| 1.2.4.2.1.18 Set 'Allow access to BitLocker-protected fixed data drives from earlier versions of Windows' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.62 WN22-AU-000060 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.62 WN22-AU-000060 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.81 WN16-AU-000310 | CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.81 WN16-AU-000310 | CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.81 WN19-AU-000260 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.81 WN19-AU-000260 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.81 WN22-AU-000260 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.81 WN22-AU-000260 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.82 WN16-AU-000320 | CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.82 WN16-AU-000320 | CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.82 WN19-AU-000270 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.82 WN19-AU-000270 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.82 WN22-AU-000270 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.82 WN22-AU-000270 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.212 WN19-SO-000050 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.212 WN19-SO-000050 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 2.1 Ensure that authentication is enabled for MongoDB databases | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.2.1 (L1) Ensure 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | AUDIT AND ACCOUNTABILITY |
| 2.4 Ensure an industry standard authentication mechanism is used - authenticationMechanisms | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.4 Ensure an industry standard authentication mechanism is used - authorization | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - clusterAuthMode | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - mode | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.2 Ensure that MongoDB only listens for network connections on authorized interfaces | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 3.3 Ensure that MongoDB is run using a non-privileged, dedicated service account | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | |
| 3.124 - Audit of Backup and Restore Privileges is not turned off. | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1 Ensure TLS or SSL protects all network communications | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2 Ensure Federal Information Processing Standard (FIPS) is enabled | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.13 Ensure SSH AllowTcpForwarding is disabled | CIS Amazon Linux 2023 v1.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.1 Ensure that system activity is audited | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.2 Ensure that audit filters are configured properly | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure that logging captures as much information as possible | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.4 Ensure that new entries are appended to the end of the log file | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 6.1 Ensure that the HTTP status interface is disabled | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.2 Ensure that MongoDB uses a non-default port | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.3 Ensure that operating system resource limits are set for MongoDB | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.4 Ensure that server-side scripting is disabled if not needed | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.5 Ensure that the HTTP interface is disabled | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.6 Ensure that JSONP access via an HTTP interface is disabled | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.7 Ensure that the REST API is disabled | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 7.1 Ensure that key file permissions are set correctly | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 7.2 Ensure that database file permissions are set correctly | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 17.2.1 Ensure 'Audit Application Group Management' is set to 'Success and Failure' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN10-AU-000560 - Windows 10 must be configured to audit other Logon/Logoff Events Successes. | DISA Microsoft Windows 10 STIG v3r6 | Windows | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000565 - Windows 10 must be configured to audit other Logon/Logoff Events Failures. | DISA Microsoft Windows 10 STIG v3r6 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000560 - Windows 11 must be configured to audit other Logon/Logoff Events Successes. | DISA Microsoft Windows 11 STIG v2r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000565 - Windows 11 must be configured to audit other Logon/Logoff Events Failures. | DISA Microsoft Windows 11 STIG v2r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WN25-AU-000270 - Windows Server 2025 must be configured to audit Policy Change - Audit Policy Change failures. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
