| 1.1.1.3 Ensure mounting of jffs2 filesystems is disabled | CIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure jffs2 kernel module is not available | CIS AlmaLinux OS 8 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure jffs2 kernel module is not available | CIS Oracle Linux 8 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure jffs2 kernel module is not available | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure jffs2 kernel module is not available | CIS AlmaLinux OS 9 v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure jffs2 kernel module is not available | CIS Debian Linux 11 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure jffs2 kernel module is not available | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure jffs2 kernel module is not available | CIS Rocky Linux 9 v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.2 Ensure /tmp is configured | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.7 Ensure noexec option set on /dev/shm partition | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, MEDIA PROTECTION, SYSTEM AND SERVICES ACQUISITION |
| 1.1.8 Ensure nodev option set on /dev/shm partition | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.24 Ensure nosuid option is set for NFS | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.2.5 Ensure removal of software components after update | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.4.1 Ensure bootloader password is set - password grub | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 1.6.1.9 Ensure non-privileged users are prevented from executing privileged functions | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.6.1.10 Ensure system device files are labeled. | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.7.3 Ensure the Standard Mandatory DoD Notice and Consent Banner are configured | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.8.3 Ensure GDM session lock is enabled | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 1.8.9 Ensure session idle-delay settings is enforced | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 1.8.15 Ensure graphical user interface automounter is disabled | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | MEDIA PROTECTION |
| 2.2.1 (L1) Ensure 'Control use of insecure content exceptions' is set to 'Enabled: Do not allow any site to load mixed content' | CIS Google Chrome L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.25 Ensure unrestricted mail relaying is prevented | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 3.2.2 Ensure packet redirect sending is disabled | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.3.3 Ensure network interfaces are not in promiscuous mode | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 3.3.8 Ensure Reverse Path Filtering is enabled | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.5.1.4 Ensure firewalld service enabled and running | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.3.2.3 Ensure iptables rules exist for all open ports | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1.2.3 Ensure audit system is set to single when the disk is full. | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.9 Ensure audit logs on separate system are encrypted. | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.13 Ensure login and logout events are collected | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.15 Ensure all uses of the passwd command are audited. | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.23 Ensure audit ssh-keysign command. | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.24 Ensure audit of crontab command | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.25 Ensure audit of kmod command | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.27 Ensure audit of unlink syscall | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.28 Ensure audit unlinkat syscall | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.30 Ensure audit of the finit_module syscall | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.38 Ensure audit of the su command | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2 Ensure DCUI is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 5.2 Ensure DCUI is disabled | CIS VMware ESXi 6.7 v1.3.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 6.4 Zero out VMDK files prior to deletion | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.2.2 Ensure unnecessary CD/DVD devices are disconnected | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.21 Disable Host Guest File System Server | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.24 Disable VM Monitor Control | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.5.1 Ensure VM limits are configured correctly - Num Mem Shares | CIS VMware ESXi 6.7 v1.3.0 Level 2 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 8.6.1 Avoid using nonpersistent disks | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure Apple System Log Files To Mode 640 or Less Permissive | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Configure Apple System Log Files To Mode 640 or Less Permissive | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Configure Apple System Log Files To Mode 640 or Less Permissive | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure Apple System Log Files To Mode 640 or Less Permissive | NIST macOS Monterey v1.0.0 - All Profiles | Unix | SYSTEM AND INFORMATION INTEGRITY |
