| 1.1.1.5 Set 'Enforce password history' to '24 or more password(s)' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.2.13 Set 'Audit Policy: System: Security State Change' to 'Success and Failure' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.28 Set 'Audit Policy: Object Access: Kernel Object' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.30 Set 'Audit Policy: Object Access: Application Generated' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.32 Set 'Audit Policy: Policy Change: Audit Policy Change' to 'Success and Failure' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.35 Set 'Audit Policy: System: Other System Events' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.36 Set 'Audit Policy: Logon-Logoff: Other Logon/Logoff Events' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.46 Set 'Audit Policy: Object Access: Removable Storage' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.51 Set 'Audit Policy: Detailed Tracking: Process Creation' to 'Success' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.54 Set 'Audit Policy: Object Access: File System' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.3.1.1 Set 'Accounts: Block Microsoft accounts' to 'Users can't add or log on with Microsoft accounts' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.3.1.5 Set 'Accounts: Guest account status' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.3.2.2 Enable 'Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.3.3.1 Configure 'DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.1.3.5.1 Set 'Domain member: Require strong (Windows 2000 or later) session key' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.1.3.5.2 Set 'Domain member: Digitally sign secure channel data (when possible)' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.3.5.3 Set 'Domain member: Digitally encrypt secure channel data (when possible)' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.3.6.3 Configure 'Interactive logon: Require smart card' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.3.6.6 Set 'Interactive logon: Require Domain Controller authentication to unlock workstation' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.3.6.8 Set 'Interactive logon: Do not require CTRL+ALT+DEL' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.1.3.8.1 Set 'Microsoft network server: Disconnect clients when logon hours expire' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.3.8.3 Set 'Microsoft network server: Digitally sign communications (if client agrees)' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.3.9.2 Configure 'MSS: (NtfsDisable8dot3NameCreation) Enable the computer to stop generating 8.3 style filenames' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.1.3.9.4 Set 'MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning' to '<= 0.9' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.3.9.5 Set 'MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)' to 'Highest protection' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.3.9.6 Set 'MSS: (AutoReboot) Allow Windows to automatically restart after a system crash' to 'Not Defined' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.1.3.9.13 Configure 'MSS: (Hidden) Hide Computer From the Browse List (not recommended except for highly secure environments)' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.3.9.15 Set 'MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (protects against packet spoofing)' to 'Highest' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.3.10.6 Set 'Network access: Sharing and security model for local accounts' to 'Classic - local users authenticate as themselves' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 1.1.3.10.7 Set 'Network access: Remotely accessible registry paths and sub-paths' to the following list | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.3.11.4 Set 'Network security: Allow LocalSystem NULL session fallback' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.3.11.9 Configure 'Network Security: Restrict NTLM: Add remote server exceptions for NTLM authentication' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.1.3.11.15 Set 'Network Security: Configure encryption types allowed for Kerberos' to 'RC4\AES128\AES256\Future types' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.3.13.1 Set 'Shutdown: Clear virtual memory pagefile' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.1.4.1 Configure 'Allow log on through Remote Desktop Services' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.6 Set 'Increase scheduling priority' to 'Administrators' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.8 Set 'Force shutdown from a remote system' to 'Administrators' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.9 Set 'Change the time zone' to 'LOCAL SERVICE, Administrators, Users' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.14 Set 'Take ownership of files or other objects' to 'Administrators' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.18 Set 'Back up files and directories' to 'Administrators' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.24 Set 'Perform volume maintenance tasks' to 'Administrators' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.29 Set 'Deny log on as a batch job' to 'Guests' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.4.35 Set 'Generate security audits' to 'Local Service, Network Service' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.1.5.1.4 Set 'Windows Firewall: Domain: Apply local firewall rules' to 'Yes (default)' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4 Ensure 'forms authentication' is set to use cookies - Default | CIS IIS 7 L2 v1.8.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.1 Ensure FTP requests are encrypted - Control Channel Sites | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure TLS 1.0 is enabled - DisabledByDefault | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.5 Ensure TLS 1.0 is disabled | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.10 Ensure RC4 Cipher Suites is disabled - RC4 40/128 | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.14 Ensure TLS Cipher Suite ordering is configured | CIS IIS 7 L2 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
