| 1.2.15 Ensure that the admission control plugin NodeRestriction is set | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.15 Ensure that the admission control plugin NodeRestriction is set | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.15 Ensure that the admission control plugin NodeRestriction is set | CIS Kubernetes Benchmark v1.8.0 L2 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.16 Ensure that the admission control plugin NodeRestriction is set | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.3.4 Ensure that the --root-ca-file argument is set as appropriate | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.20 Ensure that Microsoft Defender for Cloud Apps integration with Microsoft Defender for Cloud is Selected | CIS Microsoft Azure Foundations v2.1.0 L2 | microsoft_azure | RISK ASSESSMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.17 Ensure 'Proxy settings' is set to 'Enabled' and does not contain 'ProxyMode': 'auto_detect' | CIS Google Chrome L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.4.1 Block high risk categories on Application Control | CIS Fortigate 7.0.x Level 1 v1.2.0 | FortiGate | ACCESS CONTROL, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.11 Ensure 'Dynamic IP Address Restrictions' is enabled - Deny By Concurrent Requests | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.11 Ensure 'Dynamic IP Address Restrictions' is enabled - maxConcurrentRequests | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.1 Ensure allow and deny filters limit access to specific IP addresses | CIS NGINX Benchmark v2.0.1 L2 Loadbalancer | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.1 Ensure allow and deny filters limit access to specific IP addresses | CIS NGINX Benchmark v2.0.1 L2 Webserver | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.1 Ensure allow and deny filters limit access to specific IP addresses | CIS NGINX Benchmark v2.0.1 L2 Proxy | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.2 Minimize the admission of containers wishing to share the host process ID namespace | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.3 Minimize the admission of containers wishing to share the host IPC namespace | CIS RedHat OpenShift Container Platform 4 v1.5.0 L1 | OpenShift | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.3 Minimize the admission of containers wishing to share the host process ID namespace | CIS Kubernetes Benchmark v1.8.0 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.3 Minimize the admission of containers wishing to share the host process ID namespace | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.3 Minimize the admission of containers wishing to share the host process ID namespace | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.17 Ensure HTTP Header Referrer-Policy is set appropriately | CIS Apache HTTP Server 2.4 L2 v2.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.17 Ensure HTTP Header Referrer-Policy is set appropriately | CIS Apache HTTP Server 2.4 L2 v2.1.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.18 Ensure HTTP Header Permissions-Policy is set appropriately | CIS Apache HTTP Server 2.4 L2 v2.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 5.18 Ensure HTTP Header Permissions-Policy is set appropriately | CIS Apache HTTP Server 2.4 L2 v2.1.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 7.2 Ensure SSLv2 is Disabled | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.5 Ensure TLS 1.1 is Disabled | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1 Ensure the TimeOut Is Set to 10 or Less | CIS Apache HTTP Server 2.4 L1 v2.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1 Ensure the TimeOut Is Set to 10 or Less | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2 Configure 'Disable changing Automatic Configuration settings' | CIS IE 9 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3 Configure 'Disable changing connection settings' | CIS IE 9 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.4 Configure 'Disable changing proxy settings' | CIS IE 9 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.5 Configure 'Make proxy settings per-machine (rather than per-user)' | CIS IE 10 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.5 Configure 'Make proxy settings per-machine (rather than per-user)' | CIS IE 11 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.7 Set 'Prevent changing proxy settings' to 'Enabled' | CIS IE 10 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.7 Set 'Prevent changing proxy settings' to 'Enabled' | CIS IE 11 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.8 Configure 'Disable changing Automatic Configuration settings' | CIS IE 10 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.8 Configure 'Disable changing Automatic Configuration settings' | CIS IE 11 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.11 Configure 'Disable changing connection settings' | CIS IE 11 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.11 Configure 'Disable changing connection settings' | CIS IE 10 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 10.6 Enable strict servlet Compliance | CIS Apache Tomcat 9 L2 v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 10.6 Enable strict servlet Compliance | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 10.6 Enable strict servlet Compliance | CIS Apache Tomcat 10 L2 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 10.6 Enable strict servlet Compliance | CIS Apache Tomcat 10 L2 v1.1.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.56.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v3.0.0 L1 Member Server | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.56.3.9.2 (L1) Ensure 'Require secure RPC communication' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v3.0.0 L1 Domain Controller | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI305 - Automatic configuration of Internet Explorer must be disallowed. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
