| 1.1.1.1.3 Ensure passcode is set to have at least 1 number | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.7 Log Auditing | Tenable ZTE ROSNG | ZTE_ROSNG | AUDIT AND ACCOUNTABILITY |
| 1.13 OL08-00-010110 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.1 Protection Policy for the CPS Control Engine | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.4 (L2) Ensure 'Default notification setting' is set to 'Enabled: Do not allow any site to show desktop notifications' | CIS Google Chrome L2 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.6 - MobileIron - Set Maximum Auto-lock | MobileIron - CIS Apple iOS 8 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 2.2.9 (L2) Ensure 'Default notification setting' is set to 'Enabled: Do not allow any site to show desktop notifications' | CIS Google Chrome Group Policy v1.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 3.8 Ensure the Lock File Is Secured - 'LockFile directory' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | ACCESS CONTROL |
| 3.8 Ensure the Lock File Is Secured - 'LockFile permissions' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | ACCESS CONTROL |
| 6.4 Ensure VMDK files are zeroed out prior to deletion | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | |
| 6.7 Ensure that the EC2 Metadata Service only allows IMDSv2 | CIS Amazon Web Services Foundations v7.0.0 L1 | amazon_aws | CONFIGURATION MANAGEMENT |
| 8.2.3 Disconnect unauthorized devices - Parallel Devices | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.21 Ensure Host Guest File System Server is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.5.1 Ensure VM limits are configured correctly - CPU Share Level | CIS VMware ESXi 6.7 v1.3.0 Level 2 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 8.5.1 Prevent virtual machines from taking over resources - Mem Share Level | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.6.1 Ensure nonpersistent disks are limited | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | AUDIT AND ACCOUNTABILITY |
| 8.7.1 Ensure VIX messages from the VM are disabled | CIS VMware ESXi 6.7 v1.3.0 Level 2 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 18.2.5 Ensure 'Password Settings: Password Length' is set to 'Enabled: 15 or more' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.6.8.1 (L1) Ensure 'Enable insecure guest logons' is set to 'Disabled' | CIS Microsoft Windows Server 2016 v4.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.6.8.1 (L1) Ensure 'Enable insecure guest logons' is set to 'Disabled' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.6.8.1 Ensure 'Enable insecure guest logons' is set to 'Disabled' | CIS Microsoft Windows Server 2022 Stand-alone v2.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.59.3.9.3 Ensure 'Require use of specific security layer for remote (RDP) connections' is set to 'Enabled: SSL' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| ARST-L2-000200 - The Arista MLS layer 2 switch must not use the default VLAN for management traffic. | DISA STIG Arista MLS EOS 4.2x L2S v2r1 | Arista | CONTINGENCY PLANNING |
| ARST-L2-000200 - The Arista MLS layer 2 switch must not use the default VLAN for management traffic. | DISA Arista MLS EOS 4.X L2S STIG v2r3 | Arista | CONTINGENCY PLANNING |
| AZLX-23-001270 - Amazon Linux 2023 must implement a FIPS 140-2/140-3 compliant systemwide cryptographic policy. | DISA Amazon Linux 2023 STIG v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Configure System to Audit All Administrative Action Events | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Configure System to Audit All Administrative Action Events | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Configure System to Audit All Administrative Action Events | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Configure System to Audit All Administrative Action Events | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Configure System to Audit All Administrative Action Events | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Big Sur - Configure System to Audit All Administrative Action Events | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Configure System to Audit All Administrative Action Events | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Configure System to Audit All Administrative Action Events | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Configure System to Audit All Administrative Action Events | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Configure System to Audit All Administrative Action Events | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| DG0025-ORACLE11 - DBMS cryptography must be NIST FIPS 140-2 validated - '$ORACLE_HOME/network/admin/sqlnet.ora SSL_CIPHER_SUITES is configured' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO240 - Outlook - The ability to display level 1 attachments must be disallowed. | DISA Microsoft Outlook 2010 STIG v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO243 - The prompt to display level 1 attachments must be disallowed when closing an item. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN000140-2 - A file integrity baseline including cryptographic hashes must be created and maintained - 'cryptographic hash is used ' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN002760-2 - The audit system must be configured to audit all administrative, privileged, and security actions - '/etc/audit.rules' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| GEN002760-2 - The audit system must be configured to audit all administrative, privileged, and security actions - '/etc/audit.rules' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| MADB-10-004400 - MariaDB must use NIST FIPS 140-2/140-3 validated cryptographic modules for cryptographic operations. | DISA MariaDB Enterprise 10.x v2r4 OS Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Configure System to Audit All Administrative Action Events | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Configure System to Audit All Administrative Action Events | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Configure System to Audit All Administrative Action Events | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Configure System to Audit All Administrative Action Events | NIST macOS Monterey v1.0.0 - 800-171 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Configure System to Audit All Administrative Action Events | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Configure System to Audit All Administrative Action Events | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| OL08-00-010120 - OL 8 must employ FIPS 140-2 approved cryptographic hashing algorithms for all stored passwords. | DISA Oracle Linux 8 STIG v2r8 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SRG-OS-000159-ESXI5 - The SSH client must be configured to only use FIPS 140-2 approved ciphers. | DISA VMWare ESXi 5.0 Server STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
