| 1.1 Remove extraneous files and directories (SERVER_DIR/webapps/host-manager.xml) | CIS Apache Tomcat 7 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1 Remove extraneous files and directories (SERVER_DIR/webapps/manager) | CIS Apache Tomcat 7 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1 Remove extraneous files and directories (WEBAPP_DIR/examples) | CIS Apache Tomcat 7 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1 Remove extraneous files and directories (WEBAPP_DIR/examples) | CIS Apache Tomcat 7 L2 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 1.1 Remove extraneous files and directories (WEBAPP_DIR/webdav) | CIS Apache Tomcat 7 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.1 Ensure mounting of cramfs filesystems is disabled - lsmod | CIS Amazon Linux v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.2.3 Set 'no exec' for 'line aux 0' | CIS Cisco IOS 12 L1 v4.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.4 Remove all non-essential services from the host - Running Processes | CIS Docker 1.11.0 v1.0.0 L1 Linux | Unix | CONFIGURATION MANAGEMENT |
| 1.4 Remove all non-essential services from the host - Running Processes | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | CONFIGURATION MANAGEMENT |
| 1.6.1.5 Ensure the MCS Translation Service (mcstrans) is not installed | CIS Amazon Linux v2.1.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.1 Turn off Bluetooth, if no paired devices exist | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.1 Turn off Bluetooth, if no paired devices exist | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4.8 Disable File Sharing - smb | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.5.8 Disable sending diagnostic and usage data to Apple | CIS Apple macOS 10.13 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.7.2 Audit iPhone Mirroring | CIS Apple macOS 15.0 Sequoia v2.0.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 2.13 Disable operations on legacy registry (v1) | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 2.14.1 Audit Game Center Settings | CIS Apple macOS 14.0 Sonoma v3.0.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 2.25 Disable Automounting | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1.27 Ensure 'Allow password sharing (supervised only)' is set to 'Disabled' | AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.5.5 Removal of .rhosts and .netrc files - .rhosts | CIS IBM AIX 7.1 L2 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.2.9 Ensure sshd GSSAPIAuthentication is disabled | CIS CentOS Linux 7 v4.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 4.2.10 Ensure SSH PermitUserEnvironment is disabled | CIS Debian Linux 10 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 4.2.10 Ensure SSH PermitUserEnvironment is disabled | CIS Debian Linux 10 v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 4.2.21 Ensure sshd PermitUserEnvironment is disabled | CIS CentOS Linux 7 v4.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 4.4 Ensure http server is not running | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.1.8 Ensure xinetd is not enabled | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.5 Do not mount sensitive host system directories on containers | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 5.6 Do not run ssh within containers | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 5.13 Bind incoming container traffic to a specific host interface | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 5.19 Do not set mount propagation mode to shared | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 6.3 Ensure print server is not enabled | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.7 Ensure NFS and RPC are not enabled - nfs-kernel-server | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.13 Ensure HTTP Proxy Server is not enabled | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 7.14 Apple File System (APFS) | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.2.1 (L2) Ensure external domains are restricted in the Teams admin center | CIS Microsoft 365 Foundations v6.0.1 L2 E3 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 9.3 Disable deploy on startup of applications | CIS Apache Tomcat 7 L2 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 9.3.1 Set SSH Protocol to 2 | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 10.5 Rename the manager application (host-manager/manager.xml) | CIS Apache Tomcat 7 L2 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 10.5 Rename the manager application (webapps/manager) | CIS Apache Tomcat 7 L2 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 10.16 Do not allow cross context requests | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 18.6.4.1 Ensure 'Configure multicast DNS (mDNS) protocol' is set to 'Disabled' | CIS Microsoft Windows Server 2022 v5.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.14.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.14.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.3.1 Ensure 'Turn off API Sampling' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v5.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.57.3.3.4 (L2) Ensure 'Do not allow supported Plug and Play device redirection' is set to 'Enabled' | CIS Windows Server 2012 R2 DC L2 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.57.3.3.6 Ensure 'Do not allow supported Plug and Play device redirection' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v2.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 19.7.8.2 Ensure 'Do not suggest third-party content in Windows spotlight' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v5.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 19.7.8.2 Ensure 'Do not suggest third-party content in Windows spotlight' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v5.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 19.7.8.2 Ensure 'Do not suggest third-party content in Windows spotlight' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v2.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| TFTP vs SFTP and SCP - no tftp server | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | CONFIGURATION MANAGEMENT |
