| 1.2.3 Ensure 'Account lockout threshold' is set to '3 or fewer invalid logon attempt(s), but not 0' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 1.2.3 Ensure 'Account lockout threshold' is set to '3 or fewer invalid logon attempt(s), but not 0' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 1.2.3 Ensure 'Account lockout threshold' is set to '3 or fewer invalid logon attempt(s), but not 0' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
| 1.6.15 - TCP/IP Tuning - 'tcp_tcpsecure = 7' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8.9 Ensure GNOME Screensaver period of inactivity is configured | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 2.2.16 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests, Local account' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.16 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests, Local account' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL |
| 2.2.16 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests, Local account' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.16 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests, Local account' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.16 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests, Local account' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.16 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.16 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.16 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.16 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.16 (L1) Ensure 'Deny access to this computer from the network' to include 'Guests' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.3.1.2 (L1) Ensure 'Accounts: Guest account status' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.1.2 (L1) Ensure 'Accounts: Guest account status' is set to 'Disabled' (MS only) | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.5.4 Ensure 'Domain controller: LDAP server signing requirements' is set to 'Require signing' (DC only) | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5.3.3 Ensure default user umask is configured | CIS Red Hat EL8 Server L1 v3.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.4.4 Ensure default user umask is 027 or more restrictive - /etc/login.defs | CIS Debian Family Workstation L1 v1.0.0 | Unix | ACCESS CONTROL |
| 5.4.4 Ensure default user umask is 027 or more restrictive - /etc/login.defs | CIS Debian Family Server L1 v1.0.0 | Unix | ACCESS CONTROL |
| 5.4.4 Ensure default user umask is 027 or more restrictive - /etc/pam.d/common-session | CIS Debian Family Server L1 v1.0.0 | Unix | ACCESS CONTROL |
| 5.4.4 Ensure default user umask is 027 or more restrictive - /etc/pam.d/common-session | CIS Debian Family Workstation L1 v1.0.0 | Unix | ACCESS CONTROL |
| 11 - Access Control - JAAS | TNS Best Practice Jetty 9 Linux | Unix | |
| 18.4.1 Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 18.4.1 Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL |
| 18.5.1 (L1) Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)' is set to 'Disabled' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.5.1 (L1) Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon' is set to 'Disabled' | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.5.1 (L1) Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon' is set to 'Disabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.5.1 (L1) Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon' is set to 'Disabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.5.1 (L1) Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.5.1 Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon' is set to 'Disabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.5.1 Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon' is set to 'Disabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 20.20 Ensure 'DoD Interoperability Root CA cross-certificates' are installed in the 'Untrusted Certificates Store' on unclassified systems | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 20.27 Ensure 'Event Viewer must be protected from unauthorized modification and deletion' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 20.27 Ensure 'Event Viewer must be protected from unauthorized modification and deletion' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 20.70 Ensure 'Users with Administrative privileges have separate accounts for administrative duties and normal operational tasks' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 20.70 Ensure 'Users with Administrative privileges have separate accounts for administrative duties and normal operational tasks' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
| 49.1 (L1) Ensure 'Accounts: Enable Guest account status' is set to 'Disabled' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 49.1 (L1) Ensure 'Accounts: Enable Guest account status' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 89.13 (L1) Ensure 'Deny Access From Network' to include 'Guests, Local account' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 89.13 (L1) Ensure 'Deny Access From Network' to include 'Guests, Local account' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| AADC-CL-000280 - Adobe Acrobat Pro DC Classic access to unknown websites must be restricted. | DISA STIG Adobe Acrobat Pro DC Classic Track v2r1 | Windows | CONFIGURATION MANAGEMENT |
| Adtran : Password Policy - no weak passwords | TNS Adtran AOS Best Practice Audit | Adtran | IDENTIFICATION AND AUTHENTICATION |
| DO6748-ORACLE11 - Case sensitivity for passwords should be enabled - 'sec_case_sensitive_logon = true' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | |
| JBOS-AS-000080 - The JBoss server must generate log records for access and authentication events to the management interface. | DISA JBoss EAP 6.3 STIG v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| KNOX-07-018900 - The Samsung Android 7 with Knox must use a NIAP certified container for work data and applications. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| SQL4-00-015200 - SQL Server must be monitored to discover unauthorized changes to stored procedures. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL6-D0-013400 - SQL Server must generate audit records when successful and unsuccessful attempts to add privileges/permissions occur. | DISA STIG SQL Server 2016 Instance DB Audit v3r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL6-D0-014200 - SQL Server must generate audit records when successful and unsuccessful attempts to delete privileges/permissions occur. | DISA STIG SQL Server 2016 Instance DB Audit v3r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
