| 1.1.8 Ensure that the --profiling argument is set to false | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.2.1 Ensure that the --profiling argument is set to false | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.2.3 - MobileIron - Disable 'Form auto-fill' - 'Samsung SAFE' | MobileIron - CIS Google Android 4 v1.0.0 L1 | MDM | CONFIGURATION MANAGEMENT |
| 1.3.2 Ensure that the --profiling argument is set to false | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.4 Ensure that the controller manager pod specification file ownership is set to root:root | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.6 Ensure that the scheduler pod specification file ownership is set to root:root | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.9 Ensure that the Container Network Interface file permissions are set to 644 or more restrictive | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.16 Ensure that the scheduler.conf file ownership is set to root:root | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.17 Ensure that the controller-manager.conf file permissions are set to 644 or more restrictive | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.6.1 Ensure that the cluster-admin role is only used where required | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.7.5 Do not admit containers with allowPrivilegeEscalation | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.7.7 Do not admit containers with dangerous capabilities | CIS Kubernetes 1.11 Benchmark v1.3.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.7 Ensure that the --protect-kernel-defaults argument is set to true | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.12 Ensure that the --cadvisor-port argument is set to 0 | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.1 Ensure that the kubelet.conf file permissions are set to 644 or more restrictive | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.4 Ensure that the kubelet service file ownership is set to root:root | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.9 Ensure that the kubelet configuration file ownership is set to root:root | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.19 Disable Mounting of freevxfs Filesystems | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2 Ensure that docker.service file permissions are set to 644 or more restrictive | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure that the --profiling argument is set to false | CIS Kubernetes 1.8 Benchmark v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.7 Verify that Docker environment file ownership is set to root:root | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.12 Ensure that Docker server certificate file permissions are set to 444 or more restrictive | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.13 Ensure that Docker server certificate key file ownership is set to root:root | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.18 Ensure that daemon.json file permissions are set to 644 or more restrictive | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.20 Verify that TLS CA certificate file permissions are set to 444 or more restrictive | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 4.6 Ensure HEALTHCHECK instructions have been added to the container image | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 5.7 Ensure privileged ports are not mapped within containers | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 5.10 Ensure Access to .ht* Files Is Restricted | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.5 Configure Network Time Protocol (NTP) - restrict -6 default kod nomodify notrap nopeer noquery | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 7.1 Ensure that key file permissions are set correctly | CIS MongoDB 3.2 L1 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 7.1 Ensure that key file permissions are set correctly | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 7.4.3 Verify Permissions on /etc/hosts.allow | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 7.5 Set "mesg n" as Default for All Users - /etc/profile mesg = n | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.1 Create Warnings for Standard Login Services - etc/motd perms | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.1 Create Warnings for Standard Login Services - etc/issue perms | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.1.18 Make the Audit Configuration Immutable | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.2.4 Create and Set Permissions on rsyslog Log Files - /var/log/news/news.notice | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.1.4 Set User/Group Owner and Permission on /etc/cron.daily | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.3.3 Set Permissions on /etc/ssh/sshd_config | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.3.10 Do Not Allow Users to Set Environment Options | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.9 Check Permissions on User .netrc Files | CIS Solaris 11 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.12 Check That Users Are Assigned Home Directories | CIS Solaris 11.1 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.14 Check User Home Directory Ownership | CIS Solaris 11 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 11.1 (L1) Ensure 'Show Status Bar' is not 'Hidden' | CIS MacOS Safari v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 11.2 Remove OS Information from Login Warning Banners - /etc/issue | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 13.7 Check Permissions on User Home Directories | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 13.9 Check Permissions on User .netrc Files | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 13.12 Check That Users Are Assigned Valid Home Directories | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 13.13 Check User Home Directory Ownership | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| IBM i : Scan File Systems (QSCANFS) - '*ROOTOPNUD' | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | CONFIGURATION MANAGEMENT |
