 10 v21H2 v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows Server v2004 MS v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows 10 1909 v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows Server 1903 DC v1.19.9 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows Server v2004 DC v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows 10 1903 v1.19.9 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows 11 v24H2 v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows Server 2016 MS v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows 10 1809 v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs - EnableUserControl | MSCT Windows Server 2025 DC v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs - EnableUserControl | MSCT Windows Server 2025 MS v1.0.0 | Windows | ACCESS CONTROL |
| ALMA-09-009590 - AlmaLinux OS 9 must check the GPG signature of software packages originating from external software repositories before installation. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| DG0088-ORACLE11 - The DBMS should be periodically tested for vulnerability management and IA compliance. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| ESXI5-VM-000050 - The system must use templates to deploy VMs whenever possible. | DISA STIG VMWare ESXi 5 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| GEN005160 - Any X Windows host must write .Xauthority files. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-214015 - RHEL 9 must check the GPG signature of software packages originating from external software repositories before installation. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| vCenter : remove-failed-install-logs | VMWare vSphere 5.X Hardening Guide | VMware | |
| VMCH-06-000043 - The system must use templates to deploy VMs whenever possible. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-65-000042 - System administrators must use templates to deploy virtual machines whenever possible. | DISA STIG VMware vSphere Virtual Machine 6.5 v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-67-000020 - System administrators must use templates to deploy virtual machines whenever possible. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
