| 1.1 Ensure device firmware is up to date | AirWatch - CIS Google Android 7 v1.0.0 L1 | MDM | |
| 1.1 Ensure the appropriate MongoDB software version/patches are installed | CIS MongoDB 3.2 Database Audit L1 v1.0.0 | MongoDB | CONFIGURATION MANAGEMENT |
| 1.1.2 Ensure NGINX is installed from source | CIS NGINX Benchmark v2.1.0 L2 Loadbalancer | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.1.2 Ensure NGINX is installed from source | CIS NGINX Benchmark v2.1.0 L2 Webserver | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.1.2.7.1 Ensure separate partition exists for /var/log/audit | CIS Oracle Linux 7 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.2.7.1 Ensure separate partition exists for /var/log/audit | CIS AlmaLinux OS 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.2.7.1 Ensure separate partition exists for /var/log/audit | CIS Debian Linux 12 v1.1.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.2.7.1 Ensure separate partition exists for /var/log/audit | CIS CentOS Linux 7 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.2.7.1 Ensure separate partition exists for /var/log/audit | CIS CentOS Linux 7 v4.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.2.7.1 Ensure separate partition exists for /var/log/audit | CIS AlmaLinux OS 8 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.2.7.1 Ensure separate partition exists for /var/log/audit | CIS SUSE Linux Enterprise 15 v2.0.1 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.6.1 Ensure separate partition exists for /var/log/audit | CIS Fedora 28 Family Linux Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.16 Ensure separate partition exists for /var/log/audit | CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 1.2 Ensure the latest version of Java is installed | CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2 Ensure the latest version of Java is installed | CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.3 Create mozilla.cfg file | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.3 Create mozilla.cfg file. | CIS Mozilla Firefox 38 ESR Linux L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.3 Ensure the latest version of Python is installed | CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 3.3 Disable NTLM v1 | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.8 Disable WebRTC - media.peerconnection.enabled | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 3.8 Disable WebRTC - media.peerconnection.use_document_iceservers | CIS Mozilla Firefox 38 ESR Linux L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.8 Disable WebRTC - media.peerconnection.use_document_iceservers | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 4.2 Ensure 'Software Update' returns 'Your software is up to date.' | AirWatch - CIS Apple iOS 12 v1.0.0 Institution Owned L1 | MDM | SYSTEM AND INFORMATION INTEGRITY |
| 4.2 Ensure 'Software Update' returns 'Your software is up to date.' | AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.2 Ensure 'Software Update' returns 'Your software is up to date.' | MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 7.5 Enable Warning for External Protocol Handler | CIS Mozilla Firefox 38 ESR Linux L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.2 Disable JAR from Opening Unsafe File Types | CIS Mozilla Firefox 38 ESR Linux L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.2 Disable JAR from Opening Unsafe File Types | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.85.2 Ensure 'Always install with elevated privileges' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.90.2 Ensure 'Always install with elevated privileges' is set to 'Disabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| AADC-CL-000840 - Adobe Acrobat Pro DC Classic privileged file and folder locations must be disabled. | DISA STIG Adobe Acrobat Pro DC Classic Track v2r1 | Windows | CONFIGURATION MANAGEMENT |
| AADC-CL-001010 - Adobe Acrobat Pro DC Classic Protected Mode must be enabled. | DISA STIG Adobe Acrobat Pro DC Classic Track v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AADC-CL-001290 - Adobe Acrobat Pro DC Classic Cloud Synchronization must be disabled. | DISA STIG Adobe Acrobat Pro DC Classic Track v2r1 | Windows | CONFIGURATION MANAGEMENT |
| ARDC-CL-000070 - Adobe Reader DC must disable the Adobe Repair Installation. | DISA STIG Adobe Acrobat Reader DC Classic Track v2r1 | Windows | CONFIGURATION MANAGEMENT |
| ARDC-CN-000070 - Adobe Reader DC must disable the Adobe Repair Installation. | DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO104 - Outlook - Disable user name and password syntax from being used in URLs | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| List bonded NIC groups | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| List networks | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| List patches | TNS Citrix Hypervisor | Unix | SYSTEM AND INFORMATION INTEGRITY |
| List physical storage locations | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000003 - The system must use a separate file system for /var/log. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SQL2-00-010400 - SQL Server auditing configuration maximum file size must be configured to reduce the likelihood of storage capacity being exceeded, while meeting organization-defined auditing requirements - 'max_size' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| VCST-80-000143 The vCenter STS service default documentation must be removed. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| WN12-CC-000025 - Device driver updates must only search managed servers, not Windows Update. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000025 - Device driver updates must only search managed servers, not Windows Update. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| XenServer - List networks | TNS Citrix XenServer | Unix | CONFIGURATION MANAGEMENT |
| XenServer - List physical storage locations | TNS Citrix XenServer | Unix | CONFIGURATION MANAGEMENT |
| XenServer - Only allow access to required network services | TNS Citrix XenServer | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| XenServer - The hosts.deny file blocks access by default | TNS Citrix XenServer | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| XenServer - XAPI SSL certificate is in default location | TNS Citrix XenServer | Unix | CONFIGURATION MANAGEMENT |
