| 1.1.18.9 (L2) Ensure 'network.IDN_show_punycode' is set to 'Enabled' | CIS Mozilla Firefox ESR GPO v1.0.0 L2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.22 Disable Automounting | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.22 Disable Automounting | CIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1 | Unix | MEDIA PROTECTION |
| 1.1.22 Disable Automounting | CIS CentOS 6 Server L1 v3.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.22 Disable Automounting | CIS Oracle Linux 6 Workstation L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.4 (L2) Ensure Safe Attachments policy is enabled | CIS Microsoft 365 Foundations v5.0.0 L2 E5 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.29 (L2) Configure 'Log on as a service' | CIS Microsoft Windows 8.1 v2.4.1 L2 | Windows | ACCESS CONTROL |
| 2.5.14.3.8 (L1) Ensure 'Allow users to demote attachments to Level 2' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.14.3.26 (L1) Ensure 'Remove file extensions blocked as Level 2' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.6 (L2) Ensure Strict Lockdown mode is enabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | ACCESS CONTROL |
| 7.1 (L2) Virtual machines must enable Secure Boot | CIS VMware ESXi 8.0 v1.2.0 L2 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 7.2.4 (L2) Ensure OneDrive content sharing is restricted | CIS Microsoft 365 Foundations v5.0.0 L2 E3 | microsoft_azure | ACCESS CONTROL, MEDIA PROTECTION |
| 7.2.4 (L2) Ensure OneDrive content sharing is restricted | CIS Microsoft 365 Foundations v5.0.0 L2 E5 | microsoft_azure | ACCESS CONTROL, MEDIA PROTECTION |
| 8.4.7 (L2) Ensure Unity Window Contents is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.8 (L2) Ensure Unity Push Update is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.12 (L2) Ensure Request Disk Topology is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.13 (L2) Ensure Trash Folder State is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.5.8 (L2) Ensure external meeting chat is off | CIS Microsoft 365 Foundations v5.0.0 L2 E3 | microsoft_azure | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 18.5.8.1 Ensure 'Enable insecure guest logons' is set to 'Disabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.52.1 Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT |
| 18.10.51.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 18.10.51.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.51.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT |
| 19.7.40.1 (L1) Ensure 'Turn off Windows Copilot' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT |
| 19.7.40.1 (L1) Ensure 'Turn off Windows Copilot' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| 80.5 (L2) Ensure 'Disable One Drive File Sync' is set to 'Sync Disabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 80.5 (L2) Ensure 'Disable One Drive File Sync' is set to 'Sync Disabled' | CIS Microsoft Intune for Windows 10 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| CIS_Amazon_Linux_2_STIG_v2.0.0_L1_Workstation.audit from CIS Amazon Linux 2 STIG Benchmark v2.0.0 | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | |
| DTOO241 - Action to demote an EMail Level 1 attachment to Level 2 must be configured. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi: esxi-8.ssh-fips | VMware vSphere Security Configuration and Hardening Guide 8.0 - Bare Metal Host | Unix | ACCESS CONTROL |
| GEN000140-2 - A file integrity baseline including cryptographic hashes must be created - 'database location' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN005512 - The SSH client must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms - MACs that employ FIPS 140-2 cryptographic hash algorithms. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| OL08-00-010163 - The krb5-server package must not be installed on OL 8. | DISA Oracle Linux 8 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000010 - Splunk Enterprise must be installed with FIPS mode enabled, to implement NIST FIPS 140-2 approved ciphers for all cryptographic functions. | DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API | Splunk | SYSTEM AND COMMUNICATIONS PROTECTION |
| SRG-OS-000120-ESXI5 - The password hashes stored on the system must have been generated using a FIPS 140-2 approved cryptographic hashing algorithm. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | IDENTIFICATION AND AUTHENTICATION |
| SRG-OS-000250-ESXI5 - The SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms - MACs with FIPS 140-2 approved crypto | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | ACCESS CONTROL |
| VM : disable-unexposed-features-launchmenu | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-protocolhandler | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-trashfolderstate | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-trayicon | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-unity-unityactive | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-unitypush | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-versionget | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| WBSP-AS-000212 - The WebSphere Application Server Java 2 security must not be bypassed. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | ACCESS CONTROL |
| WBSP-AS-000212 - The WebSphere Application Server Java 2 security must not be bypassed. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | ACCESS CONTROL |
