| 1.1.22 Disable Automounting | CIS Debian 9 Server L1 v1.0.1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.22 Disable Automounting | CIS Debian 9 Workstation L2 v1.0.1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.4.1 Ensure bootloader password is set | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.4.1 Ensure bootloader password is set - password user | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 1.4.1 Ensure bootloader password is set - superusers efi | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 2.1.11 Ensure print server services are not in use | CIS Debian Linux 11 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.1.11 Ensure print server services are not in use | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.1.11 Ensure print server services are not in use | CIS Ubuntu Linux 22.04 LTS v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.1.11 Ensure print server services are not in use | CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.1.11 Ensure print server services are not in use | CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.1.11 Ensure print server services are not in use | CIS Debian Linux 11 v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.1.11 Ensure print server services are not in use | CIS Debian Linux 12 v1.1.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.1.12 Ensure print server services are not in use | CIS SUSE Linux Enterprise 15 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.11 Ensure print server services are not in use | CIS CentOS Linux 7 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.11 Ensure print server services are not in use | CIS Red Hat EL8 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.11 Ensure print server services are not in use | CIS AlmaLinux OS 8 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.11 Ensure print server services are not in use | CIS Rocky Linux 8 Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.11 Ensure print server services are not in use | CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.11.8.7.2.1.2 Ensure 'Word 2 and earlier binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 4.10.9.1.1 (BL) Ensure 'Prevent installation of devices that match any of these device IDs' is set to 'Enabled' | CIS Microsoft Intune for Windows 10 v4.0.0 BL | Windows | MEDIA PROTECTION |
| 18.2.5 Ensure 'Password Settings: Password Length' is set to 'Enabled: 15 or more' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.2.6 Ensure 'Password Settings: Password Age (Days)' is set to 'Enabled: 30 or fewer' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.8.7.1.1 (BL) Ensure 'Prevent installation of devices that match any of these device IDs' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.8.7.1.3 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Also apply to matching devices that are already installed.' is set to 'True' (checked) | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.7.1.1 (BL) Ensure 'Prevent installation of devices that match any of these device IDs' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | MEDIA PROTECTION |
| 18.9.7.1.1 (BL) Ensure 'Prevent installation of devices that match any of these device IDs' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 BL | Windows | MEDIA PROTECTION |
| 18.9.7.1.3 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Also apply to matching devices that are already installed.' is set to 'True' (checked) | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NG | Windows | MEDIA PROTECTION |
| 18.9.7.1.3 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Also apply to matching devices that are already installed.' is set to 'True' (checked) | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | MEDIA PROTECTION |
| 18.9.59.3.9.3 Ensure 'Require use of specific security layer for remote (RDP) connections' is set to 'Enabled: SSL' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 26.3 (L1) Ensure 'Device Password Enabled: Min Device Password Complex Characters' is set to 'Digits and lowercase letters are required' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Configure Apple System Log Files To Mode 640 or Less Permissive | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Configure Apple System Log Files To Mode 640 or Less Permissive | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Configure Apple System Log Files To Mode 640 or Less Permissive | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Configure Apple System Log Files To Mode 640 or Less Permissive | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Configure Apple System Log Files To Mode 640 or Less Permissive | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Out of Scope Supplemental | NIST macOS Catalina v1.5.0 - All Profiles | Unix | CONFIGURATION MANAGEMENT |
| CISC-ND-001140 - The Cisco switch must be configured to encrypt SNMP messages using a FIPS 140-2 approved algorithm. | DISA Cisco NX OS Switch NDM STIG v3r3 | Cisco | ACCESS CONTROL |
| ESXI-70-000010 - The ESXi host Secure Shell (SSH) daemon must use FIPS 140-2 validated cryptographic modules to protect the confidentiality of remote access sessions. | DISA STIG VMware vSphere 7.0 ESXi OS v1r4 | Unix | ACCESS CONTROL |
| ESXI-70-000274 - The ESXi host SSH daemon must be configured to only use FIPS 140-2 validated ciphers. | DISA STIG VMware vSphere 7.0 ESXi OS v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN000600-2 - Global settings defined in system-auth must be applied in the pam.d definition files - '/etc/pam.d/system-auth' | DISA STIG for Oracle Linux 5 v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN002825-2 - The audit system must be configured to audit the loading and unloading of dynamic kernel modules - delete_module - 'delete_module' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| Monterey - Configure Apple System Log Files To Mode 640 or Less Permissive | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure Apple System Log Files To Mode 640 or Less Permissive | NIST macOS Monterey v1.0.0 - All Profiles | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Out of Scope Supplemental | NIST macOS Monterey v1.0.0 - All Profiles | Unix | CONFIGURATION MANAGEMENT |
| O19C-00-015500 - Oracle Database must use NIST-validated FIPS 140-2/140-3 compliant cryptography for authentication mechanisms. | DISA Oracle Database 19c STIG v1r1 Unix | Unix | IDENTIFICATION AND AUTHENTICATION |
| O19C-00-015500 - Oracle Database must use NIST-validated FIPS 140-2/140-3 compliant cryptography for authentication mechanisms. | DISA Oracle Database 19c STIG v1r1 Windows | Windows | IDENTIFICATION AND AUTHENTICATION |
| PGS9-00-012300 - PostgreSQL must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PPS9-00-004900 - The EDB Postgres Advanced Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-010110 - RHEL 8 must encrypt all stored passwords with a FIPS 140-2 approved cryptographic hashing algorithm. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SQL4-00-031100 - SQL Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations. | DISA STIG SQL Server 2014 Instance OS Audit v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
