| 1.1.1.3 Ensure mounting of jffs2 filesystems is disabled - /etc/modprobe.d/CIS.conf | CIS Amazon Linux v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.4 Ensure mounting of hfs filesystems is disabled - lsmod | CIS Amazon Linux v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.4 Ensure nosuid option set on /tmp partition | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 1.1.9 Ensure nosuid option set on /var/tmp partition | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 1.1.16 Ensure nosuid option set on /dev/shm partition | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 1.1.17 Ensure noexec option set on /dev/shm partition | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 1.2.1 Ensure package manager repositories are configured | CIS Amazon Linux v2.1.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.4.2.2.24 Configure 'Configure TPM platform validation profile for native UEFI firmware configurations' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.4.2.2.26 Configure 'Disallow standard users from changing the PIN or password' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.2.4.2.3.6 Set 'Use BitLocker software-based encryption when hardware encryption is not available' to 'True' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.4.2.3.8 Set 'Restrict encryption algorithms and cipher suites allowed for hardware-based encryption' to 'False' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.4.2.3.17 Set 'Deny write access to removable drives not protected by BitLocker' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.4.2.6 Configure 'Prevent memory overwrite on restart' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.4.2.9 Set 'Allow Standby States (S1-S3) When Sleeping (On Battery)' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.4.3.2 Configure 'Do not display the password reveal button' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.4.4.3 Set 'System: Control Event Log behavior when the log file reaches its maximum size' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.2.4.4.4 Set 'Security: Control Event Log behavior when the log file reaches its maximum size' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.2.4.4.6 Set 'System: Maximum Log Size (KB)' to 'Enabled:20480 or greater' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.2.4.5.5 Set 'Do not allow passwords to be saved' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.2.4.6.1 Set 'Disallow Digest authentication' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.2.4.6.3 Set 'Allow Basic authentication' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.2.4.7.5 Set 'Configure Automatic Updates' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.4.8 Configure 'Allow the use of biometrics' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.5 Ensure 'unique application pools' is set for sites | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6 Ensure 'application pool identity' is configured for anonymous user identity | CIS IIS 7 L1 v1.8.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.7.1.1 Ensure message of the day is configured properly - banner text | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 1.7.1.3 Ensure remote login warning banner is configured properly - banner text | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 2.1 Ensure 'global authorization rule' is set to restrict access | CIS IIS 7 L1 v1.8.0 | Windows | ACCESS CONTROL |
| 2.1.2 Ensure daytime services are not enabled - daytime-stream | CIS Amazon Linux v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.5 Ensure time services are not enabled - time-stream | CIS Amazon Linux v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.6 Configure 'Remove CD Burning features' | CIS Windows 8 L1 v1.0.0 | Windows | MEDIA PROTECTION |
| 2.8 Set 'Password protect the screen saver' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 2.12 Configure 'Prevent changing screen saver' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 3.1 Ensure 'deployment method retail' is set | CIS IIS 7 L1 v1.8.0 | Windows | CONFIGURATION MANAGEMENT |
| 3.3 Ensure Custom Error Messages are not Off - Default | CIS IIS 7 L2 v1.8.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 3.4 Ensure IIS HTTP detailed errors are hidden from displaying remotely - Applications | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 3.5 Ensure ASP.NET stack tracing is not enabled - Applications | CIS IIS 7 L2 v1.8.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 3.6 Ensure 'httpcookie' mode is configured for session state - Applications | CIS IIS 7 L2 v1.8.0 | Windows | CONFIGURATION MANAGEMENT |
| 3.10 Ensure global .NET trust level is configured - Applications | CIS IIS 7 L1 v1.8.0 | Windows | ACCESS CONTROL |
| 3.10 Ensure global .NET trust level is configured - Default | CIS IIS 7 L1 v1.8.0 | Windows | ACCESS CONTROL |
| 4.2 Ensure 'maxURL request filter' is configured - Applications | CIS IIS 7 L2 v1.8.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 4.10 Ensure 'notListedCgisAllowed' is set to false | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1 Ensure Default IIS web log location is moved | CIS IIS 7 L1 v1.8.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 6.1 Ensure FTP requests are encrypted - Data Channel Default | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure TLS 1.0 is enabled | CIS IIS 7 L1 v1.8.0 | Windows | |
| 7.9 Ensure RC2 Cipher Suites is disabled - RC2 56/128 | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.10 Ensure RC4 Cipher Suites is disabled - RC4 56/128 | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.10 Ensure RC4 Cipher Suites is disabled - RC4 128/128 | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.12 Ensure AES 128/128 Cipher Suite is configured | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.13 Ensure AES 256/256 Cipher Suite is enabled - Enabled | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
