| 1.1 Ensure the Pre-Installation Planning Checklist Has Been Implemented | CIS Apache HTTP Server 2.4 v2.2.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.5.4 Ensure prelink is not installed | CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Workstation | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.5.4 Ensure prelink is not installed | CIS Debian Linux 11 v2.0.0 L1 Server | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.5.4 Ensure prelink is not installed | CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Server | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.5.4 Ensure prelink is not installed | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Server | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.2 Ensure 'Software Update' returns 'Your software is up to date.' | AirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.4 Ensure 'Software Update' returns 'Your software is up to date.' | MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.4 Ensure 'Software Update' returns 'Your software is up to date.' | AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.7 Disable Displaying JavaScript in History URLs | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.2 Do Not Accept Third Party Cookies | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 7.2 Disabling Auto-Install of Add-ons | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 8.1 Enable Virus Scanning for Downloads | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | ACCESS CONTROL |
| 8.3 Block Reported Web Forgeries | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 8.4 Block Reported Attack Sites | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.8.2 (L1) Ensure 'Turn off Autoplay' is set to 'Enabled: All drives' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | MEDIA PROTECTION |
| 18.10.7.3 (L1) Ensure 'Turn off Autoplay' is set to 'Enabled: All drives' | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | MEDIA PROTECTION |
| 18.10.7.3 (L1) Ensure 'Turn off Autoplay' is set to 'Enabled: All drives' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | MEDIA PROTECTION |
| 18.10.7.3 Ensure 'Turn off Autoplay' is set to 'Enabled: All drives' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | MEDIA PROTECTION |
| 18.10.7.3 Ensure 'Turn off Autoplay' is set to 'Enabled: All drives' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC | Windows | MEDIA PROTECTION |
| 18.10.8.3 (L1) Ensure 'Turn off Autoplay' is set to 'Enabled: All drives' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | MEDIA PROTECTION |
| 18.10.8.3 (L1) Ensure 'Turn off Autoplay' is set to 'Enabled: All drives' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | MEDIA PROTECTION |
| 18.10.8.3 (L1) Ensure 'Turn off Autoplay' is set to 'Enabled: All drives' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | MEDIA PROTECTION |
| 18.10.8.3 (L1) Ensure 'Turn off Autoplay' is set to 'Enabled: All drives' | CIS Microsoft Windows Server 2022 v4.0.0 L1 MS | Windows | MEDIA PROTECTION |
| 18.10.8.3 (L1) Ensure 'Turn off Autoplay' is set to 'Enabled: All drives' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | MEDIA PROTECTION |
| DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced in PowerPoint. | DISA STIG Microsoft PowerPoint 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Microsoft OneNote 2016 v1r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Microsoft Word 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Microsoft Publisher 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Microsoft Excel 2013 v1r8 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Microsoft Project 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Microsoft Publisher 2016 v1r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Microsoft OneNote 2013 v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO104 - Word - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO111 - The Internet Explorer Bind to Object functionality must be enabled in PowerPoint. | DISA STIG Microsoft PowerPoint 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO111 - Word - Enabling IE Bind to Object functionality must be present. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO117 - PowerPoint - Saved from URL mark to assure Internet zone processing must be enforced. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO117 - Word - Saved from URL mark to assure Internet zone processing must be enforced. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Access - Navigation to URL's embedded in Office products must be blocked. | DISA STIG Office 2010 Access v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Navigation to URLs embedded in Office products must be blocked | DISA STIG Microsoft Publisher 2016 v1r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Navigation to URLs embedded in Office products must be blocked. | DISA STIG Microsoft OneNote 2016 v1r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Navigation to URLs embedded in Office products must be blocked. | DISA STIG Microsoft Visio 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Navigation to URLs embedded in Office products must be blocked. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Outlook - Navigation to URL's embedded in Office products must be blocked. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked. | DISA STIG Microsoft OneNote 2016 v1r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked. | DISA STIG Microsoft Visio 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO501 - Disabling of user name and password syntax from being used in URLs must be enforced in PowerPoint Viewer. | DISA STIG Microsoft PowerPoint 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO504 - Navigation to URLs embedded in Office products must be blocked in PowerPoint Viewer. | DISA STIG Microsoft PowerPoint 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO507 - Links that invoke instances of Internet Explorer from within an Office product must be blocked in PowerPoint Viewer. | DISA STIG Microsoft PowerPoint 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN005180 - All .Xauthority files must have mode 0600 or less permissive. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| VCEM-70-000008 - ESX Agent Manager application files must be verified for their integrity. | DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
