| 2.2.4 Ensure CUPS is not enabled | CIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure IP forwarding is disabled | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.3.2 Include TSIG key in named.conf 'TSIG key 2' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3.7 Ensure bogus ICMP responses are ignored | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.5.2.9 Ensure nftables default deny firewall policy | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.3.2.1 Ensure iptables loopback traffic is configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.3.2.2 Ensure iptables outbound and established connections are configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.3.2.5 Ensure iptables rules are saved | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.3.3.2 Ensure ip6tables outbound and established connections are configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.1.2 Ensure rsyslog Service is enabled and running | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.4 Ensure logging is configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.11.8.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.1.6 Ensure permissions on /etc/cron.monthly are configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.8 Ensure cron is restricted to authorized users | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.1 Ensure sudo is installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.3.7 Ensure SSH LogLevel is appropriate | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3.9 Ensure SSH MaxAuthTries is set to 4 or less | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3.11 Ensure SSH HostbasedAuthentication is disabled | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.3.20 Ensure SSH LoginGraceTime is set to one minute or less | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.3.22 Ensure SSH PAM is enabled | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.3.25 Ensure SSH MaxSessions is limited | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.4.1 Ensure password creation requirements are configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.5.5 Ensure default user umask is configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.7 Ensure access to the su command is restricted | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.4 Ensure permissions on /etc/shadow are configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.10 Ensure no world writable files exist | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.11 Ensure no unowned files or directories exist | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.2.2 Ensure /etc/shadow password fields are not empty | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.2.7 Ensure no duplicate UIDs exist | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.2.10 Ensure root PATH Integrity | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.2.17 Ensure no users have .rhosts files | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 8.4.16 Disable Trash Folder State | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.18 Ensure Unity is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.20 Disable GetCreds | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.22 Disable Guest Host Interaction Launch Menu | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.23 Disable memSchedFakeSampleStats | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| CIS_Amazon_Linux_2_v3.0.0_L1.audit from CIS Amazon Linux 2 Benchmark v3.0.0 | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| CIS_Amazon_Linux_2_v3.0.0_L2.audit from CIS Amazon Linux 2 Benchmark v3.0.0 | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| DTOO241 - Outlook - Action to demote an EMail Level 1 attachment to Level 2 must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI5-VM-000019 - The unexposed feature keyword isolation.tools.ghi.protocolhandler.info.disable must be initialized to decrease the VMs potential attack vectors. | DISA STIG VMWare ESXi 5 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| ESXI5-VM-000026 - The unexposed feature keyword isolation.tools.unity.push.update.disable must be initialized to decrease the VMs potential attack vectors. | DISA STIG VMWare ESXi 5 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| ESXI5-VM-000031 - The unexposed feature keyword isolation.tools.guestDnDVersionSet.disable must be initialized to decrease the VMs potential attack vectors. | DISA STIG VMWare ESXi 5 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| GEN005505 - The SSH daemon must be configured to only use FIPS 140-2 approved ciphers. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005510 - The SSH client must be configured to only use FIPS 140-2 approved ciphers. | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents - config | DISA STIG Solaris 10 X86 v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents - config | DISA STIG Solaris 10 SPARC v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
