| 1.1.1.1 Ensure mounting of cramfs filesystems is disabled - modprobe | CIS Ubuntu Linux 18.04 LXD Host L1 LXD v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.3 Ensure mounting of jffs2 filesystems is disabled - lsmod | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.3 Ensure mounting of jffs2 filesystems is disabled - modprobe | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.4 Ensure mounting of hfs filesystems is disabled - lsmod | CIS Ubuntu Linux 18.04 LXD Host L1 LXD v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - lsmod | CIS Ubuntu Linux 18.04 LXD Host L1 LXD v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - lsmod | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.7 Ensure mounting of udf filesystems is disabled - lsmod | CIS Ubuntu Linux 18.04 LXD Host L1 LXD v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.3 Ensure nodev option set on /tmp partition | CIS Debian 8 Server L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.21 Ensure sticky bit is set on all world-writable directories | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.4 Ensure systemd Service Files Are Enabled | CIS PostgreSQL 11 OS v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.5.1 Ensure permissions on bootloader config are configured | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.5.2 Ensure bootloader password is set - 'passwd_pbkdf2' | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.6.4 Ensure core dumps are restricted - storage | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.6.4 Ensure core dumps are restricted - sysctl config | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.8.1.4 Ensure permissions on /etc/motd are configured | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.26.1 (L1) Ensure 'Disable Bing chat entry-points on Microsoft Edge Enterprise new tab page' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.135 (L2) Ensure 'Enable QR Code Generator' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 2.4 Set noexec option for /tmp Partition | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4.2 Ensure 'IMAP4' Windows services are 'Disabled' | CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.9 Create Separate Partition for /home | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.10 Add nodev Option to /home | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.12 Add noexec Option to Removable Media Partitions | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.14 Add nodev Option to /run/shm Partition | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.14 Ensure 'sa' Login Account has been renamed | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| 2.14 Ensure 'sa' Login Account has been renamed | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| 2.16 Add noexec Option to /run/shm Partition | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.17 Ensure no login exists with the name 'sa' | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| 3.1 Ensure a fully-synchronized High Availability peer is configured | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | CONFIGURATION MANAGEMENT |
| 3.1.2 Ensure IP forwarding is disabled - sysctl ipv4 | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.16 Ensure 'debug_print_plan' is disabled | CIS PostgreSQL 11 DB v1.0.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 3.2 Ensure 'High Availability' requires Link Monitoring and/or Path Monitoring | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure packet redirect sending is disabled - net.ipv4.conf.all.send_redirects (sysctl.conf/sysctl.d) | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure packet redirect sending is disabled - sysctl net.ipv4.conf.default.send_redirects | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.2 Ensure ICMP redirects are not accepted - net.ipv4.conf.default.accept_redirects (sysctl.conf/sysctl.d) | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.2 Ensure ICMP redirects are not accepted - net.ipv6.conf.default.accept_redirects (sysctl.conf/sysctl.d) | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.2 Ensure ICMP redirects are not accepted - sysctl net.ipv4.conf.default.accept_redirects | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.2 Ensure ICMP redirects are not accepted - sysctl net.ipv6.conf.default.accept_redirects | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.3 Ensure secure ICMP redirects are not accepted - 'sysctl net.ipv4.conf.all.secure_redirects' | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.7 Ensure Reverse Path Filtering is enabled - 'sysctl net.ipv4.conf.default.rp_filter' | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.9 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.all.accept_ra' (sysctl.conf/sysctl.d) | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.9 Ensure IPv6 router advertisements are not accepted - 'sysctl net.ipv6.conf.default.accept_ra' | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.3.1 Ensure source routed packets are not accepted - net.ipv4.conf.default.accept_source_route (sysctl.conf/sysctl.d) | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.3.1 Ensure source routed packets are not accepted - sysctl net.ipv4.conf.all.accept_source_route | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.3.1 Ensure source routed packets are not accepted - sysctl net.ipv6.conf.all.accept_source_route | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.3.6 Ensure bogus ICMP responses are ignored - (sysctl exec) | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/apparmor/ | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.8 Ensure events that modify the system's Mandatory Access Controls are collected - /etc/selinux/ | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.7 Ensure root PATH Integrity | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.11 Ensure no users have .forward files | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.2 Ensure 'MASTER_SSL_VERIFY_SERVER_CERT' is enabled | CIS MariaDB 10.6 Database L1 v1.1.0 | MySQLDB | CONFIGURATION MANAGEMENT |
