| 1.3 Enable app update installs | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.4 Enable system data files and security update installs - 'ConfigDataInstall' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.2 Disable Bluetooth 'Discoverable' mode when not pairing devices | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.2 Turn off Bluetooth "Discoverable" mode when not pairing devices | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.3 Show Bluetooth status in menu bar | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.1 Set an inactivity interval of 20 minutes or less for the screen saver | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 2.3.3 Verify Display Sleep is set to a value larger than the Screen Saver | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 2.4 Configure TCP Wrappers - Deny access to this server from all networks | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4 Configure TCP Wrappers - Make sure that /etc/hosts.deny does exist. | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
| 2.4.1 Disable Remote Apple Events | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4.1 Disable Remote Apple Events | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4.3 Disable Screen Sharing | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4.8 Disable File Sharing - smb | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4.8 Disable File Sharing - SMB | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.6.4 Enable Firewall Stealth Mode | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.5 Review Application Firewall Rules | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8.2 Time Machine Volumes Are Encrypted | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.9 Pair the remote control infrared receiver if enabled - 'UIDFilter != none' | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 3.1.2 Retain appfirewall.log for 90 or more days | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2.1.1 Configure RA Guard | CIS Cisco NX-OS v1.2.0 L1 | Cisco | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.3 Configure Security Auditing Flags - 'audit successful/failed login/logout events' | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Enable Stack Protection - Makes sure 'noexec_user_stack_log' is set to 1 in /etc/system. Note: Only applicable if NX bit is set. | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Enable Stack Protection - Makes sure 'noexec_user_stack' is set to 1 in /etc/system. Note: Only applicable if NX bit is set. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 4.4 Ensure http server is not running | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.5 Ensure ftp server is not running | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.1.2 Repair permissions regularly to ensure binaries and other System files have appropriate permissions | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.1.2 Repair permissions regularly to ensure binaries and other System files have appropriate permissions | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.1.3 Check System Wide Applications for appropriate permissions | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 5.2.1 Configure account lockout threshold | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 5.2.4 Complex passwords must contain a Numeric Character | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.5 Complex passwords must contain a Symbolic Character | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.7 Password Age | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.8 Disable automatic login | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 6.1.2 Disable "Show password hints" | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.1.5 Remove Guest home folder | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 6.1.5 Remove Guest home folder | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
| 6.12 Set EEPROM Security Mode and Log Failed Access - SPARC only. Should *not* be 'security-mode=none'. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.3 Set Strong Password Creation Policies - Check MINLOWER is set to 1 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.3 Set Strong Password Creation Policies - Check NAMECHECK is set to YES | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.6 Set Default umask for Users - Check if 'umask' is set to 077 - Check /etc/profile. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.labelString' is set appropriately. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| CIS_Apple_macOS_10.13_v1.1.0_Level_1.audit from CIS Apple macOS 10.13 Benchmark v1.1.0 | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | |
| CIS_Apple_macOS_10.14_v2.0.0_L1.audit from CIS Apple macOS 10.14 Benchmark v2.0.0 | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | |
| CIS_Apple_macOS_10.15_Catalina_v3.0.0_L2.audit from CIS Apple macOS 10.15 Catalina Benchmark v3.0.0 | CIS Apple macOS 10.15 Catalina v3.0.0 L2 | Unix | |
| CIS_Apple_macOS_14.0_Sonoma_v3.0.0_L2.audit from CIS Apple macOS 14.0 Sonoma 3.0.0 | CIS Apple macOS 14.0 Sonoma v3.0.0 L2 | Unix | |
| CIS_Apple_macOS_15.0_Sequoia_v2.0.0_L1.audit from CIS Apple macOS 15.0 Sequoia 2.0.0 | CIS Apple macOS 15.0 Sequoia v2.0.0 L1 | Unix | |
| CIS_Apple_macOS_15.0_Sequoia_v2.0.0_L2.audit from CIS Apple macOS 15.0 Sequoia 2.0.0 | CIS Apple macOS 15.0 Sequoia v2.0.0 L2 | Unix | |
| CIS_Apple_macOS_26_Tahoe_v1.0.0_L1.audit from CIS Apple macOS 26 Tahoe 1.0.0 | CIS Apple macOS 26 Tahoe v1.0.0 L1 | Unix | |
| CIS_Apple_macOS_26_Tahoe_v1.0.0_L2.audit from CIS Apple macOS 26 Tahoe 1.0.0 | CIS Apple macOS 26 Tahoe v1.0.0 L2 | Unix | |
| JUEX-L2-000050 - The Juniper EX switch must be configured to permit authorized users to select a user session to capture. | DISA Juniper EX Series Layer 2 Switch v2r4 | Juniper | AUDIT AND ACCOUNTABILITY |
