| 1.1 (L1) Ensure 'Allow Cortana Above Lock' is set to 'Block' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.21 Ensure the TFTP server has not been installed | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 2.2.22 Ensure TFTP daemon is configured to operate in secure mode | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 2.2.27 Ensure ldap_id_use_start_tls is set for LDAP. | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 2.3.5 Ensure LDAP client is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.4 Ensure nonessential services are removed or masked | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.1.1 Disable IPv6 | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.4.1 Ensure DCCP is disabled | CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.4.1 Ensure DCCP is disabled | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 3.4.2 Ensure SCTP is disabled | CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 4.10.20.1.5 (L1) Ensure 'Turn off Internet download for Web publishing and online ordering wizards' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 4.10.20.1.11 (L2) Ensure 'Turn off the Windows Messenger Customer Experience Improvement Program' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 4.10.30.1 (L1) Ensure 'Configure Offer Remote Assistance' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 4.10.40.5.1 (L2) Ensure 'Microsoft Support Diagnostic Tool: Turn on MSDT interactive communication with support provider' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 4.11.36.4.2.1 (L2) Ensure 'Allow users to connect remotely by using Remote Desktop Services' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 5.3 (L1) Ensure 'Computer Browser (Browser)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.10 (L1) Ensure 'LxssManager (LxssManager)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.10 (L1) Ensure 'LxssManager (LxssManager)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| 5.11 (L1) Ensure 'Microsoft FTP Service (FTPSVC)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| 5.29 (L1) Ensure 'Web Management Service (WMSvc)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.32 (L1) Ensure 'Windows Media Player Network Sharing Service (WMPNetworkSvc)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 6.2.16 Ensure no users have .netrc files | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 18.6.4.4 (L1) Ensure 'Turn off multicast name resolution' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.6.8.5 (L1) Ensure 'Enable remote mailslots' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| 18.6.11.3 (L1) Ensure 'Prohibit use of Internet Connection Sharing on your DNS domain network' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.6 (L1) Ensure 'Turn off Internet download for Web publishing and online ordering wizards' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.30.1.1 (L1) Ensure 'Block NetBIOS-based discovery for domain controller location' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.35.2 (L1) Ensure 'Configure Solicited Remote Assistance' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.18.2 (L1) Ensure 'Enable App Installer Experimental Features' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.18.4 (L1) Ensure 'Enable App Installer Local Archive Malware Scan Override' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| 18.10.18.6 (L1) Ensure 'Enable App Installer ms-appinstaller protocol' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| 18.10.29.6 (L1) Ensure 'Turn off shell protocol protected mode' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.44.2 (L1) Ensure 'Allow camera and microphone access in Microsoft Defender Application Guard' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.44.3 (L1) Ensure 'Allow data persistence for Microsoft Defender Application Guard' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.44.5 (L1) Ensure 'Configure Microsoft Defender Application Guard clipboard settings: Clipboard behavior setting' is set to 'Enabled: Enable clipboard operation from an isolated session to the host' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.44.5 (L1) Ensure 'Configure Microsoft Defender Application Guard clipboard settings: Clipboard behavior setting' is set to 'Enabled: Enable clipboard operation from an isolated session to the host' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| 18.10.59.5 (L1) Ensure 'Allow indexing of encrypted files' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.59.6 (L1) Ensure 'Allow search and Cortana to use location' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.59.6 (L1) Ensure 'Allow search and Cortana to use location' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| 18.10.78.1 (L1) Ensure 'Enables or disables Windows Game Recording and Broadcasting' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 81.1 (L2) Ensure 'Bluetooth Audio Gateway Service (BTAGService)' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 81.6 (L2) Ensure 'Geolocation Service (lfsvc)' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 81.7 (L1) Ensure 'IIS Admin Service (IISADMIN)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 81.14 (L2) Ensure 'Print Spooler (Spooler)' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 81.21 (L2) Ensure 'Remote Registry (RemoteRegistry)' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 81.22 (L1) Ensure 'Routing and Remote Access (RemoteAccess)' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 81.25 (L2) Ensure 'SNMP Service (SNMP)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Intune for Windows 11 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 81.27 (L1) Ensure 'SSDP Discovery (SSDPSRV)' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 81.30 (L2) Ensure 'Windows Error Reporting Service (WerSvc)' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 93.1 (L1) Ensure 'Allow Auto Connect To Wi Fi Sense Hotspots' is set to 'Block' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
