| 1.4 Enable system data files and security update installs - 'ConfigDataInstall' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.1 Disable Bluetooth, if no paired devices exist | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | |
| 2.2.3 Restrict NTP server to loopback interface | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.4 Set a screen corner to Start Screen Saver | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
| 2.4.2 Disable Internet Sharing | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4.4 Disable Printer Sharing | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4.7 Disable Bluetooth Sharing | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | |
| 2.4.8 Disable File Sharing - AppleFileServer | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.6.1 Enable FileVault - Encryption Status | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.5 Review Application Firewall Rules | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.9 Pair the remote control infrared receiver if enabled - 'UIDFilter != none' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
| 2.10 Enable Secure Keyboard Entry in terminal.app | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2 Enable security auditing | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit all failed events across all audit classes' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit successful/failed login/logout events' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.5 Retain install.log for 365 or more days | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable 'Show Wi-Fi status in menu bar' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.5 Ensure ftp server is not running | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.6 Ensure nfs server is not running | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.2.1 Configure account lockout threshold | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
| 5.2.4 Complex passwords must contain a Numeric Character - '1 number' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.5 Complex passwords must contain a Special Character | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.6 Complex passwords must contain uppercase and lowercase letters | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | |
| 5.2.8 Password History | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.7 Do not enable the 'root' account | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
| 5.10 Require an administrator password to access system-wide preferences | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.1.2 Disable 'Show password hints' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.1.4 Disable 'Allow guests to connect to shared folders' - SMB Sharing | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
| 6.2 Turn on filename extensions | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| CIS_Apple_macOS_10.15_Catalina_v3.0.0_L1.audit from CIS Apple macOS 10.15 Catalina Benchmark v3.0.0 | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | |
| CIS_Apple_macOS_10.15_Catalina_v3.0.0_L2.audit from CIS Apple macOS 10.15 Catalina Benchmark v3.0.0 | CIS Apple macOS 10.15 Catalina v3.0.0 L2 | Unix | |
| CIS_Apple_macOS_11.0_Big_Sur_v4.0.0_L1.audit from CIS Apple macOS 12.0 Big Sur Benchmark v4.0.0 | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | |
| CIS_Apple_macOS_11.0_Big_Sur_v4.0.0_L2.audit from CIS Apple macOS 11.0 Big Sur Benchmark v4.0.0 | CIS Apple macOS 11.0 Big Sur v4.0.0 L2 | Unix | |
| CIS_Apple_macOS_12.0_Monterey_v4.0.0_L1.audit from CIS Apple macOS 12.0 Monterey Benchmark v4.0.0 | CIS Apple macOS 12.0 Monterey v4.0.0 L1 | Unix | |
| CIS_Apple_macOS_12.0_Monterey_v4.0.0_L2.audit from CIS Apple macOS 12.0 Monterey Benchmark v4.0.0 | CIS Apple macOS 12.0 Monterey v4.0.0 L2 | Unix | |
| CIS_Apple_macOS_13.0_Ventura_v3.1.0_L1.audit from CIS Apple macOS 13.0 Ventura Benchmark v3.1.0 | CIS Apple macOS 13.0 Ventura v3.1.0 L1 | Unix | |
| CIS_Apple_macOS_13.0_Ventura_v3.1.0_L2.audit from CIS Apple macOS 13.0 Ventura Benchmark v3.1.0 | CIS Apple macOS 13.0 Ventura v3.1.0 L2 | Unix | |
| CIS_Apple_macOS_14.0_Sonoma_v2.1.0_L1.audit from CIS Apple macOS 14.0 Sonoma Benchmark v2.1.0 | CIS Apple macOS 14.0 Sonoma v2.1.0 L1 | Unix | |
| CIS_Apple_macOS_14.0_Sonoma_v2.1.0_L2.audit from CIS Apple macOS 14.0 Sonoma Benchmark v2.1.0 | CIS Apple macOS 14.0 Sonoma v2.1.0 L2 | Unix | |
| CIS_Apple_macOS_15.0_Sequoia_v1.1.0_L1.audit from CIS Apple macOS 15.0 Sequoia Benchmark v1.1.0 | CIS Apple macOS 15.0 Sequoia v1.1.0 L1 | Unix | |
| CIS_Apple_macOS_15.0_Sequoia_v1.1.0_L2.audit from CIS Apple macOS 15.0 Sequoia Benchmark v1.1.0 | CIS Apple macOS 15.0 Sequoia v1.1.0 L2 | Unix | |
| DKER-EE-001800 - The insecure registry capability in the Docker Engine - Enterprise component of Docker Enterprise must be disabled. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-001840 - Experimental features in the Docker Engine - Enterprise component of Docker Enterprise must be disabled. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-001870 - The Docker Enterprise self-signed certificates in Universal Control Plane (UCP) must be replaced with DoD trusted, signed certificates. | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-001880 - The Docker Enterprise self-signed certificates in Docker Trusted Registry (DTR) must be replaced with DoD trusted, signed certificates. | DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-001900 - The Create repository on push option in Docker Trusted Registry (DTR) must be disabled in Docker Enterprise. | DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-001920 - Periodic data usage and analytics reporting in Docker Trusted Registry (DTR) must be disabled in Docker Enterprise. | DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-80-000223 - The ESXi host must not suppress warnings about unmitigated hyperthreading vulnerabilities. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000223 - The ESXi host must not suppress warnings about unmitigated hyperthreading vulnerabilities. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
