| 6.2.1 Ensure Protect Mail Activity in Mail Is Enabled | CIS Apple macOS 14.0 Sonoma v2.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.2.1 Ensure Protect Mail Activity in Mail Is Enabled | CIS Apple macOS 15.0 Sequoia v1.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.2.1 Ensure Protect Mail Activity in Mail Is Enabled | CIS Apple macOS 13.0 Ventura v3.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.3.1 Ensure Automatic Opening of Safe Files in Safari Is Disabled | CIS Apple macOS 14.0 Sonoma v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 6.3.1 Ensure Automatic Opening of Safe Files in Safari Is Disabled | CIS Apple macOS 15.0 Sequoia v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 6.3.1 Ensure Automatic Opening of Safe Files in Safari Is Disabled | CIS Apple macOS 13.0 Ventura v3.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 6.3.3 Ensure Warn When Visiting A Fraudulent Website in Safari Is Enabled | CIS Apple macOS 14.0 Sonoma v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.3.3 Ensure Warn When Visiting A Fraudulent Website in Safari Is Enabled | CIS Apple macOS 15.0 Sequoia v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.3.3 Ensure Warn When Visiting A Fraudulent Website in Safari Is Enabled | CIS Apple macOS 13.0 Ventura v3.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.3.5 Audit Hide IP Address in Safari Setting | CIS Apple macOS 14.0 Sonoma v2.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.3.5 Audit Hide IP Address in Safari Setting | CIS Apple macOS 13.0 Ventura v3.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.3.5 Audit Hide IP Address in Safari Setting | CIS Apple macOS 15.0 Sequoia v1.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1.1 Ensure Protect Mail Activity in Mail Is Enabled | CIS Apple macOS 10.15 Catalina v3.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1.1 Ensure Protect Mail Activity in Mail Is Enabled | CIS Apple macOS 11.0 Big Sur v4.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1.1 Ensure Protect Mail Activity in Mail Is Enabled | CIS Apple macOS 12.0 Monterey v4.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2.1 Ensure Automatic Opening of Safe Files in Safari Is Disabled | CIS Apple macOS 12.0 Monterey v4.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 7.2.1 Ensure Automatic Opening of Safe Files in Safari Is Disabled | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 7.2.1 Ensure Automatic Opening of Safe Files in Safari Is Disabled | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 7.2.4 Ensure Warn When Visiting A Fradulent Website in Safari Is Enabled | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2.4 Ensure Warn When Visiting A Fradulent Website in Safari Is Enabled | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2.4 Ensure Warn When Visiting A Fradulent Website in Safari Is Enabled | CIS Apple macOS 12.0 Monterey v4.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2.6 Audit Hide IP Address in Safari Setting | CIS Apple macOS 10.15 Catalina v3.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2.6 Audit Hide IP Address in Safari Setting | CIS Apple macOS 11.0 Big Sur v4.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2.6 Audit Hide IP Address in Safari Setting | CIS Apple macOS 12.0 Monterey v4.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.80.1.1 (L1) Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled: Warn and prevent bypass' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Microsoft Word 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Navigation to URLs embedded in Office products must be blocked. | DISA STIG Microsoft Visio 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO124 - Scripted Window Security must be enforced. | DISA STIG Microsoft Sharepoint Designer 2013 v1r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO124 - Scripted Window Security must be enforced. | DISA STIG Microsoft Visio 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO124 - Scripted Window Security must be enforced. | DISA STIG Microsoft Word 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO124 - Scripted Window Security must be enforced. | DISA STIG Microsoft Word 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked. | DISA STIG Microsoft Visio 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO132 - File downloads must be configured for proper restrictions. | DISA STIG Microsoft Sharepoint Designer 2013 v1r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO132 - File Downloads must be configured for proper restrictions. | DISA STIG Microsoft Visio 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO292 - Document behavior if file validation fails must be set - openinprotectedview | DISA STIG Microsoft Word 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO337 - Word 95 binary documents and templates must be configured to edit in protected view. | DISA STIG Microsoft Word 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO338 - Word 97 binary documents and templates must be configured to edit in protected view. | DISA STIG Microsoft Word 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO605 - Files on local Intranet UNC must be opened in Protected View. | DISA STIG Microsoft Word 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-UX-000080 - Oracle JRE 8 must disable dialog enabling users to grant permissions - deployment.security.askgrantdialog.notinca.locked | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-UX-000080 - Oracle JRE 8 must disable the dialog enabling users to grant permissions - deployment.security.askgrantdialog.notinca | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-UX-000090 - Oracle JRE 8 must lock the dialog enabling users to grant permissions - deployment.security.askgrantdialog.show | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-UX-000090 - Oracle JRE 8 must lock the dialog enabling users to grant permissions - deployment.security.askgrantdialog.show.locked | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-UX-000110 - Oracle JRE 8 must prevent the download of prohibited mobile code - deployment.security.blacklist.check | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-UX-000110 - Oracle JRE 8 must prevent the download of prohibited mobile code - deployment.security.blacklist.check.locked | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-UX-000170 - Oracle JRE 8 must prompt the user for action prior to executing mobile code - deployment.insecure.jres | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-UX-000170 - Oracle JRE 8 must prompt the user for action prior to executing mobile code - deployment.insecure.jres.locked | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SHPT-00-000682 - The Online Web Part Gallery must be configured for limited access. | DISA STIG SharePoint 2010 v1r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SHPT-00-000683 - SharePoint-specific malware (i.e., anti-virus) software must be integrated and configured - 'Scan Documents on Download is enabled' | DISA STIG SharePoint 2010 v1r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SHPT-00-000683 - SharePoint-specific malware (i.e., anti-virus) software must be integrated and configured - 'Scan Documents on Upload is enabled' | DISA STIG SharePoint 2010 v1r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SHPT-00-000683 - SharePoint-specific malware (i.e., anti-virus) software must be integrated and configured. | DISA STIG SharePoint 2010 v1r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
