| 1.2 Ensure that the SharePoint Central Administration Site is TLS-enabled - Port 443 | CIS Microsoft SharePoint 2016 OS v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.1.1 Set 'ntp authenticate' | CIS Cisco IOS XE 17.x v2.2.0 L1 | Cisco | AUDIT AND ACCOUNTABILITY |
| 2.11.8.7.2.5 (L1) Ensure 'Dynamic Data Exchange' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 3.1.1 - MobileIron - Enable 'Require password' | MobileIron - CIS Apple iOS 9 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 3.2 Ensure intrusion prevention is enabled for untrusted interfaces | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure dccp kernel module is not available | CIS CentOS Linux 7 v4.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure dccp kernel module is not available | CIS Debian Linux 11 v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure dccp kernel module is not available | CIS Ubuntu Linux 22.04 LTS v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure dccp kernel module is not available | CIS Oracle Linux 7 v4.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure dccp kernel module is not available | CIS Oracle Linux 7 v4.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure dccp kernel module is not available | CIS AlmaLinux OS 9 v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure dccp kernel module is not available | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure dccp kernel module is not available | CIS Red Hat Enterprise Linux 7 v4.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure dccp kernel module is not available | CIS Red Hat EL8 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.4.1 Ensure DCCP is disabled - blacklist dccp | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 3.4.1 Ensure DCCP is disabled - lsmod | CIS Debian 9 Workstation L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.5.1 Ensure DCCP is disabled | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.5.1 Ensure DCCP is disabled | CIS Red Hat 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.5.1 Ensure DCCP is disabled - lsmod | CIS Debian Family Server L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.5.1 Ensure DCCP is disabled - lsmod | CIS Debian Family Workstation L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.5.1 Ensure DCCP is disabled - lsmod | CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.5.1 Ensure DCCP is disabled (lsmod) | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| CIS Internet Explorer 11 Benchmark Version 1.0.0 | CIS IE 11 v1.0.0 | Windows | |
| CIS_Debian_Family_Linux_v1.0.0_L1_Server.audit from CIS Debian Family Linux Benchmark | CIS Debian Family Server L1 v1.0.0 | Unix | |
| CIS_Debian_Linux_10_v1.0.0_L2_Workstation.audit from CIS Debian Linux 10 Benchmark | CIS Debian 10 Workstation L2 v2.0.0 | Unix | |
| CIS_Kubernetes_v1.1.0_Level_1.audit from CIS Kubernetes Benchmark v1.1.0 | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | |
| CIS_Kubernetes_v1.24_v1.0.0_Level_2_Worker.audit from CIS Kubernetes v1.24 Benchmark v1.0.0 | CIS Kubernetes v1.24 Benchmark v1.0.0 L2 Worker | Unix | CONFIGURATION MANAGEMENT |
| CIS_MongoDB_3.4_Benchmark_Level_1_OS_Unix_v1.0.0.audit from CIS MongoDB 3.4 Benchmark | CIS MongoDB 3.4 L1 Unix Audit v1.0.0 | Unix | |
| CIS_MongoDB_3.6_Benchmark_Level_1_OS_Windows_v1.1.0.audit from CIS MongoDB 3.6 Benchmark | CIS MongoDB 3.6 L1 Windows Audit v1.1.0 | Windows | |
| CIS_MongoDB_5_Benchmark_Level_2_OS_Windows_v1.2.0.audit from CIS MongoDB 5 Benchmark | CIS MongoDB 5 L2 OS Windows v1.2.0 | Windows | |
| CIS_MongoDB_Benchmark_Level_1_OS_Unix_v1.0.0.audit from CIS MongoDB Benchmark v1.0.0 | CIS MongoDB L1 Unix Audit v1.0.0 | Unix | |
| CIS_MongoDB_Benchmark_Level_2_OS_Windows_v1.0.0.audit from CIS MongoDB Benchmark v1.0.0 | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | |
| CIS_PostgreSQL_10_v1.0.0_L1_OS_Linux.audit from CIS Benchmark for PostgreSQL 10 | CIS PostgreSQL 10 OS v1.0.0 | Unix | |
| CIS_PostgreSQL_11_v1.0.0_L1_OS_Linux.audit from CIS Benchmark for PostgreSQL 11 | CIS PostgreSQL 11 OS v1.0.0 | Unix | |
| CIS_PostgreSQL_12_v1.1.0_L1_DB.audit from CIS PostgreSQL 12 Benchmark v1.1.0 | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | |
| CIS_PostgreSQL_12_v1.1.0_L1_OS_Linux.audit from CIS PostgreSQL 12 Benchmark v1.1.0 | CIS PostgreSQL 12 OS v1.1.0 | Unix | |
| CIS_PostgreSQL_16_v1.0.0_L1_Database.audit from CIS PostgreSQL 16 Benchmark v1.0.0 | CIS PostgreSQL 16 DB v1.0.0 | PostgreSQLDB | |
| CIS_v1.1.0_Oracle_11g_OS_Windows_Level_1.audit from CIS v1.1.0 Oracle 11g | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | |
| Configure IPsec Tunnel Parameters - perfect-forward-secrecy | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | ACCESS CONTROL |
| DTBI1075-IE11 - Prevent ignoring certificate errors option must be enabled. | DISA STIG IE 11 v2r5 | Windows | IDENTIFICATION AND AUTHENTICATION |
| EX16-MB-000470 - Exchange Internal Receive connectors must not allow anonymous connections. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Prevent ignoring certificate errors | MSCT Windows 10 v21H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent ignoring certificate errors | MSCT Windows Server 1903 MS v1.19.9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent ignoring certificate errors | MSCT Windows Server v1909 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent ignoring certificate errors | MSCT Windows Server v2004 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent ignoring certificate errors | MSCT Windows Server 2016 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent ignoring certificate errors | MSCT Windows 10 v2004 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent ignoring certificate errors | MSCT Windows Server 2025 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-PK-000005 - The DoD Root CA certificates must be installed in the Trusted Root Store. | DISA Microsoft Windows 11 STIG v2r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN16-MS-000390 - The 'Deny log on as a service' user right on member servers must be configured to prevent access from highly privileged domain accounts on domain systems. No other groups or accounts must be assigned this right. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | ACCESS CONTROL |
