| 1.2 Ensure the container host has been Hardened | CIS Docker Community Edition v1.1.0 L1 Linux Host OS | Unix | CONFIGURATION MANAGEMENT |
| 1.3 Ensure Apache Is Installed From the Appropriate Binaries | CIS Apache HTTP Server 2.4 v2.2.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.4 Harden the container host | CIS Docker 1.6 v1.0.0 L1 Linux | Unix | CONFIGURATION MANAGEMENT |
| 1.4 Verify That the MYSQL_PWD Environment Variable is Not in Use | CIS MySQL 8.0 Community Linux OS L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.1.1.3 Set 'modulus' to greater than or equal to 2048 for 'crypto key generate rsa' | CIS Cisco IOS XE 17.x v2.2.0 L1 | Cisco | SYSTEM AND SERVICES ACQUISITION |
| 2.2.2 Set 'ip address' for 'ntp server' | CIS Cisco IOS XR 7.x v1.0.1 L1 | Cisco | AUDIT AND ACCOUNTABILITY |
| 2.2.24 (L1) Ensure 'Deny log on through Remote Desktop Services' to include 'Guests' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.1.3 Set the 'ntp trusted-key' | CIS Cisco IOS XE 16.x v2.1.0 L2 | Cisco | AUDIT AND ACCOUNTABILITY |
| 2.3.5.3 (L1) Ensure 'Domain controller: LDAP server channel binding token requirements' is set to 'Always' (DC Only) | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.5.3 Ensure 'Domain controller: LDAP server channel binding token requirements' is set to 'Always' (DC Only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.10.8 Configure 'Network access: Remotely accessible registry paths and sub-paths' is configured - Network access: Remotely accessible registry paths and sub-paths is configured | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 4.10.9.1.3 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A' | CIS Microsoft Intune for Windows 10 v4.0.0 BL | Windows | MEDIA PROTECTION |
| 4.10.20.1.13 (L2) Ensure 'Turn off Windows Error Reporting' is set to 'Enabled' | CIS Microsoft Intune for Windows 10 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.22.1.14 (L2) Ensure 'Turn off Windows Error Reporting' is set to 'Enabled' | CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | MEDIA PROTECTION |
| 18.9.20.1.13 (L2) Ensure 'Turn off Windows Error Reporting' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v3.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.13 (L2) Ensure 'Turn off Windows Error Reporting' is set to 'Enabled' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.13 Ensure 'Turn off Windows Error Reporting' is set to 'Enabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.14 (L2) Ensure 'Turn off Windows Error Reporting' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.14 (L2) Ensure 'Turn off Windows Error Reporting' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L2 NG | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.14 (L2) Ensure 'Turn off Windows Error Reporting' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.14 (L2) Ensure 'Turn off Windows Error Reporting' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.14 (L2) Ensure 'Turn off Windows Error Reporting' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.5.1 (L1) Ensure 'Configure local setting override for reporting to Microsoft MAPS' is set to 'Disabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.5.1 (L1) Ensure 'Configure local setting override for reporting to Microsoft MAPS' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.5.1 (L1) Ensure 'Configure local setting override for reporting to Microsoft MAPS' is set to 'Disabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.5.1 (L1) Ensure 'Configure local setting override for reporting to Microsoft MAPS' is set to 'Disabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.5.1 (L1) Ensure 'Configure local setting override for reporting to Microsoft MAPS' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| CIS_Amazon_Linux_2_STIG_v2.0.0_L1_Server.audit from CIS Amazon Linux 2 STIG Benchmark v2.0.0 | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | |
| CIS_Amazon_Linux_2_STIG_v2.0.0_L1_Workstation.audit from CIS Amazon Linux 2 STIG Benchmark v2.0.0 | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | |
| CIS_Amazon_Linux_2_STIG_v2.0.0_L2_Workstation.audit from CIS Amazon Linux 2 STIG Benchmark v2.0.0 | CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation | Unix | |
| CIS_Amazon_Linux_2_STIG_v2.0.0_STIG.audit from CIS Amazon Linux 2 STIG Benchmark v2.0.0 | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | |
| CIS_Apple_macOS_10.13_v1.1.0_Level_2.audit from CIS Apple macOS 10.13 Benchmark v1.1.0 | CIS Apple macOS 10.13 L2 v1.1.0 | Unix | |
| CIS_Apple_macOS_10.14_v2.0.0_L2.audit from CIS Apple macOS 10.14 Benchmark v2.0.0 | CIS Apple macOS 10.14 v2.0.0 L2 | Unix | |
| CIS_CentOS_6_v3.0.0_Server_L2.audit from CIS CentOS Linux 6 Benchmark v3.0.0 | CIS CentOS 6 Server L2 v3.0.0 | Unix | |
| CIS_CentOS_8_Workstation_L2_v2.0.0.audit from CIS CentOS Linux 8 Benchmark v2.0.0 | CIS CentOS Linux 8 Workstation L2 v2.0.0 | Unix | |
| CIS_Microsoft_SharePoint_2019_OS_v1.0.0_Level_1.audit from CIS Microsoft SharePoint 2019 Benchmark v1.0.0 | CIS Microsoft SharePoint 2019 OS v1.0.0 | Windows | |
| CIS_Mozilla_Firefox_102_ESR_v1.0.0_Windows_Level2.audit for CIS Mozilla Firefox 102 ESR v1.0.0 | CIS Mozilla Firefox 102 ESR Windows L2 v1.0.0 | Windows | |
| CIS_MySQL_5.7_Community_Benchmark_v2.0.0_Level_1_OS_MS.audit from CIS Oracle MySQL 5.7 Community Edition Benchmark | CIS MySQL 5.7 Community Windows OS L1 v2.0.0 | Windows | |
| CIS_MySQL_8.4_Community_Benchmark_v1.0.0_Level_1_Database.audit from CIS Oracle MySQL 8.4 Community Edition Benchmark | CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 Database | MySQLDB | |
| CIS_MySQL_8.4_Community_Benchmark_v1.0.0_Level_1_OS_Linux.audit from CIS Oracle MySQL 8.4 Community Edition Benchmark | CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 OS Linux on Linux | Unix | |
| CIS_MySQL_8.4_Community_Benchmark_v1.0.0_Level_2_Database.audit from CIS Oracle MySQL 8.4 Community Edition Benchmark | CIS Oracle MySQL Community Server 8.4 v1.0.0 L2 Database | MySQLDB | |
| CIS_Ubuntu_18.04_LXD_Host_v1.0.0_L2_Workstation.audit from CIS Ubuntu Linux 18.04 LXD Host Benchmark | CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0 | Unix | |
| CIS_Ubuntu_Linux_22.04_LTS_v2.0.0_L1_Server.audit from CIS Ubuntu Linux 22.04 LTS Benchmark v2.0.0 | CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Server | Unix | |
| CIS_Ubuntu_Linux_22.04_LTS_v2.0.0_L2_Server.audit from CIS Ubuntu Linux 22.04 LTS Benchmark v2.0.0 | CIS Ubuntu Linux 22.04 LTS v2.0.0 L2 Server | Unix | |
| DKER-EE-001240 - The Docker Enterprise hosts process namespace must not be shared. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | ACCESS CONTROL |
| DKER-EE-001250 - The Docker Enterprise hosts IPC namespace must not be shared. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | ACCESS CONTROL |
| DKER-EE-004130 - Docker Enterprise older Universal Control Plane (UCP) and Docker Trusted Registry (DTR) images must be removed from all cluster nodes upon upgrading. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| O121-C2-018600 - The DBMS must automatically terminate emergency accounts after an organization-defined time period for each type of account. | DISA STIG Oracle 12c v3r2 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O121-C2-018900 - The DBMS must prevent unauthorized and unintended information transfer via shared system resources. | DISA STIG Oracle 12c v3r2 Database | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
