| 1.1 Set 'Maximum send size - connector level' to '10240' | CIS Microsoft Exchange Server 2013 Edge v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2 Set 'Maximum receive size - organization level' to '10240' | CIS Microsoft Exchange Server 2013 Hub v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.17 Set 'Maximum send size - organization level' to '10240' | CIS Microsoft Exchange Server 2016 Hub v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.17 Set 'Maximum send size - organization level' to '10240' | CIS Microsoft Exchange Server 2013 Hub v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.1.4 Audit Security Keys Used With Apple Accounts | CIS Apple macOS 15.0 Sequoia v1.1.0 L2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.1.1.4 Audit Security Keys Used With Apple IDs | CIS Apple macOS 13.0 Ventura v3.1.0 L2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.1.1.4 Audit Security Keys Used With Apple IDs | CIS Apple macOS 14.0 Sonoma v2.1.0 L2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.3.11.12 (L1) Ensure 'Network security: Restrict NTLM: Audit NTLM authentication in this domain' is set to 'Enable all' (DC only) | CIS Microsoft Windows Server 2019 v4.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 2.3.11.12 (L1) Ensure 'Network security: Restrict NTLM: Audit NTLM authentication in this domain' is set to 'Enable all' (DC only) | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 2.3.11.12 (L1) Ensure 'Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers' is set to 'Audit all' or higher | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 2.3.11.12 (L1) Ensure 'Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers' is set to 'Audit all' or higher | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 2.3.11.12 Ensure 'Network security: Restrict NTLM: Audit NTLM authentication in this domain' is set to 'Enable all' (DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller | Windows | AUDIT AND ACCOUNTABILITY |
| 2.3.11.13 (L1) Ensure 'Network security: Restrict NTLM: Audit NTLM authentication in this domain' is set to 'Enable all' (DC only) | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 2.3.11.13 (L1) Ensure 'Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers' is set to 'Audit all' or higher | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 2.3.11.14 (L1) Ensure 'Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers' is set to 'Audit all' or higher | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 2.3.27.8 (L1) Ensure 'Control how Office handles form-based sign-in prompts' is set to 'Enabled: Block all prompts' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 4.1.4.1 Ensure Audit logs are owned by root and mode 0600 or less permissive | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.2 AIX Auditing - /etc/security/audit/config update | CIS IBM AIX 7.1 L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 18.3.7 (L1) Ensure 'Limits print driver installation to Administrators' is set to 'Enabled' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.3.7 (L1) Ensure 'Limits print driver installation to Administrators' is set to 'Enabled' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.3.7 (L1) Ensure 'Limits print driver installation to Administrators' is set to 'Enabled' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| AIOS-98-080208 - Before establishing a user session, display an administrator-specified advisory notice and consent warning banner. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| DTAM045 - McAfee VirusScan On-Demand scan must be configured to scan all fixed, or local, disks and running processes. - Drives | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM045 - McAfee VirusScan On-Demand scan must be configured to scan all fixed, or local, disks and running processes. - SpecialMemory | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM046 - McAfee VirusScan On-Demand scan must be configured to scan all subfolders. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM046 - McAfee VirusScan On-Demand scan must be configured to scan all subfolders. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM070 - McAfee VirusScan On-Demand scan must be scheduled to be executed at least on a weekly basis. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM070 - McAfee VirusScan On-Demand scan must be scheduled to be executed at least on a weekly basis. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM091 - McAfee VirusScan On-Access Scanner General Settings must be configured to block the connection when a threatened file is detected in a shared folder. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM092 - McAfee VirusScan On-Access General Policies must be configured to unblock connections after a minimum of 30 minutes. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM093 - McAfee VirusScan On-Access General Policies must be configured to block the connection when a file with a potentially unwanted program is detected in a shared folder. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM160 - McAfee VirusScan On-Access General Policies must be configured to not exclude any URL scripts from being scanned unless the URL exclusions have been documented with, and approved by, the ISSO/ISSM/DAA. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| GOOG-09-005505 - The Google Android Pie must be configured to enable audit logging. | MobileIron - DISA Google Android 9.x v2r1 | MDM | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| GOOG-09-005505 - The Google Android Pie must be configured to enable audit logging. | AirWatch - DISA Google Android 9.x v2r1 | MDM | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| HONW-09-005505 - The Honeywell Mobility Edge Android Pie device must be configured to enable audit logging. | AirWatch - DISA Honeywell Android 9.x COBO v1r2 | MDM | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| HONW-09-005505 - The Honeywell Mobility Edge Android Pie device must be configured to enable audit logging. | MobileIron - DISA Honeywell Android 9.x COBO v1r2 | MDM | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| HONW-09-005505 - The Honeywell Mobility Edge Android Pie device must be configured to enable audit logging. | MobileIron - DISA Honeywell Android 9.x COPE v1r2 | MDM | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| HONW-09-005505 - The Honeywell Mobility Edge Android Pie device must be configured to enable audit logging. | AirWatch - DISA Honeywell Android 9.x COPE v1r2 | MDM | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| MOTO-09-005505 - The Motorola Android Pie must be configured to enable audit logging. | AirWatch - DISA Motorola Android Pie.x COPE v1r2 | MDM | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| MOTO-09-005505 - The Motorola Android Pie must be configured to enable audit logging. | MobileIron - DISA Motorola Android Pie.x COPE v1r2 | MDM | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| MOTO-09-005505 - The Motorola Android Pie must be configured to enable audit logging. | MobileIron - DISA Motorola Android Pie.x COBO v1r2 | MDM | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| OL08-00-030122 - The OL 8 audit system must protect logon UIDs from unauthorized change. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030121 - RHEL 8 audit system must protect auditing rules from unauthorized change. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030122 - RHEL 8 audit system must protect logon UIDs from unauthorized change. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010453 - The Ubuntu operating system must display the date and time of the last successful account logon upon logon. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | ACCESS CONTROL |
| UBTU-24-300024 - Ubuntu 24.04 LTS must display the date and time of the last successful account logon upon logon. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| WN10-00-000165 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB server. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000170 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB server. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000170 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB server. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000390 - Windows Server 2022 must have the Server Message Block (SMB) v1 protocol disabled on the SMB server. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
