| 1.5.1 Set 'no snmp-server' to disable SNMP when unused | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| 1.5.2 Unset 'private' for 'snmp-server community' | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.2 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users, ENTERPRISE DOMAIN CONTROLLERS' (DC only) | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.4.1 Create a single 'interface loopback' | CIS Cisco IOS XE 16.x v2.1.0 L2 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| 3.1.2 Set 'no ip proxy-arp' | CIS Cisco IOS XE 17.x v2.1.0 L2 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| 3.1.3 Set 'no interface tunnel' | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.1 Ensure DCCP is disabled - lsmod | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.5 Ensure that Cassandra only listens for network connections on authorized interfaces | CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.5.2 Ensure SCTP is disabled - lsmod | CIS Debian Family Server L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.5.2 Ensure SCTP is disabled - lsmod | CIS Debian Family Workstation L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.5.4 Ensure TIPC is disabled - lsmod | CIS Debian Family Workstation L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.10.28.5.1 (L1) Ensure 'Allow network connectivity during connected-standby (on battery)' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.6 Ensure SSH X11 forwarding is disabled | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.20 Ensure SSH AllowTcpForwarding is disabled | CIS Debian Family Server L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.4 Ensure 'HomeGroup Listener (HomeGroupListener)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.20 Ensure 'Remote Procedure Call (RPC) Locator (RpcLocator)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.22 Ensure 'Routing and Remote Access (RemoteAccess)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.28 Ensure 'UPnP Device Host (upnphost)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.29 Ensure 'Web Management Service (WMSvc)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.32 Ensure 'Windows Media Player Network Sharing Service (WMPNetworkSvc)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 6.11.3 Ensure Console Port is Set to Disabled | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| 6.21 Ensure ICMP Redirects are Disabled for IPv4 | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| 10.4 Ensure Only the Necessary SELinux Booleans are Enabled | CIS BIND DNS v1.0.0 L2 Caching Only Name Server | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 18.3.4 (L1) Ensure 'NetBT NodeType configuration' is set to 'Enabled: P-node (recommended)' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.3.4 Ensure 'NetBT NodeType configuration' is set to 'Enabled: P-node (recommended)' - Enabled: P-node (recommended) | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.4.10 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions IPv6) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3' | CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.4.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3' | CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.5.8.1 (L1) Ensure 'Enable insecure guest logons' is set to 'Disabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.5.8.1 Ensure 'Enable insecure guest logons' is set to 'Disabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3' | CIS Windows Server 2012 R2 MS L2 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.8.1.1 (L1) Ensure 'Turn off notifications network usage' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.36.1 (L1) Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.36.2 (L1) Ensure 'Restrict Unauthenticated RPC clients' is set to 'Enabled: Authenticated' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.47.9.3 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.47.9.4 (L1) Ensure 'Turn on script scanning' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.4.1 (L1) Ensure 'Let Windows apps activate with voice while the system is locked' is set to 'Enabled: Force Deny' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.15.2 (L1) Ensure 'Configure Authenticated Proxy usage for the Connected User Experience and Telemetry service' is set to 'Enabled: Disable Authenticated Proxy usage' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.15.4 (L1) Ensure 'Do not show feedback notifications' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.10.3 (L1) Ensure 'Turn on behavior monitoring' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.10.4 (L1) Ensure 'Turn on script scanning' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.42.10.4 (L1) Ensure 'Turn on script scanning' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.62.1 (L2) Ensure 'Turn off KMS Client Online AVS Validation' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL + NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.79.1 (L2) Ensure 'Allow suggested apps in Windows Ink Workspace' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.79.1 (L2) Ensure 'Allow suggested apps in Windows Ink Workspace' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.79.1 (L2) Ensure 'Allow suggested apps in Windows Ink Workspace' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 21.6 (L1) Ensure 'Allow Script Scanning' is set to 'Allowed' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 67.1 (L1) Ensure 'Allow Telemetry' is set to 'Basic' | CIS Microsoft Intune for Windows 10 v3.0.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 67.1 (L1) Ensure 'Allow Telemetry' is set to 'Basic' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 86.1.3 (L2) Ensure 'Configure Authenticated Proxy usage for the Connected User Experience and Telemetry service' is set to 'Enabled: Disable Authenticated Proxy usage' | CIS Microsoft Intune for Windows 11 v3.0.1 L2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| CIS Control 3 (3.6(b)) Deploy Automated Software Patch Management Tools | CAS Implementation Group 1 Audit File | Unix | SYSTEM AND INFORMATION INTEGRITY |
