| 18.9.65.3.2.1 (L2) Ensure 'Restrict Remote Desktop Services users to a single Remote Desktop Services session' is set to 'Enabled' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.10.1.4 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Recovery Password' is set to 'Enabled: Allow 48-digit recovery password' or higher | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.10.1.5 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Recovery Key' is set to 'Enabled: Allow 256-bit recovery key' or higher | CIS Microsoft Windows 10 Enterprise v4.0.0 BL | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.10.1.5 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Recovery Key' is set to 'Enabled: Allow 256-bit recovery key' or higher | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.10.1.5 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Recovery Key' is set to 'Enabled: Allow 256-bit recovery key' or higher | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.10.3.9 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for removable data drives' is set to 'Enabled: False' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | MEDIA PROTECTION |
| 18.10.57.3.2.1 (L2) Ensure 'Restrict Remote Desktop Services users to a single Remote Desktop Services session' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.57.3.2.1 (L2) Ensure 'Restrict Remote Desktop Services users to a single Remote Desktop Services session' is set to 'Enabled' | CIS Windows Server 2012 MS L2 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.57.3.2.1 (L2) Ensure 'Restrict Remote Desktop Services users to a single Remote Desktop Services session' is set to 'Enabled' | CIS Windows Server 2012 R2 DC L2 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.57.3.2.1 (L2) Ensure 'Restrict Remote Desktop Services users to a single Remote Desktop Services session' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v4.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| Salesforce.com : Administrator Access - 'No System Administrator accounts have been created since the last scan' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : Administrator Access - 'No System Administrator accounts have been modified since the last scan' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : AuthConfig - 'Auth Providers = Facebook Execution User ID' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = Facebook' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = Janrain' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Consumer Key' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Consumer Key' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Consumer Secret' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Token Issuer' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = Salesforce Consumer Secret' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = Salesforce Default Scope' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - No SSO Auth Providers have been configured | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | IDENTIFICATION AND AUTHENTICATION |
| Salesforce.com : CronTrigger - 'Cron Jobs with Status of BLOCKED' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : Email Services - 'AddressInactiveAction != 2' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : Email Services - 'AttachmentOption != 2 or 3' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : Email Services - 'AuthenticationFailureAction != 2 or 3' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : Email Services - 'FunctionInactiveAction != 2' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : Email Services - 'IsTextAttachmentsAsBinary = False' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : Email Services - 'OverLimitAction != 2' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : Monitoring Login History - 'Inactive System Administrators' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : Monitoring Login History - 'Users that have not logged in' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : Network-Based Security - 'Login IP Addresses' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | AUDIT AND ACCOUNTABILITY |
| Salesforce.com : Object Permissions - 'DefaultAccountAccess should not be Public Read/Write or Public Read/Write/Transfer' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : Securing Data Access - 'DashboardMobile iPad access' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : Setting Password Policies - 'Minimum 1 day password lifetime' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | IDENTIFICATION AND AUTHENTICATION |
| Salesforce.com : Setting Password Policies - 'minimum password length >= 8' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | IDENTIFICATION AND AUTHENTICATION |
| Salesforce.com : Setting Password Policies - 'Must mix numbers, uppercase and lowercase letters, and special characters' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | IDENTIFICATION AND AUTHENTICATION |
| Salesforce.com : Setting Password Policies - 'Obscure secret answer for password resets = true' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | IDENTIFICATION AND AUTHENTICATION |
| Salesforce.com : Setting Password Policies - 'passwords expire >= 90' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | IDENTIFICATION AND AUTHENTICATION |
| Salesforce.com : Setting Session Security - 'Enable clickjack protection for non-setup Salesforce pages = true' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | SYSTEM AND COMMUNICATIONS PROTECTION |
| Salesforce.com : Setting Session Security - 'Review Apex Mobile User' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : Setting Session Security - 'Review Call Center Auto-Login Users' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : Setting Session Security - 'Review Chatter Answers Users' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : Setting Session Security - 'Review Offline User' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : Setting Session Security - 'Review Salesforce Knowledge Users' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : Setting Session Security - 'Review Site.com Contributor User' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : Setting Session Security - 'Review Site.com Publisher User' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : Setting Session Security - 'Review Wireless User' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : User Access - 'No new users have been created since the last scan' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| SalesForce.com : User Permissions - 'Review Active System Administrators' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
