| 1.1 Ensure the Pre-Installation Planning Checklist Has Been Implemented | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | |
| 1.1 Ensure the Pre-Installation Planning Checklist Has Been Implemented | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | |
| 2.4.2 Ensure all the login accounts having specific trusted hosts enabled | CIS Fortigate 7.0.x v1.3.0 L1 | FortiGate | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 3.1.6 Ensure that usage is restricted and expiry is enforced for Databricks personal access tokens | CIS Microsoft Azure Foundations v4.0.0 L1 | microsoft_azure | ACCESS CONTROL |
| 3.5.1 Ensure 'VPN' is 'Configured' | AirWatch - CIS Apple iOS 12 v1.0.0 Institution Owned L1 | MDM | |
| 3.5.1 Ensure 'VPN' is 'Configured' | AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.6.3.6 Ensure default deny firewall policy - input | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1.3.10 Ensure successful file system mounts are collected | CIS Fedora 28 Family Linux Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 Create network specific locations | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | |
| 4.4 Ensure only authorized users and groups belong to the esxAdminsGroup group | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | ACCESS CONTROL |
| 4.5 Ensure CloudTrail configuration changes are monitored | CIS Amazon Web Services Foundations v5.0.0 L1 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 4.6 Ensure only authorized users and groups belong to the esxAdminsGroup group | CIS VMware ESXi 6.7 v1.3.0 Level 1 | VMware | ACCESS CONTROL |
| 4.7 (L1) Ensure only authorized users and groups belong to the esxAdminsGroup group | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | ACCESS CONTROL |
| 5.2.3.10 Ensure successful file system mounts are collected | CIS Ubuntu Linux 20.04 LTS Workstation L2 v2.0.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.10 Ensure successful file system mounts are collected | CIS Amazon Linux 2023 Server L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recorded | CIS AlmaLinux OS 8 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recorded | CIS Red Hat EL8 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recorded | CIS Rocky Linux 8 Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.17 Ensure successful and unsuccessful attempts to use the chacl command are recorded | CIS AlmaLinux OS 8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.17 Ensure successful and unsuccessful attempts to use the chacl command are recorded | CIS Rocky Linux 8 Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.17 Ensure successful and unsuccessful attempts to use the chacl command are recorded | CIS Rocky Linux 8 Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recorded | CIS Oracle Linux 8 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.4 Ensure events that modify date and time information are collected | CIS Debian Linux 12 v1.1.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.4 Ensure events that modify date and time information are collected | CIS AlmaLinux OS 9 v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.4 Ensure events that modify date and time information are collected | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| Big Sur - Display Policy Banner at Remote Login | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL |
| Big Sur - Managed Access Control Points | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL |
| Big Sur - Managed Access Control Points | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
| Big Sur - Managed Access Control Points | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| Catalina - Managed Access Control Points | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| Catalina - Managed Access Control Points | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL |
| DTOO126 - Add-on Management functionality must be allowed in PowerPoint. | DISA STIG Microsoft PowerPoint 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO126 - Add-on Management functionality must be allowed. | DISA STIG Microsoft Excel 2013 v1r8 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO126 - Excel - Add-on Management functionality must be allowed. | DISA STIG Office 2010 Excel v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO126 - Project - Add-on Management functionality must be allowed. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-65-000048 - The ESXi host must protect the confidentiality and integrity of transmitted information by isolating vMotion traffic. | DISA STIG VMware vSphere ESXi 6.5 v2r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-67-000048 - The ESXi host must protect the confidentiality and integrity of transmitted information by isolating vMotion traffic. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-EG-000250 - Exchange Simple Mail Transfer Protocol (SMTP) IP Allow List entries must be empty. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX13-EG-000255 - The Exchange Simple Mail Transfer Protocol (SMTP) IP Allow List Connection filter must be enabled. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX19-ED-000138 - The Exchange Simple Mail Transfer Protocol (SMTP) IP Allow List Connection filter must be enabled. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| GEN002400 - The system must be checked weekly for unauthorized setuid files as well as unauthorized modification to setuid files. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| MADB-10-000800 - MariaDB must be able to generate audit records when unsuccessful attempts to retrieve privileges/permissions occur. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| Monterey - Display Policy Banner at Remote Login | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |
| Monterey - Managed Access Control Points | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
| Monterey - Managed Access Control Points | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |
| O19C-00-014800 - Oracle Database must for password-based authentication, store passwords using an approved salted key derivation function, preferably using a keyed hash. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000059 - The Photon operating system RPM package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000062 - The Photon operating system RPM package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| SRG-OS-99999-ESXI5-000156 - The contents of exposed configuration files must be verified. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| WN12-AD-000013-DC - Directory data (outside the root DSE) of a non-public directory must be configured to prevent anonymous access. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
