| 1.2.14 Ensure that the admission control plugin NodeRestriction is set | CIS Kubernetes v1.11.1 L2 Master Node | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.15 Ensure that the admission control plugin NodeRestriction is set | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.15 Ensure that the admission control plugin NodeRestriction is set | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.16 Ensure that the admission control plugin NodeRestriction is set | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.3.4 Ensure that the --root-ca-file argument is set as appropriate | CIS Red Hat OpenShift Container Platform v1.8.0 L1 OpenShift | OpenShift | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.17 (L1) Ensure 'Proxy settings' is set to 'Enabled' and does not contain 'ProxyMode': 'auto_detect' | CIS Google Chrome L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.65 (L1) Ensure 'Proxy settings' is set to 'Enabled' and does not contain 'ProxyMode': 'auto_detect' | CIS Google Chrome Group Policy v1.0.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.11 Ensure 'Dynamic IP Address Restrictions' is enabled - Deny By Concurrent Requests | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.11 Ensure 'Dynamic IP Address Restrictions' is enabled - maxConcurrentRequests | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.1 Ensure allow and deny filters limit access to specific IP addresses | CIS NGINX Benchmark v2.1.0 L2 Proxy | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.1 Ensure allow and deny filters limit access to specific IP addresses | CIS NGINX Benchmark v2.1.0 L2 Loadbalancer | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.1 Ensure allow and deny filters limit access to specific IP addresses | CIS NGINX Benchmark v2.1.0 L2 Webserver | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.3 Ensure 'identityAssertionEnabled' is set to 'true' within the CSIv2 Attribute Layer | CIS IBM WebSphere Liberty v1.0.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.2 Minimize the admission of containers wishing to share the host process ID namespace | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.3 Ensure 'identityAssertionTypes' is specified to the correct identity tokens in CSIv2 Attribute Layer - review/Zech | CIS IBM WebSphere Liberty v1.0.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.3 Minimize the admission of containers wishing to share the host IPC namespace | CIS Red Hat OpenShift Container Platform v1.8.0 L1 OpenShift | OpenShift | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.3 Minimize the admission of containers wishing to share the host process ID namespace | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.3 Minimize the admission of containers wishing to share the host process ID namespace | CIS Kubernetes v1.11.1 L1 Master Node | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.3 Minimize the admission of containers wishing to share the host process ID namespace | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure the 'hostNameExcludeList' attribute is set to a whitelist of host names | CIS IBM WebSphere Liberty v1.0.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure SSLv2 is Disabled | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure the 'hostNameIncludeList attribute' is set to a whitelist of host names | CIS IBM WebSphere Liberty v1.0.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3 Ensure the 'addressExcludeList' attribute is set to a whitelist of hostnames | CIS IBM WebSphere Liberty v1.0.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure the 'addressIncludeList' attribute is set to a whitelist of IP addresses | CIS IBM WebSphere Liberty v1.0.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.5 Ensure TLS 1.1 is Disabled | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1 Ensure the TimeOut Is Set to 10 or Less | CIS Apache HTTP Server 2.4 v2.2.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2 Configure 'Disable changing Automatic Configuration settings' | CIS IE 9 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3 Configure 'Disable changing connection settings' | CIS IE 9 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.4 Configure 'Disable changing proxy settings' | CIS IE 9 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.5 Configure 'Make proxy settings per-machine (rather than per-user)' | CIS IE 11 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.5 Configure 'Make proxy settings per-machine (rather than per-user)' | CIS IE 10 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.7 Set 'Prevent changing proxy settings' to 'Enabled' | CIS IE 11 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.8 Configure 'Disable changing Automatic Configuration settings' | CIS IE 11 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.11 Configure 'Disable changing connection settings' | CIS IE 11 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 10.6 Enable strict servlet Compliance | CIS Apache Tomcat 10 L2 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 10.6 Enable strict servlet Compliance | CIS Apache Tomcat 9 L2 v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 10.6 Enable strict servlet Compliance | CIS Apache Tomcat 11 v1.0.0 L2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 10.6 Enable strict servlet Compliance | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 10.6 Enable strict servlet Compliance | CIS Apache Tomcat 10.1 v1.1.0 L2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 10.6 Enable strict servlet Compliance | CIS Apache Tomcat 10 L2 v1.1.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.57.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.57.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled' | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.57.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.57.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v4.0.0 L1 DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.57.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.57.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.57.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.57.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.57.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v4.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.57.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v4.0.0 L1 DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
