| 18.6.8.1 (L1) Ensure 'Require Encryption' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.6.8.1 (L1) Ensure 'Require Encryption' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.6.8.2 (L1) Ensure 'Require Encryption' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 20.68 Ensure 'Unified Extensible Firmware Interface (UEFI) firmware must be configured and run in UEFI mode, not Legacy BIOS' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 20.68 Ensure 'Unified Extensible Firmware Interface (UEFI) firmware must be configured and run in UEFI mode, not Legacy BIOS' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Access Credential Manager as a trusted caller | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Act as part of the operating system | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Allow indexing of encrypted files | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow log on through Remote Desktop Services | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Audit Account Lockout | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Audit Policy Change | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Credential Validation | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Logon | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Other Account Management Events | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Security Group Management | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Security System Extension | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Sensitive Privilege Use | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit System Integrity | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit User Account Management | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Backup files and directories | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Change the time zone | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Create global objects | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Default Protections for Popular Software - 7zGUI | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Default Protections for Popular Software - GoogleTalk | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Default Protections for Popular Software - LyncCommunicator | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Default Protections for Popular Software - PhotoGallery | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Default Protections for Popular Software - Photoshop | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Default Protections for Popular Software - RealPlayer | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Default Protections for Recommended Software - Access | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Default Protections for Recommended Software - jre7_java | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Default Protections for Recommended Software - PPTViewer | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Domain member: Require strong (Windows 2000 or later) session key | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Force shutdown from a remote system | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Interactive logon: Do not display last user name | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Load and unload device drivers | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Microsoft network client: Digitally sign communications (if server agrees) | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Microsoft network client: Send unencrypted password to third-party SMB servers - EnablePlainTextPassword | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Microsoft network server: Digitally sign communications (if client agrees) | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Minimum password age | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Network access: Remotely accessible registry paths and subpaths | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Network security: LDAP client signing requirements | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Prevent enabling lock screen slide show | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Recovery console: Allow automatic administrative logon | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Shutdown: Clear virtual memory pagefile | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| System DEP | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| User Account Control: Admin Approval Mode for the Built-in Administrator account | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Only elevate UIAccess applications that are installed in secure locations | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Run all administrators in Admin Approval Mode | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Windows Firewall: Prohibit notifications | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
