| 1.2.1 Ensure GPG keys are configured | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.1 Ensure GPG keys are configured | CIS Rocky Linux 8 Server L1 v2.0.0 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.1 Ensure GPG keys are configured | CIS AlmaLinux OS 8 Workstation L1 v3.0.0 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.1.1 Ensure GPG keys are configured | CIS SUSE Linux Enterprise 15 v2.0.1 L1 Server | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.2 Ensure filesystem integrity is regularly checked | CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 2.0 Install & Config - 'Disable RSH' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable SNMPv1' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable TFTP' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Enable FilerView HTTPS' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1 Enable Secure Admin Access - 'autologout.telnet.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.1 Enable Secure Admin Access - 'ssh.idle.timeout <= 60' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.1 Enable Secure Admin Access - 'ssh.port = 22' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.2 Disable/Modify Default Accts - 'security.passwd.rootaccess.enable = off' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.2 Enable Auto-Notification of Outdated Plugins | CIS Mozilla Firefox 38 ESR Linux L1 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.4 Password Security - 'maximum password age <= 90' | TNS NetApp Data ONTAP 7G | NetApp | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Password Security - 'security.passwd.firstlogin.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Password Security - 'security.passwd.rules.maximum >= 14' | TNS NetApp Data ONTAP 7G | NetApp | IDENTIFICATION AND AUTHENTICATION |
| 2.5 Set Update Wait Time Prompt | CIS Mozilla Firefox 38 ESR Linux L1 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.7 Network & IP Options - 'ip.fastpath.enable = off' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.7 Network & IP Options - 'ip.icmp_ignore_redirect.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.7 Set Search Provider Update Behavior | CIS Mozilla Firefox 38 ESR Linux L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.8 Protocol Access Controls - 'httpd.access has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8 Protocol Access Controls - 'interface.blocked.snapmirror has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8 Protocol Access Controls - 'snmp.access has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.7 Disable Cloud Sync | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 3.9 Ensure App Tier Elastic Load Balancer has application layer Health Check Configured | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.1 Set SSL Override Behavior | CIS Mozilla Firefox 38 ESR Linux L2 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Set Security TLS Version Minimum | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Block Mixed Active Content | CIS Mozilla Firefox 38 ESR Linux L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.11.52.2.1 (L2) Ensure 'Prevent Codec Download (User)' is set to 'Enabled' | CIS Microsoft Intune for Windows 10 v4.0.0 L2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1 Disallow JavaScript's Ability to Change the Status Bar Text | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 5.2 Disable Scripting of Plugins by JavaScript | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 5.3 Disallow JavaScript's Ability to Hide the Address Bar | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 5.4 Disallow JavaScript's Ability to Hide the Status Bar | CIS Mozilla Firefox 38 ESR Linux L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.6 Block Pop-up Windows | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.4 Set Delay for Enabling Security Sensitive Dialog Boxes | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 6.5 Disable Geolocation Serivces | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 7.6 Disable Popups Initiated by Plugins | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 8.3 Block Reported Web Forgeries | CIS Mozilla Firefox 38 ESR Linux L1 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTOO111 - The Internet Explorer Bind to Object functionality must be enabled. | DISA STIG Microsoft Visio 2013 v1r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO124 - Scripted Window Security must be enforced. | DISA STIG Microsoft OneNote 2016 v1r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO124 - Scripted Window Security must be enforced. | DISA STIG Microsoft OneDrive v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - Protection from zone elevation must be enforced | DISA STIG Microsoft Office Access 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - Protection from zone elevation must be enforced. | DISA STIG Microsoft Excel 2016 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - Protection from zone elevation must be enforced. | DISA STIG Microsoft Project 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - Protection from zone elevation must be enforced. | DISA STIG Microsoft Word 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - Protection from zone elevation must be enforced. | DISA STIG Microsoft Project 2013 v1r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO505 - Scripted Window Security must be enforced in PowerPoint Viewer. | DISA STIG Microsoft PowerPoint 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN005190 - The .Xauthority files must not have extended ACLs. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| SPLK-CL-000120 - The System Administrator (SA) and Information System Security Manager (ISSM) must configure the retention of the log records based on the defined security plan. | DISA STIG Splunk Enterprise 8.x for Linux v2r2 STIG OS | Unix | AUDIT AND ACCOUNTABILITY |
