| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate | CIS Kubernetes v1.10.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - certificate | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - certificate | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - certificate | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - key | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - key | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - key | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.5 Ensure that the --kubelet-certificate-authority argument is set as appropriate | CIS Kubernetes v1.10.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.5 Ensure that the --kubelet-certificate-authority argument is set as appropriate | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.5 Ensure that the --kubelet-certificate-authority argument is set as appropriate | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.5 Ensure that the --kubelet-certificate-authority argument is set as appropriate | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.5 Ensure that the kubelet uses certificates to authenticate | CIS Red Hat OpenShift Container Platform v1.7.0 L1 | OpenShift | SYSTEM AND SERVICES ACQUISITION |
| 1.2.9 Ensure that the admission control plugin EventRateLimit is set | CIS Kubernetes v1.10.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.9 Ensure that the admission control plugin EventRateLimit is set | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.9 Ensure that the admission control plugin EventRateLimit is set | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.9 Ensure that the admission control plugin EventRateLimit is set | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.12 Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.12 Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.12 Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.14 Ensure that the admission control plugin SecurityContextConstraint is set | CIS Red Hat OpenShift Container Platform v1.7.0 L1 | OpenShift | SYSTEM AND SERVICES ACQUISITION |
| 1.2.15 Ensure that the admission control plugin NodeRestriction is set | CIS Red Hat OpenShift Container Platform v1.7.0 L1 | OpenShift | SYSTEM AND SERVICES ACQUISITION |
| 1.2.15 Ensure that the admission control plugin PodSecurityPolicy is set | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.16 Ensure that the --insecure-bind-address argument is not set | CIS Red Hat OpenShift Container Platform v1.7.0 L1 | OpenShift | SYSTEM AND SERVICES ACQUISITION |
| 2.1.1.1.3 Set 'modulus' to greater than or equal to 2048 for 'crypto key generate rsa' | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | SYSTEM AND SERVICES ACQUISITION |
| 2.3.27.12 (L1) Ensure 'Encryption mode for Information Rights Management (IRM)' is set to 'Enabled: Cipher Block Chaining (CBC)' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND SERVICES ACQUISITION |
| 2.3.27.12 Ensure 'Encryption mode for Information Rights Management (IRM)' is set to 'Enabled: Cipher Block Chaining (CBC)' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND SERVICES ACQUISITION |
| 2.5.1.2.1 Ensure 'Authentication with Exchange server' is set to 'Enabled: Kerberos Password Authentication' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND SERVICES ACQUISITION |
| 2.5.14.3.9 (L1) Ensure 'Authentication with Exchange server' is set to 'Enabled: Kerberos Password Authentication' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND SERVICES ACQUISITION |
| 2.7 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS MySQL 5.6 Community Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.7 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS MySQL 5.6 Enterprise Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.9 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS MySQL 5.7 Community Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.9 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.10 Ensure Only Approved Ciphers are Used | CIS MySQL 5.6 Enterprise Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.10 Ensure Only Approved Ciphers are Used | CIS MySQL 5.6 Community Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.12 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS Oracle MySQL Community Server 8.4 v1.0.0 L2 Database | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.12 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L2 MySQL RDBMS | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.12 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS MySQL 8.0 Community Database L2 v1.1.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.12 Ensure Only Approved Ciphers are Used | CIS MariaDB 10.6 Database L2 v1.1.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.12 Ensure Only Approved Ciphers are Used | CIS MariaDB 10.6 on Linux L2 v1.1.0 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 2.14 Ensure Only Approved Ciphers are Used - ssl_cipher | CIS MySQL 5.7 Community Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.14 Ensure Only Approved Ciphers are Used - tls_ciphersuites | CIS MySQL 5.7 Community Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.17 Ensure Only Approved Ciphers are Used | CIS Oracle MySQL Community Server 8.4 v1.0.0 L2 Database | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.17 Ensure Only Approved Ciphers are Used | CIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L2 MySQL RDBMS | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.17 Ensure Only Approved Ciphers are Used | CIS MySQL 8.0 Community Database L2 v1.1.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.17 Ensure Only Approved Ciphers are Used | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L2 Database | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 5.1.2 Ensure 'establishTrustInClient' is set to 'required' within the CSIv2 Authentication Layer | CIS IBM WebSphere Liberty v1.0.0 L1 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 5.2.2 Ensure 'establishTrustInClient' is 'Required' for the CSIv2 Authentication Layer - needsReview/Zech | CIS IBM WebSphere Liberty v1.0.0 L1 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 8.2.2 Do Not Use Encryption Algorithms that are Not Secure | CIS IBM DB2 11 v1.1.0 Database Level 2 | IBM_DB2DB | SYSTEM AND SERVICES ACQUISITION |
| 9.4 Ensure only approved ciphers are used for Replication | CIS MariaDB 10.6 Database L2 v1.1.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 9.4 Ensure only approved ciphers are used for Replication | CIS MariaDB 10.6 on Linux L2 v1.1.0 | Unix | SYSTEM AND SERVICES ACQUISITION |
