| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - certificate | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - certificate | CIS Kubernetes Benchmark v1.8.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - certificate | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - certificate | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - key | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - key | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - key | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.4 Ensure that the --kubelet-client-certificate and --kubelet-client-key arguments are set as appropriate - key | CIS Kubernetes Benchmark v1.8.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.5 Ensure that the --kubelet-certificate-authority argument is set as appropriate | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.5 Ensure that the --kubelet-certificate-authority argument is set as appropriate | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.5 Ensure that the --kubelet-certificate-authority argument is set as appropriate | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.5 Ensure that the --kubelet-certificate-authority argument is set as appropriate | CIS Kubernetes Benchmark v1.8.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.5 Ensure that the kubelet uses certificates to authenticate - ConfigMaps | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | SYSTEM AND SERVICES ACQUISITION |
| 1.2.5 Ensure that the kubelet uses certificates to authenticate - Secrets | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | SYSTEM AND SERVICES ACQUISITION |
| 1.2.6 Verify that the kubelet certificate authority is set as appropriate | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | SYSTEM AND SERVICES ACQUISITION |
| 1.2.9 Ensure that the admission control plugin EventRateLimit is set | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.9 Ensure that the admission control plugin EventRateLimit is set | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.9 Ensure that the admission control plugin EventRateLimit is set | CIS Kubernetes Benchmark v1.8.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.9 Ensure that the admission control plugin EventRateLimit is set | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.12 Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.12 Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.12 Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.12 Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used | CIS Kubernetes Benchmark v1.8.0 L2 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.14 Ensure that the admission control plugin SecurityContextConstraint is set | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | SYSTEM AND SERVICES ACQUISITION |
| 1.2.15 Ensure that the admission control plugin NodeRestriction is set | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | SYSTEM AND SERVICES ACQUISITION |
| 1.2.15 Ensure that the admission control plugin PodSecurityPolicy is set | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2.16 Ensure that the --insecure-bind-address argument is not set - feature-gates | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | SYSTEM AND SERVICES ACQUISITION |
| 1.2.16 Ensure that the --insecure-bind-address argument is not set - openshift-apiserver | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | SYSTEM AND SERVICES ACQUISITION |
| 1.2.16 Ensure that the --insecure-bind-address argument is not set - openshift-kube-apiserver | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | SYSTEM AND SERVICES ACQUISITION |
| 1.2.17 Ensure that the --insecure-port argument is set to 0 | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | SYSTEM AND SERVICES ACQUISITION |
| 2.3.27.12 Ensure 'Encryption mode for Information Rights Management (IRM)' is set to 'Enabled: Cipher Block Chaining (CBC)' | CIS Microsoft Office Enterprise v1.1.0 L1 | Windows | SYSTEM AND SERVICES ACQUISITION |
| 2.5.1.2.1 Ensure 'Authentication with Exchange server' is set to 'Enabled: Kerberos Password Authentication' | CIS Microsoft Office Enterprise v1.1.0 L1 | Windows | SYSTEM AND SERVICES ACQUISITION |
| 2.7 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS MySQL 5.6 Community Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.7 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS MySQL 5.6 Enterprise Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.9 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.9 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS MySQL 5.7 Community Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.10 Ensure Only Approved Ciphers are Used | CIS MySQL 5.6 Community Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.10 Ensure Only Approved Ciphers are Used | CIS MySQL 5.6 Enterprise Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.12 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS MySQL 8.0 Enterprise Database L2 v1.3.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.12 Ensure AES Encryption Mode for AES_ENCRYPT/AES_DECRYPT is Configured Correctly | CIS MySQL 8.0 Community Database L2 v1.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.12 Ensure Only Approved Ciphers are Used | CIS MariaDB 10.6 Database L2 v1.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.12 Ensure Only Approved Ciphers are Used | CIS MariaDB 10.6 on Linux L2 v1.0.0 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 2.14 Ensure Only Approved Ciphers are Used - ssl_cipher | CIS MySQL 5.7 Community Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.14 Ensure Only Approved Ciphers are Used - ssl_cipher | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.14 Ensure Only Approved Ciphers are Used - tls_ciphersuites | CIS MySQL 5.7 Community Database L2 v2.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.17 Ensure Only Approved Ciphers are Used | CIS MySQL 8.0 Enterprise Database L2 v1.3.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.17 Ensure Only Approved Ciphers are Used | CIS MySQL 8.0 Community Database L2 v1.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 8.2.2 Do Not Use Encryption Algorithms that are Not Secure | CIS IBM DB2 11 v1.1.0 Database Level 2 | IBM_DB2DB | SYSTEM AND SERVICES ACQUISITION |
| 9.4 Ensure only approved ciphers are used for Replication | CIS MariaDB 10.6 Database L2 v1.0.0 | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 9.4 Ensure only approved ciphers are used for Replication | CIS MariaDB 10.6 on Linux L2 v1.0.0 | Unix | SYSTEM AND SERVICES ACQUISITION |
