| 2.2.2 Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users, ENTERPRISE DOMAIN CONTROLLERS' (DC only) | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 2.2.2 Ensure 'Access this computer from the network' is set to 'Administrators, Remote Desktop Users' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.24 Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.7 Ensure 'cookies' are set with HttpOnly attribute | CIS IIS 8.0 v1.5.1 Level 1 | Windows | ACCESS CONTROL |
| 3.7 Ensure 'cookies' are set with HttpOnly attribute - Applications | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND SERVICES ACQUISITION |
| 3.7 Ensure 'cookies' are set with HttpOnly attribute - Default | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND SERVICES ACQUISITION |
| 5.9 Ensure Old HTTP Protocol Versions Are Disallowed | CIS Apache HTTP Server 2.4 v2.2.0 L1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.10 Ensure Access to .ht* Files Is Restricted | CIS Apache HTTP Server 2.4 v2.2.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.10 Ensure Access to .ht* Files Is Restricted | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.10 Ensure Access to .ht* Files Is Restricted | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 6.1 Ensure FTP requests are encrypted - Control Channel Sites | CIS IIS 10 v1.2.1 Level 1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.1 Ensure FTP requests are encrypted - Data Channel Sites | CIS IIS 10 v1.2.1 Level 1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.3.9 Audit Pop-up Windows | CIS Apple macOS 13.0 Ventura v3.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.3.9 Audit Pop-up Windows | CIS Apple macOS 15.0 Sequoia v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.12 Ensure all HTTP Header Logging options are enabled - Log Container Page | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.12 Ensure all HTTP Header Logging options are enabled - Referer | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3.1 Disable unnecessary or superfluous functions inside VMs | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | |
| 8.3.1 Disable unnecessary or superfluous functions inside VMs | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 10.2 Restrict access to the web administration | CIS Apache Tomcat 7 L2 v1.1.0 | Unix | ACCESS CONTROL |
| Adtran : Ensure the default 'admin' username is not used | TNS Adtran AOS Best Practice Audit | Adtran | ACCESS CONTROL |
| Default Authentication Realm | Tenable Cisco ACI | Cisco_ACI | ACCESS CONTROL |
| DISA_STIG_MongoDB_Enterprise_Advanced_3.x_DB_v2r3.audit from DISA MongoDB Enterprise Advanced 3.x v2r3 STIG | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 DB | MongoDB | |
| DTBI750 - Updates to web site lists from Microsoft must be disallowed. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
| OH12-1X-000259 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SonicWALL - AutoUpdate - Enabled | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Password Policy - User Lockout - Enabled | TNS SonicWALL v5.9 | SonicWALL | |
| SYMP-AG-000070 - Symantec ProxySG must restrict or block harmful or suspicious communications traffic by controlling the flow of information between interconnected networks based on attribute- and content-based inspection of the source, destination, headers, and/or content of the communications traffic - SSL | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | ACCESS CONTROL |
| SYMP-NM-000150 - Symantec ProxySG must employ automated mechanisms to centrally verify authentication settings - Policy Review | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | CONFIGURATION MANAGEMENT |
| Turn off Internet download for Web publishing and online ordering wizards | MSCT Windows 10 1803 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Turn off Internet download for Web publishing and online ordering wizards | MSCT Windows 10 1909 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Turn off Internet download for Web publishing and online ordering wizards | MSCT Windows 11 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Turn off Internet download for Web publishing and online ordering wizards | MSCT Windows 11 v22H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Turn off Internet download for Web publishing and online ordering wizards | MSCT Windows 10 v21H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Turn off Internet download for Web publishing and online ordering wizards | MSCT Windows 10 v1507 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| VCWN-06-000039 - Passwords must be at least 15 characters in length. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCWN-65-000017 - The vCenter Server for Windows must not override port group settings at the port level on distributed switches. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-65-000039 - The vCenter Server for Windows passwords must be at least 15 characters in length. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VMCH-65-000002 - Drag and drop operations must be disabled on the virtual machine. | DISA STIG VMware vSphere Virtual Machine 6.5 v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-65-000004 - Paste operations must be disabled on the virtual machine. | DISA STIG VMware vSphere Virtual Machine 6.5 v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-65-000009 - The unexposed feature keyword isolation.tools.ghi.autologon.disable must be set on the virtual machine. | DISA STIG VMware vSphere Virtual Machine 6.5 v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-65-000021 - The unexposed feature keyword isolation.tools.unity.push.update.disable must be set on the virtual machine. | DISA STIG VMware vSphere Virtual Machine 6.5 v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-65-000033 - Console connection sharing must be limited on the virtual machine. | DISA STIG VMware vSphere Virtual Machine 6.5 v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-65-000036 - Informational messages from the virtual machine to the VMX file must be limited on the virtual machine. | DISA STIG VMware vSphere Virtual Machine 6.5 v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-67-000007 - HGFS file transfers must be disabled on the virtual machine. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
| vNetwork : restrict-netflow-usage | VMWare vSphere 6.5 Hardening Guide | VMware | |
| WA00620 A22 - The LogLevel directive must be enabled. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WatchGuard : Authentication Settings - 'Authentication User Timeout' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | ACCESS CONTROL |
| WatchGuard : SNMP Configuration - Version = '3' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Web pages and Excel 2003 XML spreadsheets | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Web pages and Excel 2003 XML spreadsheets | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
