| 1.2.2.4 Ensure record active speaker, gallery view and shared screen separately is set to enabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.2.3.4 Ensure optimize the recording for 3rd party video editor is set to enabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.2.4.3 Ensure host can pause/stop the auto recording in the cloud is set to enabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.131 (L2) Ensure 'Tab Services enabled' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 2.7.1 iCloud configuration | CIS Apple macOS 10.12 L2 v1.2.0 | Unix | ACCESS CONTROL |
| 3.1.3.3 Ensure that 'Endpoint protection' component status is set to 'On' | CIS Microsoft Azure Foundations v3.0.0 L2 | microsoft_azure | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.2 Ensure HTTP Server Is Disabled | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure HTTP Server Is Disabled | CIS Apple macOS 12.0 Monterey v4.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure HTTP Server Is Disabled | CIS Apple macOS 15.0 Sequoia v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure HTTP Server Is Disabled | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure HTTP Server Is Disabled | CIS Apple macOS 13.0 Ventura v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure HTTP Server Is Disabled | CIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure HTTP Server Is Disabled | CIS Apple macOS 14.0 Sonoma v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.4 Ensure http server is not running | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.2.2.2 Ensure multifactor authentication is enabled for all users | CIS Microsoft 365 Foundations E3 L1 v3.1.0 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 5.2.2.4 Ensure Sign-in frequency is enabled and browser sessions are not persistent for Administrative users | CIS Microsoft 365 Foundations E3 L1 v3.1.0 | microsoft_azure | ACCESS CONTROL |
| 5.5.1 Ensure Container-Optimized OS (cos_containerd) is used for GKE node images | CIS Google Kubernetes Engine (GKE) v1.7.0 L1 | GCP | CONFIGURATION MANAGEMENT |
| 8.10 Ensure only MFA enabled identities can access privileged Virtual Machine | CIS Microsoft Azure Foundations v3.0.0 L2 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 18.9.14.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows Server 2022 v3.0.0 L2 Member Server | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 NG | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL + NG | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows Server 2019 v3.0.1 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows Server 2022 v3.0.0 L2 Domain Controller | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows Server 2025 v1.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L2 Domain Controller | Windows | CONFIGURATION MANAGEMENT |
| 18.10.12.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v3.0.0 L1 MS | Windows | ACCESS CONTROL |
| 18.10.12.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS | Windows | ACCESS CONTROL |
| 18.10.12.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | ACCESS CONTROL |
| 18.10.12.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v3.0.1 L1 MS | Windows | ACCESS CONTROL |
| 18.10.12.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v3.0.0 L1 Domain Controller | Windows | ACCESS CONTROL |
| 18.10.12.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v3.0.0 L1 Member Server | Windows | ACCESS CONTROL |
| 18.10.13.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | ACCESS CONTROL |
| 18.10.42.5.2 Ensure 'Join Microsoft MAPS' is set to 'Disabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.5.2 (L2) Ensure 'Join Microsoft MAPS' is set to 'Disabled' | CIS Microsoft Windows Server 2025 v1.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 30.4 (L1) Ensure 'Disable Consumer Account State Content' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | ACCESS CONTROL |
| 58.5 (L2) Ensure 'Upload User Activities' is set to 'Disabled' | CIS Microsoft Intune for Windows 10 v3.0.1 L2 | Windows | CONFIGURATION MANAGEMENT |
| 58.5 (L2) Ensure 'Upload User Activities' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v3.0.1 L2 | Windows | CONFIGURATION MANAGEMENT |
| AIOS-18-007400 - Apple iOS/iPadOS 18 allow list must be configured to not include applications with the following characteristics: - Backs up MD data to non-DOD cloud servers (including user and application access to cloud backup services);- Transmits MD diagnostic data to non-DOD servers;- Allows synchronization of data or applications between devices associated with user; and- Allows unencrypted (or encrypted but not FIPS 140-3 validated) data sharing with other MDs or printers.- Apps which backup their own data to a remote system - allows unencrypted (or encrypted but not FIPS 140-2 validated) data sharing with other MDs or printers. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| ARDC-CN-000055 - Adobe Reader DC must disable the Adobe Send and Track plugin for Outlook. | DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1 | Windows | CONFIGURATION MANAGEMENT |
