| 1.1.1 Ensure NGINX is installed | CIS NGINX Benchmark v2.1.0 L1 Webserver | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.1.3.2.4 Ensure Set 'Disable Trust Bar Notification for unsigned application add-ins ' is set to Enabled | CIS Microsoft Office Access 2016 v1.0.1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.1 Ensure 'Do Not Show Data Extraction Options When Opening Corrupt Workbooks' is set to Enabled | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.4.7.2.1.8 Ensure 'Web Pages and Excel 2003 XML Spreadsheets' is set to Enabled (Open/Save blocked, use open policy) | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.4.7.2.1.9 Ensure 'Excel 95 Workbooks' is set to Enabled (Open/Save Blocked, Use Open Policy) | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.4.7.2.1.10 Ensure 'Default File Block Behavior' is set to Enabled (Blocked files are not opened) | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.4.7.2.1.13 Ensure 'Dif and Sylk Files' is set to Enabled (Open/Save blocked, use open policy) | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.4.7.2.8 Ensure 'Store Macro In Personal Macro Workbook by Default' is set to Enabled | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.6.6.2.1.1 Ensure 'Default File Block Behavior' to Enabled (Blocked files are not opened) | CIS Microsoft Office PowerPoint 2016 v1.0.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.6.6.2.3.1 Ensure 'Allow Trusted Locations on The Network' is set to Disabled | CIS Microsoft Office PowerPoint 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.2.1 Ensure 'Do not show data extraction options when opening corrupt workbooks' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.4.6.3 Ensure 'Do not show AutoRepublish warning alert' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.4.7.2.1.3 Ensure 'Don't allow Dynamic Data Exchange (DDE) server lookup in Excel' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.4.7.2.2.13 Ensure 'Set default file block behavior' is set to 'Enabled: Blocked files are not opened' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.7.2.3.2 Ensure 'Do not open files from the internet zone in Protected View' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.4.7.3 Ensure 'Force file extension to match file type' is set to 'Enabled: Always match file type' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.3 Ensure 'Enable automatic replies to remote domains' is set to 'False' | CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.18.4 Ensure 'Never allow users to specify groups when restricting permission for documents' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 2.5.1.5.1 Ensure 'Automatically download attachments' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.10.4.2.2 Ensure 'Plain Text Options' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.10.6.1.3 Ensure 'Do not allow Outlook object model scripts to run for public folders' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.5.10.6.1.4 Ensure 'Do not allow Outlook object model scripts to run for shared folders' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.5.10.8.1.2.1 Ensure 'Access to published calendars' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 2.5.14.2.1.1 Ensure 'Attachment Secure Temporary Folder' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.14.2.1.4 Ensure 'Promote Level 2 errors as errors, not warnings' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.14.2.7 Ensure 'Signature Warning' is set to 'Enabled: Always warn about invalid signatures' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.3.1.1 Ensure 'Allow users to demote attachments to Level 2' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.14.3.3.6 Ensure 'Configure Outlook object model prompt when responding to meeting and task requests' is set to 'Enabled: Automatically Deny' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.4.3 Ensure 'Security setting for macros' is set to 'Enabled: Warn for signed, disable unsigned' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.5.14.8 Ensure 'Prevent users from customizing attachment security settings' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.6.6.6.2.1.1 Ensure 'PowerPoint 97-2003 presentations, shows, templates and add-in files' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.6.6.6.2.1.2 Ensure 'Set default file block behavior' to 'Enabled: Blocked files are not opened' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.6.6.6.2.4 Ensure 'Block macros from running in Office files from the Internet' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.6.6.6.3 Ensure 'Make hidden markup visible' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.6.6.6.5 Ensure 'Scan encrypted macros in PowerPoint Open XML presentations' is set to 'Enabled: Scan encrypted macros' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.8.4.1.2 Ensure 'Disable Trust Bar Notification for unsigned application add-ins and block them' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.11.6.2 Ensure 'Use online translation dictionaries' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 2.11.8.6.1 Ensure 'Default file format' is set to 'Enabled: Word Document (.docx)' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.11.8.7.2.1.1 Ensure 'Set default file block behavior' is set to 'Enabled: Blocked files are not opened' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.11.8.7.2.3.1 Ensure 'Allow Trusted Locations on the network' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.11.8.7.2.4 Ensure 'Block macros from running in Office files from the Internet' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.11.8.7.2.6 Ensure 'Dynamic Data Exchange' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 3.8 Set 'Enable OOF messages to remote domains' to 'None' | CIS Microsoft Exchange Server 2016 Hub v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.11 Set 'Never allow users to specify groups when restricting permission for documents' to 'Enabled' | CIS MS Office Outlook 2010 v1.0.0 | Windows | ACCESS CONTROL |
| Always open untrusted database files in Protected View | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents - Compatibility Flags - D27CDB6E-AE6D-11CF-96B8-444553540000 - office 16.0 - 32-bit | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents - Compatibility Flags - D27CDB6E-AE6D-11CF-96B8-444553540000 - office 16.0 - 64-bit | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents - Compatibility Flags - D27CDB70-AE6D-11CF-96B8-444553540000 - office 16.0 - 32-bit | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Block Flash activation in Office documents - Compatibility Flags - D27CDB70-AE6D-11CF-96B8-444553540000 - office 16.0 - 64-bit | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS_Palo_Alto_Firewall_8_Benchmark_L2_v1.0.0.audit from CIS Palo Alto Firewall 8 Benchmark v1.0.0 | CIS Palo Alto Firewall 8 Benchmark L2 v1.0.0 | Palo_Alto | |
