| 2.2.22 Ensure 'Deny access to this computer from the network' to include 'Guests, Enterprise Admins Group, Domains Admins Group, Local account, and member of Administrators group' (STIG MS only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.2.23 Ensure 'Deny access to this computer from the network' to include 'Guests, Enterprise Admins Group, Domains Admins Group, Local account, and member of Administrators group' (STIG MS only) | CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.2.23 Ensure 'Deny access to this computer from the network' to include 'Guests, Enterprise Admins Group, Domains Admins Group, Local account, and member of Administrators group' (STIG MS only) | CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.2.40 Ensure 'Profile system performance' is set to 'Administrators, NT SERVICE\WdiServiceHost' - Administrators, NT SERVICE\WdiServiceHost | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | ACCESS CONTROL |
| 2.2.40 Ensure 'Profile system performance' is set to 'Administrators, NT SERVICE\WdiServiceHost' - Administrators, NT SERVICE\WdiServiceHost | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.1.3 Ensure 'Accounts: Guest account status' is set to 'Disabled' (STIG DC & MS only) | CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.8.3 Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.8.3 Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.8.3 Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.53.1.2 (L2) Ensure 'Enable Windows NTP Server' is set to 'Disabled' (MS only) | CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.8.53.1.2 (L2) Ensure 'Enable Windows NTP Server' is set to 'Disabled' (MS only) | CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.50.1.2 (L2) Ensure 'Enable Windows NTP Server' is set to 'Disabled' (MS only) | CIS Windows Server 2012 MS L2 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.50.1.2 (L2) Ensure 'Enable Windows NTP Server' is set to 'Disabled' (MS only) | CIS Windows Server 2012 R2 MS L2 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.50.1.3 (L2) Ensure 'Enable Windows NTP Server' is set to 'Disabled' (MS only) | CIS Microsoft Windows Server 2019 STIG v2.0.0 L2 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.51.1.2 (L1) Ensure 'Enable Windows NTP Server' is set to 'Disabled' (MS only) | CIS Microsoft Windows Server 2022 v3.0.0 L1 Member Server | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.51.1.2 (L1) Ensure 'Enable Windows NTP Server' is set to 'Disabled' (MS only) | CIS Microsoft Windows Server 2019 v3.0.1 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.51.1.2 (L1) Ensure 'Enable Windows NTP Server' is set to 'Disabled' (MS only) | CIS Microsoft Windows Server 2016 v3.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 20.28 Ensure 'Fax Server role' is set to 'Not Installed' | CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.40 Ensure 'Only Administrators have Administrator rights on the system' (STIG MS only) | CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
| 20.40 Ensure 'Only Administrators have Administrator rights on the system' (STIG MS only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 20.40 Ensure 'Only Administrators have Administrator rights on the system' (STIG MS only) | CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MS | Windows | ACCESS CONTROL |
| 20.56 Ensure 'Server Message Block (SMB) v1 protocol must not be installed' | CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.56 Ensure 'Server Message Block (SMB) v1 protocol must not be installed' | CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.57 Ensure 'Server Message Block (SMB) v1 protocol must not be installed' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.57 Ensure 'Server Message Block (SMB) v1 protocol must not be installed' | CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.57 Ensure 'Server Message Block (SMB) v1 protocol must not be installed' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.57 Ensure 'Server Message Block (SMB) v1 protocol must not be installed' | CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| Configure SMB v1 server | MSCT Windows Server v1909 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure SMB v1 server | MSCT MSCT Windows Server 2022 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure SMB v1 server | MSCT Windows 10 v20H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure SMB v1 server | MSCT Windows 10 v22H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure SMB v1 server | MSCT Windows Server v20H2 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure SMB v1 server | MSCT Windows Server v20H2 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| DISA_STIG_McAfee_VirusScan_8.8_Managed_Client_v6r1.audit from DISA McAfee VirusScan 8.8 Managed Client Security Technical implementation Guide v6r1 STIG | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | |
| DISA_STIG_Microsoft_Office_Access_2016_v1r1.audit for Microsoft Office Access 2016, from DISA STIG Microsoft Office Access 2016 v1r1 | DISA STIG Microsoft Office Access 2016 v1r1 | Windows | |
| DISA_VMware_vSphere_8.0_vCenter_Appliance_Management_Interface_(VAMI)_STIG_v2r1.audit from DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1 | DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1 | Unix | |
| DISA_VMware_vSphere_8.0_vCenter_Appliance_User_Interface_(UI)_STIG_v2r1.audit from DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1 | DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1 | Unix | |
| EX19-ED-000122 - Active hyperlinks in messages from non .mil domains must be rendered unclickable. | DISA Microsoft Exchange 2019 Edge Server STIG v2r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX19-ED-000238 - Exchange must render hyperlinks from email sources from non-.mil domains as unclickable. | DISA Microsoft Exchange 2019 Edge Server STIG v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN10-00-000170 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client. | DISA Windows 10 STIG v3r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000170 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client. | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000180 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client - LanManWorkstation | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000180 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client - LanManWorkstation | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000180 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client - mrxsmb10 | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000180 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client - mrxsmb10 | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-AD-000009-DC - The directory server supporting (directly or indirectly) system access or resource authorization must run on a machine dedicated to that function - Services | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-CC-000150 - WDigest Authentication must be disabled. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000150 - WDigest Authentication must be disabled. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN16-00-000412 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client. | DISA Windows Server 2016 STIG v2r9 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000400 - Windows Server 2022 must have the Server Message Block (SMB) v1 protocol disabled on the SMB client. | DISA Windows Server 2022 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
