| 1.11 (L2) Host hardware must secure unused external hardware ports | CIS VMware ESXi 8.0 v1.1.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 3.2 Disable the Shutdown port | CIS Apache Tomcat 10 L2 v1.1.0 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2 Disable the Shutdown port | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2 Disable the Shutdown port | CIS Apache Tomcat 10.1 v1.1.0 L2 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2 Disable the Shutdown port | CIS Apache Tomcat 10 L2 v1.1.0 Middleware | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2 Disable the Shutdown port | CIS Apache Tomcat 11 v1.0.0 L2 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2 Disable the Shutdown port | CIS Apache Tomcat 9 L2 v1.2.0 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.16 (L1) Host must configure a session timeout for the API | CIS VMware ESXi 8.0 v1.1.0 L1 | VMware | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.17 (L1) Host must automatically terminate idle host client sessions | CIS VMware ESXi 8.0 v1.1.0 L1 | VMware | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.5 (L1) Virtual machines must be configured to lock when the last console connection is closed | CIS VMware ESXi 8.0 v1.1.0 L1 | VMware | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.5 Ensure mutual TLS is enabled | CIS MariaDB 10.6 Database L1 v1.1.0 | MySQLDB | CONFIGURATION MANAGEMENT |
| 10.5 Rename the manager application | CIS Apache Tomcat 11 v1.0.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 10.5 Rename the manager application | CIS Apache Tomcat 10.1 v1.1.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 11.2 Ensure Apache Processes Run in the httpd_t Confined Context | CIS Apache HTTP Server 2.4 v2.2.0 L2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
