| 18.6.7.1 (L1) Ensure 'Audit client does not support encryption' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | AUDIT AND ACCOUNTABILITY |
| 18.6.7.1 (L1) Ensure 'Audit client does not support encryption' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.6.7.2 (L1) Ensure 'Audit client does not support signing' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.6.8.2 (L1) Ensure 'Audit server does not support encryption' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | AUDIT AND ACCOUNTABILITY |
| 18.6.8.2 (L1) Ensure 'Audit server does not support encryption' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 18.6.8.3 (L1) Ensure 'Audit server does not support signing' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.6.8.3 (L1) Ensure 'Audit server does not support signing' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | AUDIT AND ACCOUNTABILITY |
| 18.6.8.3 (L1) Ensure 'Audit server does not support signing' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 18.6.8.3 (L1) Ensure 'Audit server does not support signing' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| Android Compliance Policy - Number of previous passwords to prevent reuse | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Android Device Configuration - Encryption | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | SYSTEM AND COMMUNICATIONS PROTECTION |
| Android Device Configuration - Encryption on storage cards | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL |
| Android Device Configuration - Required password type | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Android Work Profile Device Configuration - Require Work Profile Password | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Android Work Profile Device Configuration - Work Profile Password expiration (days) | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Android Work Profile Device Configuration - Work Profile Required password type | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| DB2X-00-007300 - DB2 must utilize centralized management of the content captured in audit records generated by all components of DB2. | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Linux | Unix | AUDIT AND ACCOUNTABILITY |
| DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvclean.dat | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvnames.dat | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvscan.dat | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| EP11-00-007700 - The EDB Postgres Advanced Server must utilize centralized management of the content captured in audit records generated by all components of the EDB Postgres Advanced Server. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| iOS Compliance Policy - Number of previous passwords to prevent reuse | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| iOS Compliance Policy - Require a password to unlock mobile devices | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| iOS Device Management - Adding Game Center friends | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Automatic app downloads | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Block iCloud Document sync | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Configuration profile changes | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Device name modification | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Find My Friends | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Handoff | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Managed apps sync to cloud | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Number of non-alphanumeric characters in password | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| iOS Device Management - Password expiration (days) | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| iOS Device Management - Photo stream syncing to iCloud | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Safari fraud warnings | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Shared photo stream | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Simple passwords | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Untrusted TLS certificates | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Use of the erase all content and settings option on the device | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Viewing corporate documents in unmanaged apps | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| macOS Compliance Policy - Block Simple Passwords | Tenable Best Practices for Microsoft Intune macOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| macOS Compliance Policy - Minimum password length | Tenable Best Practices for Microsoft Intune macOS v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| macOS Compliance Policy - Number of non-alphanumeric characters in password | Tenable Best Practices for Microsoft Intune macOS v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| macOS Compliance Policy - Require a password to unlock devices. | Tenable Best Practices for Microsoft Intune macOS v1.0 | microsoft_azure | ACCESS CONTROL |
| macOS Device Management - Firewall | Tenable Best Practices for Microsoft Intune macOS v1.0 | microsoft_azure | ACCESS CONTROL |
| macOS Device Management - Number of non-alphanumeric characters in password | Tenable Best Practices for Microsoft Intune macOS v1.0 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| macOS Device Management - Stealth Mode | Tenable Best Practices for Microsoft Intune macOS v1.0 | microsoft_azure | ACCESS CONTROL |
| PPS9-00-007700 - The EDB Postgres Advanced Server must utilize centralized management of the content captured in audit records generated by all components of the EDB Postgres Advanced Server. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-032800 - SQL Server must utilize centralized management of the content captured in audit records generated by all components of the DBMS. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| TCAT-AS-001020 - LockOutRealms must be used for management of Tomcat. | DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware | Unix | ACCESS CONTROL |
