| 1.5.1 Set 'no snmp-server' to disable SNMP when unused | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| 1.5.2 Unset 'private' for 'snmp-server community' | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| 2.4.1 Create a single 'interface loopback' | CIS Cisco IOS XE 16.x v2.1.0 L2 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| 2.5 Ensure SNMP is configured properly - 'community name private does not exist' | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 3.1.3 Set 'no interface tunnel' | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.1 Ensure DCCP is disabled - lsmod | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.3 Ensure RDS is disabled - lsmod | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.5 Ensure that Cassandra only listens for network connections on authorized interfaces | CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.5.2 Ensure SCTP is disabled - lsmod | CIS Debian Family Server L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.5.2 Ensure SCTP is disabled - lsmod | CIS Debian Family Workstation L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.5.4 Ensure TIPC is disabled - lsmod | CIS Debian Family Workstation L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.2 Ensure DCUI is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.6 Ensure SSH X11 forwarding is disabled | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.6 Ensure SSH X11 forwarding is disabled | CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.20 Ensure SSH AllowTcpForwarding is disabled | CIS Debian Family Server L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.21 Ensure SSH AllowTcpForwarding is disabled | CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.21 Ensure SSH AllowTcpForwarding is disabled | CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.3 Ensure a WildFire file blocking profile is enabled for all security policies allowing Internet traffic flows | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 5.3 Ensure a WildFire file blocking profile is enabled for all security policies allowing Internet traffic flows | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 5.3.7 Ensure SSH X11 forwarding is disabled | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 6.1 Ensure at least one antivirus profile is set to block on all decoders except 'imap' and 'pop3' | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 6.1 Ensure that MongoDB uses a non-default port | CIS MongoDB 4 L1 OS Windows v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 6.11.3 Ensure Console Port is Set to Disabled | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| 6.14 Ensure alerting after a threshold of credit card or Social Security numbers is detected is enabled - Data Filtering Profile | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 6.15 Ensure a secure Data Filtering profile is applied to all security policies allowing traffic to or from the Internet | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 8.2.1 Ensure unnecessary floppy devices are disconnected | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.2.2 Ensure unnecessary CD/DVD devices are disconnected | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.2.6 Ensure unauthorized modification and disconnection of devices is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.2.7 Ensure unauthorized connection of devices is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.6 Ensure BIOS BBS is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.10 Ensure Unity Window Contents is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.23 Ensure memSchedFakeSampleStats is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.27 Ensure VM Console Paste operations are disabled | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 9.1.15 Ensure that 'Notify about attack paths with the following risk level (or higher)' is enabled | CIS Microsoft Azure Foundations v4.0.0 L1 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.47.9.3 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.47.9.4 (L1) Ensure 'Turn on script scanning' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.10.3 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.10.3 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled' | CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.10.3 Ensure 'Turn on behavior monitoring' is set to 'Enabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.10.4 (L1) Ensure 'Turn on script scanning' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.10.4 (L1) Ensure 'Turn on script scanning' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.10.4 (L1) Ensure 'Turn on script scanning' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.10.4 Ensure 'Turn on script scanning' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.10.4 Ensure 'Turn on script scanning' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.10.4 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.10.4 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.10.5 (L1) Ensure 'Turn on script scanning' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.10.5 (L1) Ensure 'Turn on script scanning' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.10.5 (L1) Ensure 'Turn on script scanning' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 22.6 (L1) Ensure 'Allow Script Scanning' is set to 'Allowed' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
