| 1.2.3 - MobileIron - Disable 'Form auto-fill' - 'Samsung SAFE' | MobileIron - CIS Google Android 4 v1.0.0 L1 | MDM | CONFIGURATION MANAGEMENT |
| 1.6.1 Ensure that the cluster-admin role is only used where required | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.7.5 Do not admit containers with allowPrivilegeEscalation | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.9 Ensure that the kubelet configuration file ownership is set to root:root | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.4.2 Disable Internet Sharing | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.19 Disable Mounting of freevxfs Filesystems | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2 Ensure that docker.service file permissions are set to 644 or more restrictive | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.7 Verify that Docker environment file ownership is set to root:root | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.12 Ensure that Docker server certificate file permissions are set to 444 or more restrictive | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.13 Ensure that Docker server certificate key file ownership is set to root:root | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.18 Ensure that daemon.json file permissions are set to 644 or more restrictive | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.20 Verify that TLS CA certificate file permissions are set to 444 or more restrictive | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 4.6 Ensure HEALTHCHECK instructions have been added to the container image | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 5.5 NFS - 'nfs.v4.write_delegation = on' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 5.7 Ensure privileged ports are not mapped within containers | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 5.10 Ensure Access to .ht* Files Is Restricted | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.5 Configure Network Time Protocol (NTP) - restrict -6 default kod nomodify notrap nopeer noquery | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 7.1 Ensure that key file permissions are set correctly | CIS MongoDB 3.2 L1 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 7.1 Ensure that key file permissions are set correctly | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 7.2 Ensure that database file permissions are set correctly | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 7.4.3 Verify Permissions on /etc/hosts.allow | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 7.5 Set "mesg n" as Default for All Users - /etc/profile mesg = n | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.1 Create Warnings for Standard Login Services - etc/motd perms | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.1 Create Warnings for Standard Login Services - etc/issue perms | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.1.18 Make the Audit Configuration Immutable | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.2.4 Create and Set Permissions on rsyslog Log Files - /var/log/news/news.notice | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.1.4 Set User/Group Owner and Permission on /etc/cron.daily | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.3.3 Set Permissions on /etc/ssh/sshd_config | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.3.10 Do Not Allow Users to Set Environment Options | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.9 Check Permissions on User .netrc Files | CIS Solaris 11 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.12 Check That Users Are Assigned Home Directories | CIS Solaris 11.1 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.14 Check User Home Directory Ownership | CIS Solaris 11 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 11.1 (L1) Ensure 'Show Status Bar' is not 'Hidden' | CIS MacOS Safari v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 11.2 Remove OS Information from Login Warning Banners - /etc/issue | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 13.7 Check Permissions on User Home Directories | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 13.9 Check Permissions on User .netrc Files | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 13.12 Check That Users Are Assigned Valid Home Directories | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 13.13 Check User Home Directory Ownership | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| Ensure ntp is configured - restrict -6 | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure permissions on /etc/cron.daily are configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure permissions on /etc/hosts.allow are configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure permissions on /etc/hosts.deny are configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure users' home directories permissions are 750 or more restrictive | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Fortigate - Use non default admin access ports - 'HTTPS' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | CONFIGURATION MANAGEMENT |
| IBM i : Scan File Systems (QSCANFS) - '*ROOTOPNUD' | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | CONFIGURATION MANAGEMENT |
| OpenStack Identity - strict permissions set for Identity configuration files - /etc/keystone/policy.json | TNS OpenStack Keystone/Identity Security Guide | Unix | CONFIGURATION MANAGEMENT |
| OpenStack Identity - user/group ownership of config files set to keystone - /etc/keystone/logging.conf | TNS OpenStack Keystone/Identity Security Guide | Unix | CONFIGURATION MANAGEMENT |
| OpenStack Identity - user/group ownership of config files set to keystone - /etc/keystone/ssl/certs/ca.pem | TNS OpenStack Keystone/Identity Security Guide | Unix | CONFIGURATION MANAGEMENT |
| OpenStack Networking - strict permissions set for Compute configuration files - /etc/neutron/api-paste.ini | TNS OpenStack Neutron/Networking Security Guide | Unix | CONFIGURATION MANAGEMENT |
| OpenStack Networking - user/group ownership of config files set to root/neutron - /etc/neutron/neutron.conf | TNS OpenStack Neutron/Networking Security Guide | Unix | CONFIGURATION MANAGEMENT |
