| 1.2.4.11 Set 'Always install with elevated privileges' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.4 Ensure only trusted users are allowed to control Docker daemon | CIS Docker Community Edition v1.1.0 L1 Linux Host OS | Unix | ACCESS CONTROL |
| 1.4.1 Ensure permissions on bootloader config are configured | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.4.2 Ensure bootloader password is set - 'passwd_pbkdf2' | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.4.2 Ensure bootloader password is set - 'passwd_pbkdf2' | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.3.17.1 Ensure 'User Account Control: Admin Approval Mode for the Built-in Administrator account' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 2.3.17.2 Ensure 'User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode' is set to 'Prompt for consent on the secure desktop' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 2.3.17.5 Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 2.3.17.7 Ensure 'User Account Control: Switch to the secure desktop when prompting for elevation' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 3.1.3 Require explicit authorization for cataloging | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | ACCESS CONTROL |
| 3.1.3 Require explicit authorization for cataloging | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | ACCESS CONTROL |
| 4.2.1.3 Ensure rsyslog default file permissions configured - rsyslog.conf/rsyslog.d | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.2.3 Ensure syslog-ng default file permissions configured | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.9 Set DCUI.Access to allow trusted users to override lockdown mode | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | ACCESS CONTROL |
| 6.2.5 Ensure root is the only UID 0 account | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 7.1 Secure SYSADM authority - SYSADM Group | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | ACCESS CONTROL |
| 7.1 Secure SYSADM authority - SYSADM Group | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | ACCESS CONTROL |
| 7.2 Establish a system control group | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Linux | Unix | ACCESS CONTROL |
| 7.2 Secure SYSCTRL authority - SYSCTRL Group | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | ACCESS CONTROL |
| 7.2 Secure SYSCTRL authority - SYSCTRL Group Members | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | ACCESS CONTROL |
| 7.3 Establish a system maintenance group | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Linux | Unix | ACCESS CONTROL |
| 7.3 Establish a system maintenance group | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows | Windows | ACCESS CONTROL |
| 7.3 Secure SYSMAINT Authority | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | ACCESS CONTROL |
| 7.4 Secure SYSMON Authority | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | ACCESS CONTROL |
| 9.5 Verify that no UID 0 accounts exist other than root | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
| Always install with elevated privileges | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| Always install with elevated privileges | MSCT Windows Server 2016 MS v1.0.0 | Windows | ACCESS CONTROL |
| Always install with elevated privileges | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
| Always install with elevated privileges | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
| Devices: Prevent users from installing printer drivers | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Ensure root is the only UID 0 account | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
| Ensure rsyslog default file permissions configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| OpenStack Identity - Disable admin token in /etc/keystone/keystone-paste.ini | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| User Account Control: Admin Approval Mode for the Built-in Administrator account | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Admin Approval Mode for the Built-in Administrator account | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode | MSCT Windows Server 2016 MS v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode | MSCT Windows Server v20H2 DC v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode | MSCT Windows 10 v21H2 v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Behavior of the elevation prompt for standard users | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Behavior of the elevation prompt for standard users | MSCT Windows 10 1909 v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows Server 2019 DC v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows 10 1909 v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Only elevate UIAccess applications that are installed in secure locations | MSCT Windows Server v20H2 DC v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Run all administrators in Admin Approval Mode | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Run all administrators in Admin Approval Mode | MSCT Windows Server v20H2 DC v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Run all administrators in Admin Approval Mode | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
