| 1.1.1.6 Ensure mounting of squashfs filesystems is disabled - modprobe | CIS Debian Family Workstation L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.2 Ensure /tmp is configured | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.13 Ensure separate partition exists for /home | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.22 Disable Automounting | CIS Debian Family Workstation L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.23 Disable USB Storage - lsmod | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.23 Disable USB Storage - modprobe | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.23 Disable USB Storage - modprobe | CIS Debian Family Workstation L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.7.1.4 Ensure all AppArmor Profiles are enforcing - complain mode | CIS Debian Family Workstation L2 v1.0.0 | Unix | ACCESS CONTROL |
| 1.7.1.4 Ensure all AppArmor Profiles are enforcing - profiles loaded | CIS Debian Family Workstation L2 v1.0.0 | Unix | ACCESS CONTROL |
| 4.1.1.1 Ensure auditd is installed | CIS Debian Family Workstation L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.1.1 Ensure auditd is installed - audit | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.3 Ensure system is disabled when audit logs are full - 'admin_space_left_action = halt' | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.4 Ensure audit_backlog_limit is sufficient | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3 Ensure events that modify date and time information are collected - auditctl adjtimex settimeofday 32-bit | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.3 Ensure events that modify date and time information are collected - rules.d adjtimex settimeofday 64-bit | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.3 Ensure events that modify date and time information are collected - rules.d clock_settime 64-bit | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.5 Ensure events that modify the system's network environment are collected - rules.d /etc/issue.net | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 4.1.5 Ensure events that modify the system's network environment are collected - rules.d sethostname setdomainname 32-bit | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/selinux/ | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - rules.d /usr/share/selinux/ | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chown 64-bit | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl setxattr 64-bit | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.9 Ensure discretionary access control permission modification events are collected - rules.d chmod 32-bit | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.9 Ensure discretionary access control permission modification events are collected - rules.d setxattr 32-bit | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.9 Ensure discretionary access control permission modification events are collected - rules.d setxattr 64-bit | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES 32-bit | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - auditctl EACCES 64-bit | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - EPERM | CIS Debian Family Workstation L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - rules.d EACCES 32-bit | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - rules.d EACCES 64-bit | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure use of privileged commands is collected | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.13 Ensure file deletion events by users are collected - auditctl 64-bit | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1.13 Ensure file deletion events by users are collected - delete x64 | CIS Debian Family Workstation L2 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1.14 Ensure changes to system administration scope (sudoers) is collected - /etc/sudoers.d/ | CIS Debian Family Workstation L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.14 Ensure changes to system administration scope (sudoers) is collected - auditctl /etc/sudoers.d/ | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.15 Ensure system administrator command executions (sudo) are collected - auditctl b64 actions | CIS Debian Family Workstation L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.15 Ensure system administrator command executions (sudo) are collected - rules.d 32-bit | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.16 Ensure kernel module loading and unloading is collected - auditctl /sbin/insmod | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - auditctl /sbin/modprobe | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.21 Ensure SSH AllowTcpForwarding is disabled - sshd_config | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 8.4.11 Ensure Shell Action is disabled | CIS VMware ESXi 6.7 v1.3.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 18.10.35.1 (L1) Ensure 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.35.1 (L1) Ensure 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.35.1 (L1) Ensure 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.43.4.1 (L1) Ensure 'Enable EDR in block mode' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.4.1 (L1) Ensure 'Enable EDR in block mode' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| CISC-RT-000710 - The Cisco PE switch must be configured to implement Internet Group Management Protocol (IGMP) or Multicast Listener Discovery (MLD) snooping for each Virtual Private LAN Services (VPLS) bridge domain. | DISA Cisco NX OS Switch RTR STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| PANW-NM-000118 - The Palo Alto Networks security platform must not use SNMP Versions 1 or 2. | DISA STIG Palo Alto NDM v3r3 | Palo_Alto | MAINTENANCE |
| VCFL-67-000005 - vSphere Client must be configured with FIPS 140-2 compliant ciphers for HTTPS connections. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| WNDF-AV-000031 - Microsoft Defender AV must be configured for automatic remediation action to be taken for threat alert level Severe - 5>2 | DISA STIG Microsoft Defender Antivirus v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
