| 1.17 Ensure CloudFront to Origin connection is configured using TLS1.1+ as the SSL\TLS protocol | CIS Amazon Web Services Three-tier Web Architecture L2 1.0.0 | amazon_aws | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.6.8.1 (L1) Ensure 'Require Encryption' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.6.8.1 (L1) Ensure 'Require Encryption' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.6.8.1 (L1) Ensure 'Require Encryption' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.6.8.1 (L1) Ensure 'Require Encryption' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.6.8.2 Ensure 'Require Encryption' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v5.0.0 L1 DC | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.6.8.2 Ensure 'Require Encryption' is set to 'Enabled' | CIS Microsoft Windows Server 2022 Stand-alone v2.0.0 L1 MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.6.8.2 Ensure 'Require Encryption' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v5.0.0 L1 MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.6.8.7 (L1) Ensure 'Require Encryption' is set to 'Enabled' | CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.6.8.7 Ensure 'Require Encryption' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v5.0.1 L1 BL | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.6.8.7 Ensure 'Require Encryption' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v2.0.0 L1 DC | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.6.8.7 Ensure 'Require Encryption' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v5.0.1 L1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.6.8.7 Ensure 'Require Encryption' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 BL | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.6.8.7 Ensure 'Require Encryption' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.6.8.7 Ensure 'Require Encryption' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v2.0.0 L1 MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.8.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY |
| 18.8.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.3.1 (L1) Ensure 'Include command line in process creation events' is set to 'Enabled' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| WDigest Authentication | MSCT Windows 10 1803 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows 10 1809 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows 10 v2004 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows 10 v20H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows 11 v23H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows Server v2004 DC v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows 10 1909 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows 10 v21H1 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows Server v1909 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows Server v2004 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows Server 2019 DC v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows Server 2019 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows 11 v24H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows 11 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT MSCT Windows Server 2022 DC v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows Server v20H2 DC v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows Server v20H2 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows 10 v22H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows Server 1903 MS v1.19.9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows Server v1909 DC v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows 10 1903 v1.19.9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows 10 v21H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows 11 v22H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows Server 1903 DC v1.19.9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) | MSCT Windows Server 2022 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) - UseLogonCredential | MSCT Windows Server 2025 DC v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDigest Authentication (disabling may require KB2871997) - UseLogonCredential | MSCT Windows Server 2025 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WDNS-SI-000001 - The Windows 2012 DNS Server must be configured to only allow zone information that reflects the environment for which it is authoritative, to include IP ranges and IP versions. | DISA Microsoft Windows 2012 Server Domain Name System STIG v2r7 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WN12-AU-000011-DC - Windows Server 2012/2012 R2 domain controllers must be configured to audit Account Management - Computer Account Management successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
