| 1.1.1.7 Set 'Store passwords using reversible encryption' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.1.8 Set 'Minimum password age' to '1 or more day(s)' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.2.3 Set 'Audit Policy: Logon-Logoff: IPsec Quick Mode' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.14 Set 'Audit Policy: Logon-Logoff: Network Policy Server' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.15 Set 'Audit Policy: Detailed Tracking: DPAPI Activity' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.19 Set 'Audit Policy: Object Access: Registry' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.21 Set 'Audit Policy: Policy Change: Filtering Platform Policy Change' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.22 Set 'Audit Policy: Object Access: Central Access Policy Staging' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.24 Set 'Audit Policy: Account Logon: Kerberos Authentication Service' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.26 Set 'Audit Policy: Account Management: Application Group Management' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.29 Set 'Audit Policy: Policy Change: Other Policy Change Events' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.33 Set 'Audit Policy: Object Access: File Share' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.37 Set 'Audit Policy: DS Access: Directory Service Replication' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.38 Set 'Audit Policy: Object Access: Filtering Platform Packet Drop' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.47 Set 'Audit Policy: Logon-Logoff: IPsec Main Mode' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.48 Set 'Audit Policy: Account Logon: Credential Validation' to 'Success and Failure' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.3 (L1) Ensure 'Allow Google Cast to connect to Cast devices on all IP addresses' is set to 'Disabled' | CIS Google Chrome L1 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.8 (L2) Ensure 'Control SafeSites adult content filtering' is set to 'Enabled: Filter top level sites (but not embedded iframes) for adult content' | CIS Google Chrome L2 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13 (L1) Ensure 'Disable saving browser history' is set to 'Disabled' | CIS Google Chrome L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.14 (L1) Ensure 'DNS interception checks enabled' is set to 'Enabled' | CIS Google Chrome L1 v3.0.0 | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.25 (L1) Ensure 'List of names that will bypass the HSTS policy check' is set to 'Disabled' | CIS Google Chrome L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.1 (L1) Ensure 'Control use of insecure content exceptions' is set to 'Enabled: Do not allow any site to load mixed content' | CIS Google Chrome L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.4 (L2) Ensure 'Default third-party storage partitioning setting' Is Enabled and Blocked | CIS Google Chrome L2 v3.0.0 | Windows | ACCESS CONTROL |
| 2.8.1 Ensure 'Allow remote access connections to this machine' is set to 'Disabled' | CIS Google Chrome L1 v3.0.0 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.9.1 (L1) Ensure 'Enable First-Party Sets' Is Disabled | CIS Google Chrome L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 2.10.1 (L1) Ensure 'Allow automatic sign-in to Microsoft cloud identity providers' Is Enabled | CIS Google Chrome L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.11 (L1) Ensure 'Allow download restrictions' is set to 'Enabled: Block malicious downloads' | CIS Google Chrome L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 2.16 (L1) Ensure 'Notify a user that a browser relaunch or device restart is recommended or required' is set to 'Enabled: Show a recurring prompt to the user indication that a relaunch is required' | CIS Google Chrome L1 v3.0.0 | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.22 (L1) Ensure 'Enable TLS Encrypted ClientHello' Is Enabled | CIS Google Chrome L1 v3.0.0 | Windows | ACCESS CONTROL, AWARENESS AND TRAINING, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.14 (L2) Ensure 'Enable search suggestions' is set to 'Disabled' | CIS Google Chrome L2 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 3.15 (L2) Ensure 'Enable Translate' is set to 'Disabled' | CIS Google Chrome L2 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 4.1.1 (L2) Ensure 'Allow or deny screen capture' is set to 'Disabled' | CIS Google Chrome L2 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 4.2.8 (L2) Ensure 'Block Window Management permission on these sites' Is Configured | CIS Google Chrome L2 v3.0.0 | Windows | ACCESS CONTROL |
| 4.7 (L2) Ensure 'Controls the mode of DNS-over-HTTPS' is set to 'Enabled: DNS-over-HTTPS without insecure fallback' | CIS Google Chrome L2 v3.0.0 | Windows | ACCESS CONTROL, AWARENESS AND TRAINING, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2 (L2) Ensure 'Incognito mode availability' is set to 'Enabled: Incognito mode disabled' | CIS Google Chrome L2 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.3 (L1) Ensure 'Set disk cache size, in bytes' is set to 'Enabled: 250609664' | CIS Google Chrome L1 v3.0.0 | Windows | MEDIA PROTECTION |
| 6.6 Set Delay between Failed Login Attempts to 4. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 6.8 Set Default Screen Lock for GNOME Users - Check if timeout is set to 0:10:00 in /usr/openwin/lib/app-defaults/XScreenSaver. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 6.9 Restrict at/cron To Authorized Users - should pass if /etc/cron.d/at.allow permissions are OK. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.1 Disable System Accounts - Ensure account 'bin' is locked. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.1 Disable System Accounts - Ensure account 'lp' disallows password login. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.1 Disable System Accounts - Ensure account 'nobody' is locked. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.1 Disable System Accounts - Ensure account 'nuucp' is locked. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.1 Disable System Accounts - should pass if the default shell for 'noaccess' is set to /usr/bin/false. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.1 Disable System Accounts - should pass if the default shell for 'nuucp' is set to /usr/bin/false. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.1 Disable System Accounts - should pass if the default shell for 'postgres' is set to /usr/bin/false. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.1 Disable System Accounts - should pass if the default shell for 'webservd' is set to /usr/bin/false. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 8.1 Create Warnings for Standard Login Services - Check if /etc/motd is set appropriately. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 8.3 Create Warnings Banner for GNOME Users - Check if Greeter is set to /usr/bin/gdmlogin | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 9.16 Check for Duplicate GIDs | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
