| 1.1.3.11.12 Set 'Network Security: Allow PKU2U authentication requeststo this computer to use online identities' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.2.3.2.4 Set 'Do not enumerate connected users on domain-joined computers' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.2.3.2.6 Set 'Enumerate local users on domain-joined computers' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.4 Ensure that the underlying Internet Information Services (IIS) Authentication module is set to use Kerberos as its Auth Provider | CIS Microsoft SharePoint 2016 OS v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.4 Ensure that the underlying Internet Information Services (IIS) Authentication module is set to use Kerberos as its Authentication Provider | CIS Microsoft SharePoint 2019 OS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.11.3 Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 4.2 Ensure claims-based authentication is used for all web applications and zones of a SharePoint 2016 farm | CIS Microsoft SharePoint 2016 OS v1.1.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 4.2 Ensure claims-based authentication is used for all web applications and zones of a SharePoint 2019 farm | CIS Microsoft SharePoint 2019 OS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 4.3 Ensure Windows Authentication uses Kerberos and not the NT Lan Manager (NTLM) authentication protocol | CIS Microsoft SharePoint 2016 OS v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Ensure Windows Authentication uses Kerberos and not the NT Lan Manager (NTLM) authentication protocol | CIS Microsoft SharePoint 2019 OS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.2.2 Ensure no legacy '+' entries exist in /etc/passwd | CIS Amazon Linux v2.1.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.2.3 Ensure no legacy '+' entries exist in /etc/shadow | CIS Amazon Linux v2.1.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.2.4 Ensure no legacy '+' entries exist in /etc/group | CIS Amazon Linux v2.1.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.2.20 Ensure shadow group is empty | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | ACCESS CONTROL |
| 6.2.20 Ensure shadow group is empty | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | ACCESS CONTROL |
| 18.2.3 Ensure 'Enable Local Admin Password Management' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| Allow Microsoft accounts to be optional | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Allow Microsoft accounts to be optional | MSCT Windows 10 1803 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Allow Microsoft accounts to be optional | MSCT Windows 10 v1507 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Allow Microsoft accounts to be optional | MSCT Windows 10 1903 v1.19.9 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Allow Microsoft accounts to be optional | MSCT Windows 10 v20H2 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Allow Microsoft accounts to be optional | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Enable local admin password management | MSCT Windows Server 2016 MS v1.0.0 | Windows | ACCESS CONTROL |
| Enable local admin password management | MSCT Windows Server v1909 MS v1.0.0 | Windows | ACCESS CONTROL |
| Enable local admin password management | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
| Enable local admin password management | MSCT Windows 10 1909 v1.0.0 | Windows | ACCESS CONTROL |
| Enable local admin password management | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
| Enable local admin password management | MSCT Windows 10 1809 v1.0.0 | Windows | ACCESS CONTROL |
| Enable local admin password management | MSCT Windows 10 1903 v1.19.9 | Windows | ACCESS CONTROL |
| Enable local admin password management | MSCT Windows 10 v1507 v1.0.0 | Windows | ACCESS CONTROL |
| Enable local admin password management | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
| Enable local admin password management | MSCT Windows Server v2004 MS v1.0.0 | Windows | ACCESS CONTROL |
| Enable local admin password management | MSCT Windows Server 1903 MS v1.19.9 | Windows | ACCESS CONTROL |
| Enable local admin password management | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| Enable local admin password management | MSCT Windows Server v20H2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Ensure no legacy '+' entries exist in /etc/group | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
| Ensure no legacy '+' entries exist in /etc/passwd | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
| Ensure no legacy '+' entries exist in /etc/shadow | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
| Enumerate local users on domain-joined computers | MSCT Windows Server v2004 MS v1.0.0 | Windows | ACCESS CONTROL |
| Enumerate local users on domain-joined computers | MSCT Windows Server 2016 MS v1.0.0 | Windows | ACCESS CONTROL |
| Enumerate local users on domain-joined computers | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| Enumerate local users on domain-joined computers | MSCT Windows Server v20H2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Enumerate local users on domain-joined computers | MSCT Windows 10 1809 v1.0.0 | Windows | ACCESS CONTROL |
| Enumerate local users on domain-joined computers | MSCT Windows 10 1903 v1.19.9 | Windows | ACCESS CONTROL |
| Enumerate local users on domain-joined computers | MSCT Windows 10 v21H2 v1.0.0 | Windows | ACCESS CONTROL |
| Enumerate local users on domain-joined computers | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
| Enumerate local users on domain-joined computers | MSCT Windows Server 1903 MS v1.19.9 | Windows | ACCESS CONTROL |
| Enumerate local users on domain-joined computers | MSCT Windows Server v1909 MS v1.0.0 | Windows | ACCESS CONTROL |
| Enumerate local users on domain-joined computers | MSCT Windows 10 1909 v1.0.0 | Windows | ACCESS CONTROL |
| Network security: Allow PKU2U authentication requests to this computer to use online identities. | MSCT Windows 10 1803 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
