| 1.1.4.1.6 Ensure 'Local Machine Zone Lockdown Security' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.1.7 Ensure separate partition exists for /var/tmp | CIS Amazon Linux v2.1.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 1.5 Configure DB2 to use non-standard ports - Port 523 | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | CONFIGURATION MANAGEMENT |
| 1.5.7 Ensure DNS is servers are configured - empty resolv | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | CONFIGURATION MANAGEMENT |
| 1.21.1 (L1) Ensure 'Specifies whether to allow websites to make requests to more-private network endpoints' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.59 (L1) Ensure 'Clear browsing data when Microsoft Edge closes' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.69 (L1) Ensure 'Configure the list of types that are excluded from synchronization' is set to 'Enabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.108 (L2) Ensure 'Enforce Bing SafeSearch' is set to 'Enabled: Configure moderate search restrictions in Bing' | CIS Microsoft Edge v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 1.118 (L1) Ensure 'Restrict exposure of local IP address by WebRTC' is set to 'Enabled: Allow public interface over http default route. This doesn't expose the local IP address' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.1.1.1.1 Set the 'hostname' | CIS Cisco IOS 12 L1 v4.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 2.1.1.3.2.1.1 Ensure 'Allow Trusted Locations on the network' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.4.5.1.1 Ensure 'Internet and network paths as hyperlinks' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.31 Ensure noexec option is configured for NFS. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.8.1 Ensure 'Document Information Panel Beaconing UI' is set to 'Enabled: Always show UI' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.7.1 Ensure 'Disable user entries to server list' is set to 'Enabled: Publish default, disallow others' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.14.2.1.1 Ensure 'Attachment Secure Temporary Folder' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.11.8.7.2.3.1 Ensure 'Allow Trusted Locations on the network' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.11.8.7.2.9 Ensure 'Trust access to Visual Basic Project' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.11.8.7.3 Ensure 'Make hidden markup visible' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 3.3 Verify that docker.socket file ownership is set to root:root | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.3 Verify that docker.socket file ownership is set to root:root | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.3 Verify that docker.socket file ownership is set to root:root | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.4 Verify that docker.socket file permissions are set to 644 or more restrictive | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.6.1.13 Ignore user-provided environment variables | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.7 Verify that registry certificate file ownership is set to root:root | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.7 Verify that registry certificate file ownership is set to root:root | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.8 Set 'Enable OOF messages to remote domains' to 'None' | CIS Microsoft Exchange Server 2013 Hub v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 3.9 Verify that TLS CA certificate file ownership is set to root:root | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.10 Verify that TLS CA certificate file permissions are set to 444 or more restrictive | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.17 Verify that daemon.json file ownership is set to root:root | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.17 Verify that daemon.json file ownership is set to root:root | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.19 Verify that /etc/default/docker file ownership is set to root:root | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 4.1.13 Ensure a Secure Connect Procedure is Used (CONNECT_PROC) | CIS IBM DB2 11 v1.1.0 Windows OS Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 4.2 Enable 'Show Wi-Fi status in menu bar' - Show Wi-Fi status in menu bar | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.2.13 Ensure that a limit is set on pod PIDs | CIS Kubernetes v1.10.0 L1 Worker | Unix | CONFIGURATION MANAGEMENT |
| 5.1 Use secure Realms | CIS Apache Tomcat 7 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.2.27 Ensure SSH does not permit GSSAPI | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | CONFIGURATION MANAGEMENT |
| 5.4.1 Prefer using secrets as files over secrets as environment variables | CIS Kubernetes v1.10.0 L2 Master | Unix | CONFIGURATION MANAGEMENT |
| 5.4.2 Consider external secret storage | CIS Kubernetes v1.10.0 L2 Master | Unix | CONFIGURATION MANAGEMENT |
| 5.7 Do not map privileged ports within containers | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 5.26 Check container health at runtime | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 6.2.21 Ensure that all files and directories contained in local interactive user home directories are owned by the user | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.26 Ensure local interactive users' 'dot' files executable paths resolve to the users home directory. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.29 Ensure users' files and directories within the home directory permissions are 750 or more restrictive | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | CONFIGURATION MANAGEMENT |
| 8.2.2 Ensure the rsyslog Service is activated - run level 4 | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.2.2 Ensure the rsyslog Service is activated - run level 5 | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.2.10 Turn Off ALLOW_KEY_INSERT_WITHOUT_KEYSTORE_BACKUP | CIS IBM DB2 11 v1.1.0 Database Level 2 | IBM_DB2DB | CONFIGURATION MANAGEMENT |
| 9.1.1 Enable cron Daemon - cron run level 5 | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 10.6 Enable strict servlet Compliance | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 10.7 Turn off session facade recycling | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
