| 2.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured' | AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.5.1 Ensure 'Disable Association MAC Randomization' is 'Configured' | AirWatch - CIS Apple iOS 17 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.5.1.7 Ensure ufw default deny firewall policy | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recorded | CIS Debian 10 Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are recorded | CIS Ubuntu Linux 20.04 LTS Server L2 v2.0.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are recorded | CIS Ubuntu Linux 20.04 LTS Workstation L2 v2.0.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are recorded | CIS Oracle Linux 7 v4.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are recorded | CIS CentOS Linux 7 v4.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are recorded | CIS Debian 10 Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.17 Ensure successful and unsuccessful attempts to use the chacl command are recorded | CIS CentOS Linux 7 v4.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recorded | CIS Oracle Linux 7 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recorded | CIS Ubuntu Linux 20.04 LTS Workstation L2 v2.0.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recorded | CIS Red Hat Enterprise Linux 7 v4.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recorded | CIS Debian 10 Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.19 Ensure kernel module loading unloading and modification is collected | CIS Red Hat Enterprise Linux 7 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.19 Ensure kernel module loading unloading and modification is collected | CIS CentOS Linux 7 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.13 Ensure file deletion events by users are collected | CIS Debian Linux 12 v1.1.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.19 Ensure kernel module loading unloading and modification is collected | CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.19 Ensure kernel module loading unloading and modification is collected | CIS Debian Linux 12 v1.1.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.8 Ensure events that modify user/group information are collected | CIS SUSE Linux Enterprise 15 v2.0.1 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.8 Ensure events that modify user/group information are collected | CIS SUSE Linux Enterprise 15 v2.0.1 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.13 Ensure file deletion events by users are collected | CIS Ubuntu Linux 22.04 LTS v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.13 Ensure file deletion events by users are collected | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.19 Ensure kernel module loading unloading and modification is collected | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.4.3.13 Ensure file deletion events by users are collected | CIS Debian Linux 11 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.12 Ensure all HTTP Header Logging options are enabled - Log Container Page | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 18.7.9 (L1) Ensure 'Limits print driver installation to Administrators' is set to 'Enabled' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| AIOS-18-015000 - Apple iOS/iPadOS 18 must disable app installation from a website. | MobileIron - DISA Apple iOS/iPadOS 18 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| EX19-ED-000238 - Exchange must render hyperlinks from email sources from non-.mil domains as unclickable. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN005531-ESXI5-000108 - The SSH daemon must not permit tunnels. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| GEN005532-ESXI5-709 - The SSH client must not permit tunnels. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| JUEX-RT-000170 - The Juniper perimeter router must be configured to protect an enclave connected to an alternate gateway by using an inbound filter that only permits packets with destination addresses within the site's address space. | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| PHTN-67-000104 - The Photon operating system must not forward IPv4 or IPv6 source-routed packets - net.ipv4.conf.default.accept_source_route | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000104 - The Photon operating system must not forward IPv4 or IPv6 source-routed packets - net.ipv6.conf.default.accept_source_route | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| Prevent per-user installation of ActiveX controls | MSCT Windows 10 1803 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows 10 v21H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows Server 2019 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows 10 v1507 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows Server 1903 MS v1.19.9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows Server v20H2 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows 11 v22H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows 10 v20H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows 10 v21H1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows 10 1909 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows 10 v2004 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows 11 v23H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Prevent per-user installation of ActiveX controls | MSCT Windows Server 2025 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Windows Firewall: Prohibit notifications | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Windows Firewall: Prohibit notifications | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Windows Firewall: Prohibit notifications | MSCT Windows 10 v1507 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
