| 1.1.4 Ensure nodev option set on /tmp partition | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.1.7 Ensure noexec option set on /dev/shm partition | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.8 Ensure nodev option set on /dev/shm partition | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.20 Ensure removable media partitions include noexec option | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.2.2 Ensure package manager repositories are configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.3 Ensure gpgcheck is globally activated | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.3.1 Ensure AIDE is installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.5.4 Ensure prelink is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.6.1.1 Ensure SELinux is installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.6.1.3 Ensure SELinux policy is configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.7.1 Ensure message of the day is configured properly | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.1.1 Ensure xinetd is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.1.1 Ensure time synchronization is in use | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.5 Ensure DHCP Server is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.7 Ensure DNS Server is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.11 Ensure Samba is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.12 Ensure HTTP Proxy Server is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.15 Ensure telnet-server is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.19 Ensure rsync is not installed or the rsyncd service is masked | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.3.3 Ensure talk client is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.3.4 Ensure telnet client is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.1.2 Ensure wireless interfaces are disabled | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3.4 Ensure secure ICMP redirects are not accepted | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.3.6 Ensure broadcast ICMP requests are ignored | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.3.8 Ensure Reverse Path Filtering is enabled | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.5.1.1 Ensure firewalld is installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.1.4 Ensure firewalld service enabled and running | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 18.10.14.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v5.0.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v5.0.1 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| ESXI5-VM-000016 - The unexposed feature keyword isolation.tools.getCreds.disable must be initialized to decrease the VMs potential attack vectors. | DISA VMware ESXi Version 5 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| ESXI5-VM-000025 - The unexposed feature keyword isolation.tools.unityInterlockOperation.disable must be initialized to decrease the VMs potential attack vectors. | DISA VMware ESXi Version 5 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| ESXI5-VM-000031 - The unexposed feature keyword isolation.tools.guestDnDVersionSet.disable must be initialized to decrease the VMs potential attack vectors. | DISA VMware ESXi Version 5 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| O365-OU-000015 - The ability to demote attachments from Level 2 to Level 1 must be disabled. | DISA Microsoft Office 365 ProPlus STIG v3r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SRG-OS-000120-ESXI5 - The password hashes stored on the system must have been generated using a FIPS 140-2 approved cryptographic hashing algorithm. | DISA VMWare ESXi 5.0 Server STIG v2r1 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VM : disable-unexposed-features-autologon | VMWare vSphere 5.X Hardening Guide | VMware | ACCESS CONTROL |
| VM : disable-unexposed-features-protocolhandler | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-toporequest | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-trashfolderstate | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-unity | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-unity-interlock | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-unity-taskbar | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-unity-unityactive | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-unitypush | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-versionget | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-versionset | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
