| 1.12 Ensure credentials unused for 45 days or greater are disabled | CIS Amazon Web Services Foundations L1 1.5.0 | amazon_aws | ACCESS CONTROL |
| 4.1.5 Ensure that default service accounts are not actively used. | CIS Google Kubernetes Engine (GKE) v1.3.0 L1 | GCP | ACCESS CONTROL |
| 4.2.4 maxexpired | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | ACCESS CONTROL |
| 4.12 Lock historical users | CIS IBM AIX 7.2 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.1.5 Ensure that default service accounts are not actively used. | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | ACCESS CONTROL |
| 5.1.5 Ensure that default service accounts are not actively used. | CIS RedHat OpenShift Container Platform 4 v1.3.0 L1 | OpenShift | ACCESS CONTROL |
| 5.1.5 Ensure that default service accounts are not actively used. | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | ACCESS CONTROL |
| 5.1.5 Ensure that default service accounts are not actively used. | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | ACCESS CONTROL |
| 5.2.7 Ensure Password Age Is Configured | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | ACCESS CONTROL |
| 5.2.7 Ensure Password Age Is Configured | CIS Apple macOS 11.0 Big Sur v3.0.0 L1 | Unix | ACCESS CONTROL |
| 5.2.7 Ensure Password Age Is Configured | CIS Apple macOS 12.0 Monterey v2.0.0 L1 | Unix | ACCESS CONTROL |
| 5.2.7 Ensure Password Age Is Configured | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | ACCESS CONTROL |
| 5.2.7 Ensure Password Age Is Configured | CIS Apple macOS 13.0 Ventura v1.0.0 L1 | Unix | ACCESS CONTROL |
| 5.4.1.4 Ensure inactive password lock is 30 days or less - useradd | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | ACCESS CONTROL |
| 5.4.1.4 Ensure inactive password lock is 30 days or less - useradd | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | ACCESS CONTROL |
| 5.4.1.4 Ensure inactive password lock is 30 days or less - useradd | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL |
| 5.4.1.4 Ensure inactive password lock is 30 days or less - useradd | CIS Fedora 19 Family Linux Workstation L1 v1.0.0 | Unix | ACCESS CONTROL |
| 5.4.1.4 Ensure inactive password lock is 30 days or less - users | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | ACCESS CONTROL |
| 5.4.1.4 Ensure inactive password lock is 30 days or less - users | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | ACCESS CONTROL |
| 5.4.1.4 Ensure inactive password lock is 30 days or less - users | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL |
| 5.4.1.4 Ensure inactive password lock is 30 days or less - users | CIS Fedora 19 Family Linux Workstation L1 v1.0.0 | Unix | ACCESS CONTROL |
| 5.5.1.4 Ensure inactive password lock is 30 days or less - /etc/default/useradd | CIS Oracle Linux 7 Server L1 v3.1.1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.5.1.4 Ensure inactive password lock is 30 days or less - /etc/default/useradd | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.5.1.4 Ensure inactive password lock is 30 days or less - /etc/default/useradd | CIS CentOS 7 v3.1.2 Server L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.5.1.4 Ensure inactive password lock is 30 days or less - useradd | CIS CentOS 6 Server L1 v3.0.0 | Unix | ACCESS CONTROL |
| 5.5.1.4 Ensure inactive password lock is 30 days or less - useradd | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | ACCESS CONTROL |
| 5.5.1.4 Ensure inactive password lock is 30 days or less - useradd | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL |
| 5.5.1.4 Ensure inactive password lock is 30 days or less - useradd | CIS Red Hat 6 Server L1 v3.0.0 | Unix | ACCESS CONTROL |
| 5.5.1.4 Ensure inactive password lock is 30 days or less - useradd | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | ACCESS CONTROL |
| 5.5.1.4 Ensure inactive password lock is 30 days or less - useradd | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL |
| 5.5.1.4 Ensure inactive password lock is 30 days or less - users | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | ACCESS CONTROL |
| 5.5.1.4 Ensure inactive password lock is 30 days or less - users | CIS CentOS 6 Server L1 v3.0.0 | Unix | ACCESS CONTROL |
| 5.5.1.4 Ensure inactive password lock is 30 days or less - users | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL |
| 5.5.1.4 Ensure inactive password lock is 30 days or less - users | CIS Red Hat 6 Server L1 v3.0.0 | Unix | ACCESS CONTROL |
| 5.5.1.4 Ensure inactive password lock is 30 days or less - users | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | ACCESS CONTROL |
| 5.5.1.4 Ensure inactive password lock is 30 days or less - users | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL |
| 5.5.1.4 Ensure inactive password lock is 30 days or less - users | CIS Red Hat EL7 Workstation L1 v3.1.1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.5.1.4 Ensure inactive password lock is 30 days or less - users | CIS CentOS 7 v3.1.2 Server L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 7.5 Lock Inactive User Accounts - INACTIVE=35 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 7.6 Lock Inactive User Accounts | CIS Oracle Solaris 11.4 L1 v1.0.0 | Unix | ACCESS CONTROL |
| 9.2.3 Verify No Legacy '+' Entries Exist in /etc/shadow File - + Entries Exist in /etc/shadow File | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 9.2.4 Verify No Legacy '+' Entries Exist in /etc/group File - + Entries Exist in /etc/group File | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 17.1.1 (L1) Ensure 'Audit Credential Validation' is set to 'Success and Failure' | CIS Microsoft Windows 8.1 v2.4.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 17.1.1 (L1) Ensure 'Audit Credential Validation' is set to 'Success and Failure' | CIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure' | CIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure' | CIS Microsoft Windows 8.1 v2.4.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 20.44 Ensure 'Outdated or unused accounts are removed or disabled' | CIS Microsoft Windows Server 2019 STIG MS STIG v1.0.1 | Windows | ACCESS CONTROL |
| 20.44 Ensure 'Outdated or unused accounts are removed or disabled' | CIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1 | Windows | ACCESS CONTROL |
| 20.45 Ensure 'Outdated or unused accounts are removed or disabled' | CIS Microsoft Windows Server 2016 STIG DC STIG v1.1.0 | Windows | ACCESS CONTROL |
| 20.45 Ensure 'Outdated or unused accounts are removed or disabled' | CIS Microsoft Windows Server 2016 STIG MS STIG v1.1.0 | Windows | ACCESS CONTROL |
