| 2.3.2 Ensure Limit Ad Tracking Is Enabled | CIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.8.1.1 Ensure the OS Is Not Active When Resuming from Standby (Intel) | CIS Apple macOS 12.0 Monterey v4.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.9.1.1 Ensure the OS Is Not Active When Resuming from Standby (Intel) | CIS Apple macOS 13.0 Ventura v3.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.11 Ensure EFI Version Is Valid and Checked Regularly - integrity-check | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 2.13 Ensure EFI version is valid and being regularly checked - itegrity-check | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.2.1.14 Ensure 'Allow trusting new enterprise app authors' is set to 'Disabled' | MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | CONFIGURATION MANAGEMENT |
| 4.1.1 Review Manage Sharing & Access | MobileIron - CIS Apple iOS 17 v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.1.1 Review Manage Sharing & Access | AirWatch - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.1.1 Review Manage Sharing & Access | AirWatch - CIS Apple iOS 18 Benchmark v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT |
| 4.1.1 Review Manage Sharing & Access | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | CONFIGURATION MANAGEMENT |
| 4.1.1 Review Manage Sharing & Access | MobileIron - CIS Apple iOS 18 v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT |
| 4.1.1 Review Manage Sharing & Access | AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | CONFIGURATION MANAGEMENT |
| 4.1.1 Review Manage Sharing & Access | MobileIron - CIS Apple iOS 17 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.1.1 Review Manage Sharing & Access | AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.1.1 Review Manage Sharing & Access | MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT |
| 4.1.1 Review Manage Sharing & Access | AirWatch - CIS Apple iOS 17 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.1.1 Review Manage Sharing & Access | MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.1.1 Review Manage Sharing & Access | MobileIron - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | CONFIGURATION MANAGEMENT |
| 4.1.1 Review Manage Sharing & Access | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT |
| 4.5 Activate AppArmor - '0 processes unconfined' | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | ACCESS CONTROL |
| 4.5 Activate AppArmor - GRUB_CMDLINE_LINUX - 0 processes are unconfirmed | CIS Debian Linux 7 L2 v1.0.0 | Unix | ACCESS CONTROL |
| 4.5 Activate AppArmor - GRUB_CMDLINE_LINUX - 0 profiles are in complain mode | CIS Debian Linux 7 L2 v1.0.0 | Unix | ACCESS CONTROL |
| 4.5 Activate AppArmor - GRUB_CMDLINE_LINUX - apparmor=1 | CIS Debian Linux 7 L2 v1.0.0 | Unix | ACCESS CONTROL |
| 4.5 Activate AppArmor - GRUB_CMDLINE_LINUX - security=apparmor | CIS Debian Linux 7 L2 v1.0.0 | Unix | ACCESS CONTROL |
| 4.5 Activate AppArmor - profiles are loaded | CIS Debian Linux 7 L2 v1.0.0 | Unix | ACCESS CONTROL |
| 5.1.3 Ensure Apple Mobile File Integrity Is Enabled | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 7.2.7 Ensure Advertising Privacy Protection in Safari Is Enabled | CIS Apple macOS 12.0 Monterey v4.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-12-010900 - Apple iOS must implement the management setting: not allow use of Handoff. | MobileIron - DISA Apple iOS 12 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-13-013300 - Apple iOS/iPadOS must disable allow setting up new nearby devices. | AirWatch - DISA Apple iOS/iPadOS 13 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-14-011200 - Apple iOS/iPadOS must disable allow setting up new nearby devices. | AirWatch - DISA Apple iOS/iPadOS 14 v1r3 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-14-011200 - Apple iOS/iPadOS must disable allow setting up new nearby devices. | MobileIron - DISA Apple iOS/iPadOS 14 v1r3 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-14-011300 - Apple iOS/iPadOS must disable password proximity requests. | MobileIron - DISA Apple iOS/iPadOS 14 v1r3 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-15-012800 - Apple iOS/iPadOS 15 must disable allow setting up new nearby devices. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-012800 - Apple iOS/iPadOS 15 must disable allow setting up new nearby devices. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-012800 - Apple iOS/iPadOS 16 must disable allow setting up new nearby devices. | AirWatch - DISA Apple iOS/iPadOS 16 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-16-012900 - Apple iOS/iPadOS 16 must disable password proximity requests. | AirWatch - DISA Apple iOS/iPadOS 16 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-17-012800 - Apple iOS/iPadOS 17 must disable allow setting up new nearby devices. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-17-012800 - Apple iOS/iPadOS 17 must disable allow setting up new nearby devices. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| APPL-13-005058 - The macOS system must be configured to prevent activity continuation between Apple devices. | DISA STIG Apple macOS 13 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-14-000001 The macOS system must prevent Apple Watch from terminating a session lock. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL |
| Ensure mounting of hfs filesystems is disabled - lsmod | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure mounting of hfs filesystems is disabled - modprobe | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Fortigate - Disable SSHv1 admin access | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | CONFIGURATION MANAGEMENT |
| Monterey - Protected Storage for Cryptographic Keys | NIST macOS Monterey v1.0.0 - All Profiles | Unix | |
| PHTN-40-000105 The Photon operating system must enable symlink access control protection in the kernel. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL |
| PHTN-40-000225 The Photon operating system must prevent IPv4 Internet Control Message Protocol (ICMP) redirect messages from being accepted. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000231 The Photon operating system must not perform IPv4 packet forwarding. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000246 The Photon operating system must restrict core dumps. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| vNetwork : reject-forged-transmit - 'vSwitch' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| vNetwork : reject-forged-transmit-dvportgroup | VMWare vSphere 5.X Hardening Guide | VMware | |
