| 1.2.2.4 Ensure record active speaker, gallery view and shared screen separately is set to enabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.2.3.4 Ensure optimize the recording for 3rd party video editor is set to enabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.131 (L2) Ensure 'Tab Services enabled' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 2.4.2 Ensure Sending Diagnostic and Usage Data to Apple Is Disabled | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.7.1 iCloud configuration | CIS Apple macOS 10.12 L2 v1.2.0 | Unix | ACCESS CONTROL |
| 3.1.3.3 Ensure that 'Endpoint protection' component status is set to 'On' | CIS Microsoft Azure Foundations v3.0.0 L2 | microsoft_azure | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.1 Ensure Bonjour Advertising Services Is Disabled | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure Bonjour Advertising Services Is Disabled | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure HTTP Server Is Disabled | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure HTTP Server Is Disabled | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure HTTP Server Is Disabled | CIS Apple macOS 15.0 Sequoia v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure HTTP Server Is Disabled | CIS Apple macOS 12.0 Monterey v3.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure HTTP Server Is Disabled | CIS Apple macOS 13.0 Ventura v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure HTTP Server Is Disabled | CIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure HTTP Server Is Disabled | CIS Apple macOS 14.0 Sonoma v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.4 Ensure http server is not running | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.2.2.2 Ensure multifactor authentication is enabled for all users | CIS Microsoft 365 Foundations E3 L1 v3.1.0 | microsoft_azure | IDENTIFICATION AND AUTHENTICATION |
| 5.2.5 Ensure Complex Password Must Contain Special Character Is Configured | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.0.0 L2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.6 Ensure Complex Password Must Contain Uppercase and Lowercase Characters Is Configured | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.6 Ensure Complex Password Must Contain Uppercase and Lowercase Characters Is Configured | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.0.0 L2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.5.1 Ensure Container-Optimized OS (cos_containerd) is used for GKE node images | CIS Google Kubernetes Engine (GKE) v1.6.1 L1 | GCP | CONFIGURATION MANAGEMENT |
| 8.1.1 Ensure external file sharing in Teams is enabled for only approved cloud storage services | CIS Microsoft 365 Foundations E3 L2 v3.1.0 | microsoft_azure | ACCESS CONTROL, MEDIA PROTECTION |
| 18.9.14.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.30.2 Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows Server 2022 STIG v1.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 L2 + BL + NG | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows Server 2019 v3.0.1 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows Server 2022 v3.0.0 L2 Domain Controller | Windows | CONFIGURATION MANAGEMENT |
| 18.10.12.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.10.12.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | ACCESS CONTROL |
| 18.10.12.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.12.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v3.0.1 L1 MS | Windows | ACCESS CONTROL |
| 18.10.12.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v3.0.0 L1 Domain Controller | Windows | ACCESS CONTROL |
| 18.10.12.1 (L1) Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v3.0.0 L1 Member Server | Windows | ACCESS CONTROL |
| 18.10.12.1 Ensure 'Turn off cloud consumer account state content' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.10.42.5.2 Ensure 'Join Microsoft MAPS' is set to 'Disabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 30.4 (L1) Ensure 'Disable Consumer Account State Content' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | ACCESS CONTROL |
| 58.5 (L2) Ensure 'Upload User Activities' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v3.0.1 L2 | Windows | CONFIGURATION MANAGEMENT |
| AIOS-18-007400 - Apple iOS/iPadOS 18 allow list must be configured to not include applications with the following characteristics: - Backs up MD data to non-DOD cloud servers (including user and application access to cloud backup services);- Transmits MD diagnostic data to non-DOD servers;- Allows synchronization of data or applications between devices associated with user; and- Allows unencrypted (or encrypted but not FIPS 140-3 validated) data sharing with other MDs or printers.- Apps which backup their own data to a remote system - allows unencrypted (or encrypted but not FIPS 140-2 validated) data sharing with other MDs or printers. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| AOSX-14-002035 - The macOS system must be configured to disable the Cloud Setup services. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | CONFIGURATION MANAGEMENT |
| AOSX-15-002035 - The macOS system must be configured to disable the Cloud Setup services. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002035 - The macOS system must be configured to disable the Cloud Setup services. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-12-002035 - The macOS system must be configured to disable the Cloud Setup services. | DISA STIG Apple macOS 12 v1r9 | Unix | CONFIGURATION MANAGEMENT |
| CIS_Apple_macOS_14.0_Sonoma_Cloud-tailored_v1.0.0_L1.audit from CIS Apple macOS 14.0 Sonoma Cloud-tailored Benchmark v1.0.0 | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.0.0 L1 | Unix | |
| Ensure that the 'max_allowed_packet' database flag for a Cloud Databases Mysql instance is set | Tenable Best Practices RackSpace v2.0.0 | Rackspace | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure that the 'max_connections' database flag for a Cloud Databases Mysql instance is set | Tenable Best Practices RackSpace v2.0.0 | Rackspace | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure that the 'sql_mode' database flag for a Cloud Databases Mysql instance is set | Tenable Best Practices RackSpace v2.0.0 | Rackspace | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure that the 'wait_timeout' database flag for a Cloud Databases Mysql instance is set | Tenable Best Practices RackSpace v2.0.0 | Rackspace | SYSTEM AND COMMUNICATIONS PROTECTION |
| File Content | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.0.0 L2 | Unix | |
| MacOS 12 is installed | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L2 | Unix | |
