| 1.1.7 Ensure separate partition exists for /var/tmp | CIS Amazon Linux v2.1.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.10 (L1) Ensure 'Default geolocation setting' is set to 'Enabled: Don't allow any site to track users' physical location' | CIS Microsoft Intune for Edge v1.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.5.1 Ensure core file size is configured | CIS Oracle Linux 8 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.5.1 Ensure core file size is configured | CIS Oracle Linux 8 v4.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.5.1 Ensure core file size is configured | CIS AlmaLinux OS 8 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.5.1 Ensure core file size is configured | CIS AlmaLinux OS 8 v4.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.5.3 Ensure core dump backtraces are disabled | CIS AlmaLinux OS 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.5.9 Ensure systemd-coredump ProcessSizeMax is configured | CIS Red Hat Enterprise Linux 8 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.5.9 Ensure systemd-coredump ProcessSizeMax is configured | CIS Rocky Linux 8 v3.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.5.9 Ensure systemd-coredump ProcessSizeMax is configured | CIS Oracle Linux 8 v4.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.5.9 Ensure systemd-coredump ProcessSizeMax is configured | CIS AlmaLinux OS 10 v1.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.5.10 Ensure systemd-coredump Storage is configured | CIS Red Hat Enterprise Linux 10 v1.0.1 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.5.10 Ensure systemd-coredump Storage is configured | CIS Oracle Linux 8 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.5.10 Ensure systemd-coredump Storage is configured | CIS AlmaLinux OS 8 v4.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.84 (L1) Ensure 'Disable synchronization of data using Microsoft sync services' is set to 'Enabled' | CIS Microsoft Intune for Edge v1.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.102 (L1) Ensure 'Enable security warnings for command-line flags' is set to 'Enabled' | CIS Microsoft Intune for Edge v1.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.5.2 Ensure 'Domain controller: Allow vulnerable Netlogon secure channel connections' is set to 'Not Configured' (DC Only) | CIS Microsoft Windows Server 2025 v2.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 2.3.7.1 Ensure 'Interactive logon: Do not require CTRL+ALT+DEL' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v5.0.1 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 2.3.10.13 Ensure 'Network access: Sharing and security model for local accounts' is set to 'Classic - local users authenticate as themselves' | CIS Microsoft Windows Server 2025 v2.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 2.3.15.1 Ensure 'System objects: Require case insensitivity for non-Windows subsystems' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v2.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 2.3.15.2 (L1) Ensure 'System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 2.4.2 Disable Internet Sharing | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.16.1 Audit Wallet & Apple Pay Settings | CIS Apple macOS 15.0 Sequoia v2.0.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 3.3.2 clean_partial_conns | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.2 Enable 'Show Wi-Fi status in menu bar' - Show Wi-Fi status in menu bar | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.8 Ensure Billing Alerts are enabled for increments of X spend | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | CONFIGURATION MANAGEMENT |
| 4.10 Verify iPhone Mirroring Settings | MobileIron - CIS Apple iOS 18 v2.0.0 L1 Institution Owned | MDM | CONFIGURATION MANAGEMENT |
| 4.10 Verify iPhone Mirroring Settings | MobileIron - CIS Apple iOS 26 v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT |
| 4.10 Verify iPhone Mirroring Settings | MobileIron - CIS Apple iOS 26 v1.0.0 L1 Institution Owned | MDM | CONFIGURATION MANAGEMENT |
| 5.1.1 Secure Home Folders | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.10 Require an administrator password to access system-wide preferences | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2 Turn on filename extensions | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.1 Starting Tomcat with Security Manager | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 10.1 Ensure Web content directory is on a separate partition from the Tomcat system files (verify Web content directory) | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 10.6 Enable strict servlet Compliance | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 10.20 Use the logEffectiveWebXml and metadata-complete settings for deploying applications in production - web.xml | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 18.1.1.2 Ensure 'Prevent enabling lock screen slide show' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v5.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.7.3 Ensure 'Configure RPC connection settings: Protocol to use for outgoing RPC connections' is set to 'Enabled: RPC over TCP' | CIS Microsoft Windows Server 2022 v5.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.7.4 Ensure 'Configure RPC connection settings: Use authentication for outgoing RPC connections' is set to 'Enabled: Default' | CIS Microsoft Windows Server 2022 v5.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.7.5 Ensure 'Configure RPC listener settings: Protocols to allow for incoming RPC connections' is set to 'Enabled: RPC over TCP' | CIS Microsoft Windows Server 2022 v5.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.7.5 Ensure 'Configure RPC listener settings: Protocols to allow for incoming RPC connections' is set to 'Enabled: RPC over TCP' | CIS Microsoft Windows Server 2025 v2.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.7.7 Ensure 'Configure RPC over TCP port' is set to 'Enabled: 0' | CIS Microsoft Windows Server 2022 v5.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.7.8 Ensure 'Configure RPC packet level privacy setting for incoming connections' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v5.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.7.8 Ensure 'Configure RPC packet level privacy setting for incoming connections' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v5.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.7.8 Ensure 'Configure RPC packet level privacy setting for incoming connections' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v2.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.8.28.1 (L1) Ensure 'Block user from showing account details on sign-in' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.28.1 Ensure 'Disallow copying of user input methods to the system account for sign-in' is set to 'Enabled' | CIS Microsoft Windows Server 2022 Stand-alone v2.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| Enhanced secure mode | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | CONFIGURATION MANAGEMENT |
| MS.EXO.5.1v1 - SMTP AUTH SHALL be disabled. | CISA SCuBA Microsoft 365 Exchange Online v1.5.0 | microsoft_azure | CONFIGURATION MANAGEMENT |
| MS.POWERPLATFORM.1.2v1 - The ability to create trial environments SHALL be restricted to admins. | CISA SCuBA Microsoft 365 Power Platform v1.5.0 | microsoft_azure | CONFIGURATION MANAGEMENT |
