| 2.5.9.2.1 Ensure 'PST Null Data on Delete' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | MEDIA PROTECTION |
| 3.1.3 - AirWatch - Set the 'minimum password length' | AirWatch - CIS Apple iOS 9 v1.0.0 L1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 3.1.6 Ensure RDS is disabled | CIS Debian 10 Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.3 Ensure rds kernel module is not available | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.2.3 Ensure rds kernel module is not available | CIS Oracle Linux 7 v4.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.2.3 Ensure rds kernel module is not available | CIS Ubuntu Linux 18.04 LTS v2.2.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.2.3 Ensure rds kernel module is not available | CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.2.3 Ensure rds kernel module is not available | CIS Oracle Linux 8 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.3 Ensure rds kernel module is not available | CIS Rocky Linux 8 Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.3 Ensure rds kernel module is not available | CIS Rocky Linux 8 Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.3 Ensure rds kernel module is not available | CIS Amazon Linux 2 v3.0.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.3 Ensure rds kernel module is not available | CIS AlmaLinux OS 9 v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.2.3 Ensure rds kernel module is not available | CIS Ubuntu Linux 22.04 LTS v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.2.3 Ensure rds kernel module is not available | CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.2.3 Ensure rds kernel module is not available | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.2.3 Ensure rds kernel module is not available | CIS Debian Linux 11 v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.2.3 Ensure rds kernel module is not available | CIS AlmaLinux OS 8 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.3 Ensure rds kernel module is not available | CIS SUSE Linux Enterprise 15 v2.0.1 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.4.3 Ensure RDS is disabled - lsmod | CIS Debian 8 Workstation L1 v2.0.2 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.4.3 Ensure RDS is disabled - lsmod | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.3 Ensure RDS is disabled - lsmod | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.3 Ensure RDS is disabled - modprobe | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.5.3 Ensure RDS is disabled | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.5.3 Ensure RDS is disabled | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.5.3 Ensure RDS is disabled | CIS Red Hat 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.5.3 Ensure RDS is disabled | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.5.3 Ensure RDS is disabled - lsmod | CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.5.3 Ensure RDS is disabled - modprobe | CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.5.3 Ensure RDS is disabled - modprobe | CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.5.3 Ensure RDS is disabled (lsmod) | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.5.3 Ensure RDS is disabled (modprobe) | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.6.3 Disable RDS | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 5.2 Ensure External File System Access is disabled - enable cis | CIS Sybase 15.0 L1 DB v1.1.0 | SybaseDB | |
| 6.5 Ensure SSL Protocol is set to TLS for Secure Connectors - verify sslProtocol is set to TLS | CIS Apache Tomcat 8 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.35.1 (L1) Ensure 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.35.1 (L1) Ensure 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.35.1 (L1) Ensure 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 30 - Ensure sslProtocol is set to TLS for Secure Connector | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Android Work Profile Device Configuration - Copy and paste between work and personal profiles | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| APPL-12-000059 - The macOS system must implement approved Key Exchange Algorithms within the SSH client configuration. | DISA STIG Apple macOS 12 v1r9 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| CISC-RT-000400 - The Cisco out-of-band management (OOBM) gateway router must be configured to transport management traffic to the Network Operations Center (NOC) via dedicated circuit, MPLS/VPN service, or IPsec tunnel. | DISA Cisco IOS XR Router RTR STIG v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| Configure an IPsec Tunnel | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | ACCESS CONTROL |
| EX13-CA-000080 - Exchange must have audit data protected against unauthorized deletion. | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| EX16-MB-000300 - Exchange email-forwarding SMTP domains must be restricted. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000540 - The Exchange Global Recipient Count Limit must be set. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX19-MB-000122 - Exchange mail quota settings must not restrict receiving mail. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX19-MB-000142 - The Exchange Global Recipient Count Limit must be set. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| GEN007080 - The Datagram Congestion Control Protocol (DCCP) must be disabled unless required - 'install dccp /bin/true' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| HTTP vs. HTTPS - ssl | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | SYSTEM AND COMMUNICATIONS PROTECTION |
| MSFT-11-005400 - Microsoft Android 11 must allow the Administrator (EMM) to perform the following management function: Wipe Enterprise data. | AirWatch - DISA Microsoft Android 11 COBO v1r2 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
