| 1.1.1.4 Ensure mounting of hfsplus filesystems is disabled - modprobe | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure mounting of hfsplus filesystems is disabled | CIS Red Hat 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure mounting of hfsplus filesystems is disabled | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - /etc/modprobe.d/* | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - lsmod | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - lsmod | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - lsmod | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - lsmod | CIS Debian 8 Workstation L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - modprobe | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - modprobe | CIS Red Hat 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.4 Ensure Install Application Updates from the App Store Is Enabled | CIS Apple macOS 15.0 Sequoia v1.1.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.4 Ensure Installation of App Update Is Enabled | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | MobileIron - CIS Apple iOS 18 v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.24 Ensure 'Deny log on as a batch job' to include 'Guests, Enterprise Admins Group, and Domain Admins Group' (STIG MS only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.2.27 Ensure 'Deny log on as a batch job' to include 'Guests, Enterprise Admins Group, and Domain Admins Group' (STIG MS only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.4.3 Ensure 'Maximum Auto-Lock' is set to '2 minutes' or less | MobileIron - CIS Apple iOS 12 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.4.3 Ensure 'Maximum Auto-Lock' is set to '2 minutes' or less | MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.5.2 Enable Gatekeeper | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.5.3 Ensure HA Reserved Management Interface is configured | CIS Fortigate 7.0.x v1.3.0 L1 | FortiGate | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 2.6.1.4 Ensure iCloud Drive Document and Desktop Sync is Disabled - Desktop | CIS Apple macOS 10.14 v2.0.0 L2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.6.1.4 Ensure iCloud Drive Document and Desktop Sync is Disabled - Document | CIS Apple macOS 10.14 v2.0.0 L2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.22 Disable Mounting of hfsplus Filesystems | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1.10 Ensure 'Force encrypted backups' is set to 'Enabled' | AirWatch - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2.1.10 Ensure 'Force encrypted backups' is set to 'Enabled' | MobileIron - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2.1.10 Ensure 'Force encrypted backups' is set to 'Enabled' | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2.1.10 Ensure 'Force encrypted backups' is set to 'Enabled' | MobileIron - CIS Apple iOS 17 Institution Owned L1 | MDM | CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2.1.10 Ensure 'Force encrypted backups' is set to 'Enabled' | MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2.1.10 Ensure 'Force encrypted backups' is set to 'Enabled' | MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | MobileIron - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.2.14 Ensure sshd MACs are configured | CIS Oracle Linux 8 Server L1 v3.0.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.14 Ensure sshd MACs are configured | CIS Red Hat EL8 Server L1 v3.0.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.15 Ensure sshd MACs are configured | CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Server | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.15 Ensure sshd MACs are configured | CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Workstation | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.15 Ensure sshd MACs are configured | CIS Oracle Linux 7 v4.0.0 L1 Workstation | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.15 Ensure sshd MACs are configured | CIS Amazon Linux 2 v3.0.0 L1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Audit Network Specific Locations | CIS Apple macOS 10.14 v2.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2 Ensure 'Peer Name Resolution Protocol (PNRPsvc)' is set to 'Not Installed' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 5.4.1 Ensure password creation requirements are configured - minlen | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1 Ensure password creation requirements are configured - ocredit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1 Ensure password creation requirements are configured - password-auth try_first_pass | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1 Ensure password creation requirements are configured - system-auth retry=3 | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1 Ensure password creation requirements are configured - ucredit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1 Ensure password creation requirements are configured - ucredit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 20.49 Ensure 'Permissions for the Security Event Log must prevent access by non-privileged accounts' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 20.50 Ensure 'Permissions for the System Event Log must prevent access by non-privileged accounts' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 20.50 Ensure 'Permissions for the System Event Log must prevent access by non-privileged accounts' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
