| 1.1.3.1 Configure Authorization | CIS Cisco IOS XR 7.x v1.0.1 L2 | Cisco | ACCESS CONTROL |
| 1.2.1 Ensure the container host has been Hardened | CIS Docker v1.7.0 L1 Docker - Linux | Unix | CONFIGURATION MANAGEMENT |
| 1.4 Remove all non-essential services from the host - DPKG | CIS Docker 1.11.0 v1.0.0 L1 Linux | Unix | CONFIGURATION MANAGEMENT |
| 1.4 Remove all non-essential services from the host - RPM | CIS Docker 1.11.0 v1.0.0 L1 Linux | Unix | CONFIGURATION MANAGEMENT |
| 1.4 Remove all non-essential services from the host - Running Processes | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | CONFIGURATION MANAGEMENT |
| 1.4 Remove all non-essential services from the host - Sockets | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | CONFIGURATION MANAGEMENT |
| 1.6.6.2.6 Ensure 'Require That Application Add-ins are Signed by Trusted Publisher' is set to Enabled | CIS Microsoft Office PowerPoint 2016 v1.0.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_FCHROOT : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETEGID : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETEUID : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETPGID : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETREGID : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3 Set 'Always expand groups in Office when restricting permission for documents' to 'Enabled' | CIS MS Office Outlook 2010 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - AcroRd32.exe | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - INFOPATH.EXE | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - java.exe | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - javaw.exe | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - MSACCESS.EXE | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - MSPUB.EXE | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - OUTLOOK.EXE | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - PPTVIEW.EXE | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - VISIO.EXE | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - wordpad.exe | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.6.1.2 Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.6.1.2 (L1) Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.6.1.2 (L1) Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.6.1.2 (L1) Ensure 'Configure Attack Surface Reduction rules: Set the state for each ASR rule' is configured | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Allow users to demote attachments to Level 2 | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow users to demote attachments to Level 2 | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Big Sur - Disable Power Nap | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | CONFIGURATION MANAGEMENT |
| DTOO126 - Access - Add-on Management functionality must be allowed. | DISA STIG Office 2010 Access v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO126 - Outlook - Add-on Management functionality must be allowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO126 - Publisher - Add-on Management functionality must be allowed. | DISA STIG Office 2010 Publisher v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Access - Links that invoke instances of IE from within an Office product must be blocked. | DISA STIG Office 2010 Access v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - OneNote - Links that invoke instances of IE from within an Office product must be blocked. | DISA STIG Office 2010 OneNote v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Word - Links that invoke instances of IE from within an Office product must be blocked. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO132 - Excel - File Downloads must be configured for proper restrictions. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO132 - OneNote - File Downloads must be configured for proper restrictions. | DISA STIG Office 2010 OneNote v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO132 - Publisher - File Downloads must be configured for proper restrictions. | DISA STIG Office 2010 Publisher v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO132 - Word - File Downloads must be configured for proper restrictions. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO196 - A mix of policy and user locations for Office Products must be disallowed. | DISA Microsoft Office System 2016 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| DTOO197 - Smart Documents use of Manifests in Office must be disallowed. | DISA Microsoft Office System 2016 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| DTOO207 - Office System - Document Information panel Beaconing must show UI. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO211 - Excel - ActiveX Installs must be configured for proper restriction. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO211 - Project - ActiveX Installs must be configured for proper restriction. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Macro Notification Settings - vbarequirelmtrustedpublisher | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Macro Notification Settings - vbawarnings | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000007 - Trust Bar notifications must be configured to display information in the Message Bar about the content that has been automatically blocked. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | CONFIGURATION MANAGEMENT |
| O365-CO-000010 - Users must be prevented from creating new trusted locations in the Trust Center. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | ACCESS CONTROL |
| O365-CO-000012 - Office applications must not load XML expansion packs with Smart Documents. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | CONFIGURATION MANAGEMENT |
