| 1.2.1.1 Ensure 'Protection From Zone Elevation' is set to Enabled - winproj.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.2 Ensure 'Mime Sniffing Safety Feature' is set to Enabled - mspub.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.2 Ensure 'Mime Sniffing Safety Feature' is set to Enabled - powerpnt.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.2 Ensure 'Mime Sniffing Safety Feature' is set to Enabled - spDesign.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.3 Ensure 'Information Bar' is set to Enabled - visio.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.4 Ensure 'Bind to Object' is set to Enabled - excel.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.4 Ensure 'Bind to Object' is set to Enabled - onent.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.4 Ensure 'Bind to Object' is set to Enabled - powerpnt.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.5 Ensure 'Restrict File Download' is set to Enabled - excel.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.5 Ensure 'Restrict File Download' is set to Enabled - groove.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.5 Ensure 'Restrict File Download' is set to Enabled - spDesign.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.6 Ensure 'Saved from URL' is set to Enabled - excel.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.6 Ensure 'Saved from URL' is set to Enabled - mse7.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.6 Ensure 'Saved from URL' is set to Enabled - outlook.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.6 Ensure 'Saved from URL' is set to Enabled - pptview.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.7 Ensure 'Disable User Name and Password' is set to Enabled - pptview.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.7 Ensure 'Disable User Name and Password' is set to Enabled - visio.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.7 Ensure 'Disable User Name and Password' is set to Enabled - winproj.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.8 Ensure 'Scripted Window Security Restrictions' is set to Enabled - outlook.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.8 Ensure 'Scripted Window Security Restrictions' is set to Enabled - pptview.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.9 Ensure 'Local Machine Zone Lockdown Security' is set to Enabled - onent.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.12 Ensure 'Add-on Management' is set to Enabled - msaccess.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.12 Ensure 'Add-on Management' is set to Enabled - pptview.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.12 Ensure 'Add-on Management' is set to Enabled - winproj.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.13 Ensure 'Navigate URL' is set to Enabled - groove.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.13 Ensure 'Navigate URL' is set to Enabled - mse7.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.13 Ensure 'Navigate URL' is set to Enabled - onent.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.13 Ensure 'Navigate URL' is set to Enabled - outlook.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.13 Ensure 'Navigate URL' is set to Enabled - powerpnt.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.13 Ensure 'Navigate URL' is set to Enabled - pptview.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.1.14 Ensure 'Restrict ActiveX Install' is set to Enabled - groove.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.1.14 Ensure 'Restrict ActiveX Install' is set to Enabled - powerpnt.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.3.1 Ensure 'Block Flash activation in Office documents' is set to 'Enabled: Block all activation' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only) | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only) | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only) | CIS Microsoft Windows Server 2022 v4.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.4 Configure TCP Wrappers - Make sure that /etc/hosts.deny does exist. | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
| 3.3 Enable Stack Protection - Makes sure 'noexec_user_stack_log' is set to 1 in /etc/system. Note: Only applicable if NX bit is set. | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 Enable Debug Level Daemon Logging - Check if permissions for /var/log/connlog are OK. | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.1 (L1) Ensure 'Per-user MFA' is disabled | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 7.3 Set Strong Password Creation Policies - Check MINLOWER is set to 1 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.3 Set Strong Password Creation Policies - Check NAMECHECK is set to YES | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.6 Set Default umask for Users - Check if 'umask' is set to 077 - Check /etc/.login. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.8 Set 'mesg n' as Default for All Users in /etc/.login | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
| 7.8 Set 'mesg n' as Default for All Users in /etc/profile | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
| 8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.persLabelString' is not set to default string. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.persLabelString' is set appropriately. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 8.2 Create Warning Banner for CDE Users - Check if file permissions for files under /etc/dt/config/*/Xresources are OK. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
