| 1.1.19 - AirWatch - Erase all data before return, recycle, reassignment, or other disposition | AirWatch - CIS Apple iOS 9 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 1.1.21 - MobileIron - Erase all data before return, recycle, reassignment, or other disposition | MobileIron - CIS Apple iOS 8 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 1.2.3 Limit SSH Login Attempts to 3 or less | CIS Cisco NX-OS v1.2.0 L1 | Cisco | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.8.1 Enable FIPS Mode | CIS Cisco NX-OS v1.2.0 L2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| 2.3.10.5 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' is set to 'Enabled' (STIG DC & MS only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.3.10.5 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' is set to 'Enabled' (STIG DC & MS only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used | CIS PostgreSQL 13 OS v1.2.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used | CIS PostgreSQL 16 OS v1.0.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.15 Set 'Automatically dial during a background Send/Receive' to 'Enabled:False' | CIS MS Office Outlook 2010 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.17 Set 'Warn before switching dial- up connection' to 'Enabled:True' | CIS MS Office Outlook 2010 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 17.7.2 Ensure 'Audit Audit Policy Change' is set to include 'Success and Failure' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 18.6.14.2 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.6.14.2 Ensure 'Hardened UNC Paths' is set to 'Enabled, with 'Require Mutual Authentication' and 'Require Integrity' set for all NETLOGON and SYSVOL shares' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.25.7 Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 60 or fewer' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.51.1.2 Ensure 'Enable Windows NTP Client' is set to 'Enabled: DoD time server' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 20.2 Ensure 'Active Directory AdminSDHolder object is configured with proper audit settings' (STIG DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 20.6 Ensure 'Active Directory Group Policy objects are configured with proper audit settings' (STIG DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 20.7 Ensure 'Active Directory Group Policy objects have proper access control permissions' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 20.7 Ensure 'Active Directory Group Policy objects have proper access control permissions' (STIG DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 20.14 Ensure 'Automated mechanisms must be employed to determine the state of system components' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 20.24 Ensure 'Domain Controllers run on a machine dedicated to that function' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.37 Ensure 'Non-administrative accounts or groups only have print permissions on printer shares' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 20.65 Ensure 'The system must have the Roles and Features required for it documented' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| ARST-RT-000620 - The Arista perimeter router must be configured to block inbound packets with source Bogon IP address prefixes. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000670 - The Apache web server must restrict inbound connections from nonsecure zones. | DISA STIG Apache Server 2.4 Unix Server v3r2 | Unix | ACCESS CONTROL |
| CIS_Microsoft_Windows_Server_2016_STIG_v3.0.0_NG_DC.audit from CIS Microsoft Windows Server 2016 STIG Benchmark v3.0.0 | CIS Microsoft Windows Server 2016 STIG v3.0.0 NG DC | Windows | |
| CIS_Microsoft_Windows_Server_2016_STIG_v3.0.0_STIG_DC.audit from CIS Microsoft Windows Server 2016 STIG Benchmark v3.0.0 | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | |
| CIS_Microsoft_Windows_Server_2019_STIG_v3.0.0_L1_Domain_Controller.audit from CIS Microsoft Windows Server 2019 STIG Benchmark v3.0.0 | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC | Windows | |
| CIS_Microsoft_Windows_Server_2019_STIG_v3.0.0_L1_Member_Server.audit from CIS Microsoft Windows Server 2019 STIG Benchmark v3.0.0 | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS | Windows | |
| CIS_Microsoft_Windows_Server_2019_STIG_v3.0.0_L2_Domain_Controller.audit from CIS Microsoft Windows Server 2019 STIG Benchmark v3.0.0 | CIS Microsoft Windows Server 2019 STIG v3.0.0 L2 DC | Windows | |
| CIS_Microsoft_Windows_Server_2019_STIG_v3.0.0_L2_Member_Server.audit from CIS Microsoft Windows Server 2019 STIG Benchmark v3.0.0 | CIS Microsoft Windows Server 2019 STIG v3.0.0 L2 MS | Windows | |
| CIS_Microsoft_Windows_Server_2019_STIG_v3.0.0_STIG_Member_Server.audit from CIS Microsoft Windows Server 2019 STIG Benchmark v3.0.0 | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | |
| CIS_Microsoft_Windows_Server_2022_STIG_v2.0.0_L1_Member_Server.audit from CIS Microsoft Windows Server 2022 STIG Benchmark v2.0.0 | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | |
| CIS_Microsoft_Windows_Server_2022_STIG_v2.0.0_L2_Domain_Controller.audit from CIS Microsoft Windows Server 2022 STIG Benchmark v2.0.0 | CIS Microsoft Windows Server 2022 STIG v2.0.0 L2 Domain Controller | Windows | |
| CIS_Microsoft_Windows_Server_2022_STIG_v2.0.0_STIG_Domain_Controller.audit from CIS Microsoft Windows Server 2022 STIG Benchmark v2.0.0 | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | |
| CIS_Microsoft_Windows_Server_2022_STIG_v2.0.0_STIG_Member_Server.audit from CIS Microsoft Windows Server 2022 STIG Benchmark v2.0.0 | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | |
| CIS_Red_Hat_EL7_STIG_v2.0.0_L1_Server.audit from CIS Red Hat Enterprise Linux 7 STIG v2.0.0 | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | |
| CIS_Red_Hat_EL7_STIG_v2.0.0_L1_Workstation.audit from CIS Red Hat Enterprise Linux 7 STIG v2.0.0 | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | |
| CIS_Red_Hat_EL7_STIG_v2.0.0_L2_Server.audit from CIS Red Hat Enterprise Linux 7 STIG v2.0.0 | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | |
| CIS_Red_Hat_EL7_STIG_v2.0.0_L2_Workstation.audit from CIS Red Hat Enterprise Linux 7 STIG v2.0.0 | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | |
| CIS_Red_Hat_EL7_STIG_v2.0.0_STIG.audit from CIS Red Hat Enterprise Linux 7 STIG v2.0.0 | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | |
| ESXI-70-000049 - The ESXi host must protect the confidentiality and integrity of transmitted information by protecting ESXi management traffic. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-EG-000210 - The Exchange Block List service provider must be identified. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| JUEX-RT-000740 - The Juniper perimeter router must be configured to block inbound packets with source Bogon IP address prefixes. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| TCAT-AS-001670 - RECYCLE_FACADES must be set to true. | DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WN12-GE-000004-MS - Only administrators responsible for the member server must have Administrator rights on the system. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-SO-000039 - The system must be configured to prevent Internet Control Message Protocol (ICMP) redirects from overriding Open Shortest Path First (OSPF) generated routes. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-SO-000039 - The system must be configured to prevent Internet Control Message Protocol (ICMP) redirects from overriding Open Shortest Path First (OSPF) generated routes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN16-CC-000030 - WDigest Authentication must be disabled on Windows Server 2016. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | CONFIGURATION MANAGEMENT |
| WN19-CC-000020 - Windows Server 2019 must have WDigest Authentication disabled. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
