| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 6 v1.2.0 L2 MongoDB | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 7 v1.2.0 L2 Windows | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 8 v1.0.0 L2 Windows | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 4 L2 OS Windows v1.0.0 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 5 L2 OS Windows v1.2.0 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 4 L2 OS Linux v1.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 6 v1.2.0 L2 MongoDB | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 5 L2 OS Linux v1.2.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 7 v1.2.0 L2 Unix | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 8 v1.0.0 L2 Unix | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1.4 Ensure only modern TLS protocols are used | CIS NGINX v3.0.0 L1 Proxy | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1.4 Ensure only modern TLS protocols are used | CIS NGINX v3.0.0 L1 Loadbalancer | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1.4 Ensure only modern TLS protocols are used | CIS NGINX v3.0.0 L1 Webserver | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Ensure Encryption of Data at Rest | CIS MongoDB 3.6 L2 Windows Audit v1.1.0 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Ensure Encryption of Data at Rest | CIS MongoDB 3.6 L2 Unix Audit v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Ensure Encryption of Data at Rest | CIS MongoDB 4 L2 OS Windows v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Ensure Encryption of Data at Rest | CIS MongoDB 6 v1.2.0 L2 MongoDB | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Ensure Encryption of Data at Rest | CIS MongoDB 8 v1.0.0 L2 Windows | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Ensure Encryption of Data at Rest | CIS MongoDB 5 L2 OS Windows v1.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Ensure Encryption of Data at Rest | CIS MongoDB 7 v1.2.0 L2 Windows | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.8 Ensure sshd DisableForwarding is enabled | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 5.2.13 Ensure SSH AllowTcpForwarding is disabled | CIS Fedora 28 Family Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.2.13 Ensure SSH AllowTcpForwarding is disabled | CIS Fedora 28 Family Linux Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 7.4 Ensure Network Encryption is Configured and Enabled | CIS Microsoft SQL Server 2022 v1.2.1 L2 Database Engine | MS_SQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure Network Encryption is Configured and Enabled | CIS Microsoft SQL Server 2019 v1.5.2 L2 Database Engine | MS_SQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure Network Encryption is Configured and Enabled | CIS SQL Server 2017 Database L2 DB v1.3.0 | MS_SQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure Network Encryption is Configured and Enabled | CIS SQL Server 2016 Database L2 DB v1.4.0 | MS_SQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows Server 2025 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows Server v2004 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows Server v1909 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows Server 2019 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows 10 1909 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows 10 v2004 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows Server v2004 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows Server v20H2 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows Server 2019 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows 11 v25H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows 11 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows 10 1809 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows 10 v20H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows Server v20H2 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows Server 2025 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows 10 v22H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows Server 2025 MS v2506 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows Server v1909 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows Server 2025 DC v2506 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows Server 2022 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disable new DMA devices when this computer is locked | MSCT Windows 10 1909 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Disable new DMA devices when this computer is locked | MSCT Windows 10 v2004 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Disable new DMA devices when this computer is locked | MSCT Windows 10 v20H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
