| 1.1 Ensure single sign-on (SSO) is configured for your account / organization | CIS Snowflake Foundations v1.0.0 L1 | Snowflake | ACCESS CONTROL |
| 1.1.3 Configure Secure Password Policy - EnsurePassword Memory | CIS F5 Networks v1.0.0 L1 | F5 | IDENTIFICATION AND AUTHENTICATION |
| 1.1.3 Configure Secure Password Policy - Maximum Duration | CIS F5 Networks v1.0.0 L1 | F5 | IDENTIFICATION AND AUTHENTICATION |
| 1.1.3 Configure Secure Password Policy - Required Numeric | CIS F5 Networks v1.0.0 L1 | F5 | IDENTIFICATION AND AUTHENTICATION |
| 1.1.3 Configure Secure Password Policy - User Lockout | CIS F5 Networks v1.0.0 L1 | F5 | IDENTIFICATION AND AUTHENTICATION |
| 1.1.4.6 Set 'Increase scheduling priority' to 'Administrators' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.8 Set 'Force shutdown from a remote system' to 'Administrators' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.9 Set 'Change the time zone' to 'LOCAL SERVICE, Administrators, Users' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.29 Set 'Deny log on as a batch job' to 'Guests' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.35 Set 'Generate security audits' to 'Local Service, Network Service' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.5.1.4 Set 'Windows Firewall: Domain: Apply local firewall rules' to 'Yes (default)' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.5.1.5 Set 'Windows Firewall: Domain: Apply local connection security rules' to 'Yes (default)' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.5.1.8 Set 'Windows Firewall: Domain: Logging: Log dropped packets' to 'Yes' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.5.1.9 Set 'Windows Firewall: Domain: Logging: Log successful connections' to 'Yes' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.5.3.3 Set 'Windows Firewall: Public: Apply local connection security rules' to 'No' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.5.3.9 Set 'Windows Firewall: Public: Logging: Size limit (KB)' to '16384 KB or greater' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.2.1 Configure 'Point and Print Restrictions' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.3.1.6 Set 'Turn off Search Companion content file updates' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.3.2.3 Configure 'Do not process the legacy run list' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.3.2.5 Configure 'Turn off app notifications on the lock screen' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.2.3.3.2 Configure 'Turn Off the Display (seconds):' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.3.4.2 Set 'Configure Offer Remote Assistance' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.2.4.1.1 Set 'Turn off Autoplay on' to 'Enabled:All drives' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.4.2.1.4 Set 'Recovery Key' to 'Allow 256-bit recovery key' | CIS Windows 8 L1 v1.0.0 | Windows | CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.4.2.1.7 Set 'Restrict crypto algorithms or cipher suites to the following:' to '2.16.840.1.101.3.4.1.2;2.16.840.1.101.3.4.1.42' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.4.2.1.8 Set 'Restrict encryption algorithms and cipher suites allowed for hardware-based encryption' to 'False' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.4.2.2.6 Set 'Use BitLocker software-based encryption when hardware encryption is not available' to 'True' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.4.2.2.21 Configure 'Use enhanced Boot Configuration Data validation profile' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.4.2.2.27 Set 'Allow Secure Boot for integrity validation' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.2.4.2.3.4 Set 'Recovery Key' to 'Do not allow 256-bit recovery key' | CIS Windows 8 L1 v1.0.0 | Windows | CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.4.2.3.16 Set 'Require use of smart cards on removable data drives' to 'True' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.4.2.3.19 Configure 'Control use of BitLocker on removable drives' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.4.2.3.20 Set 'Do not allow write access to devices configured in another organization' to 'True' | CIS Windows 8 L1 v1.0.0 | Windows | MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.4.2.5 Set 'Select the encryption method:' to 'Enabled:AES 256-bit' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.4.2.8 Configure 'Provide the unique identifiers for your organization' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.4.3.1 Configure 'Require trusted path for credential entry' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.2.4.4.2 Set 'Security: Maximum Log Size (KB)' to 'Enabled:20480 or greater' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.2.4.5.2 Configure 'Allow users to connect remotely by using Remote Desktop Services' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.4.7.2 Set 'Reschedule Automatic Updates scheduled installations' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.4.13 Configure 'Allow all trusted apps to install' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.4.15 Configure 'Turn off Automatic Download of updates' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.4.17 Configure 'Turn off location' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 2.1 Configure 'Disable regedit from running silently?' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.1 Ensure that Remote Radius is used for Authentication Only | CIS F5 Networks v1.0.0 L2 | F5 | ACCESS CONTROL |
| 2.4 Ensure External Users' role is set to 'No Access' | CIS F5 Networks v1.0.0 L2 | F5 | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.4 Set 'Do not preserve zone information in file attachments' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.10 Set 'Seconds' to 'Enabled:900 or fewer seconds' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 4.2 Ensure 'Idle timeout' is less than or equal to 10 minutes for SSH connections | CIS F5 Networks v1.0.0 L1 | F5 | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.4 Ensure 'Idle timeout' is less than or equal to 10 minutes for serial console sessions | CIS F5 Networks v1.0.0 L1 | F5 | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.2 Ensure minimum SNMP version is set to V3 for agent access | CIS F5 Networks v1.0.0 L1 | F5 | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
