| 1.2.3 Set 'no exec' for 'line aux 0' | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| 1.5.3 Unset 'public' for 'snmp-server community' | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| 1.5.4 Do not set 'RW' for any 'snmp-server community' | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.8 Set 'no service pad' | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.3 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users' (MS only) | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.4.1 Create a single 'interface loopback' | CIS Cisco IOS XE 17.x v2.1.0 L2 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| 2.4.4 Set 'ip tftp source-interface' to the Loopback Interface | CIS Cisco IOS XE 17.x v2.1.0 L2 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| 2.5 Ensure SNMP is configured properly - 'community name private does not exist' | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 3.1.2 Set 'no ip proxy-arp' | CIS Cisco IOS XE 16.x v2.1.0 L2 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| 3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks | CIS Cisco IOS XE 17.x v2.1.0 L2 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.1 Ensure DCCP is disabled - lsmod | CIS Fedora 19 Family Linux Workstation L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.1 Ensure DCCP is disabled - modprobe | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.1 Ensure DCCP is disabled - modprobe | CIS Fedora 19 Family Linux Workstation L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.2 Ensure SCTP is disabled - modprobe | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.3 Ensure RDS is disabled - lsmod | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.10.28.5.2 (L1) Ensure 'Allow network connectivity during connected-standby (plugged in)' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 3.11.36.4.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Microsoft Intune for Windows 10 v3.0.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.2 Ensure DCUI is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.6 Ensure SSH X11 forwarding is disabled | CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.21 Ensure SSH AllowTcpForwarding is disabled | CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.21 Ensure SSH AllowTcpForwarding is disabled | CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.3.7 Ensure SSH X11 forwarding is disabled | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 6.1 Ensure that MongoDB uses a non-default port | CIS MongoDB 4 L1 OS Windows v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 6.1 Ensure that MongoDB uses a non-default port | CIS MongoDB 6 L1 OS Linux v1.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 6.10.5.7 Ensure REST API Explorer is Not Set | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| 6.10.10 Ensure Unused DHCP Service is Not Set | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| 8.2.1 Ensure unnecessary floppy devices are disconnected | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.2.2 Ensure unnecessary CD/DVD devices are disconnected | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.2.6 Ensure unauthorized modification and disconnection of devices is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.2.7 Ensure unauthorized connection of devices is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.6 Ensure BIOS BBS is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.10 Ensure Unity Window Contents is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.23 Ensure memSchedFakeSampleStats is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.27 Ensure VM Console Paste operations are disabled | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 10.4 Ensure Only the Necessary SELinux Booleans are Enabled | CIS BIND DNS v1.0.0 L2 Authoritative Name Server | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 18.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3' | CIS Windows Server 2012 R2 DC L2 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.48.1 Ensure 'Turn off the advertising ID' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v1.0.0 L2 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.15.1 (L1) Ensure 'Allow Diagnostic Data' is set to 'Enabled: Diagnostic data off (not recommended)' or 'Enabled: Send required diagnostic data' | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.15.2 (L2) Ensure 'Configure Authenticated Proxy usage for the Connected User Experience and Telemetry service' is set to 'Enabled: Disable Authenticated Proxy usage' | CIS Microsoft Windows Server 2019 v3.0.1 L2 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.15.2 (L2) Ensure 'Configure Authenticated Proxy usage for the Connected User Experience and Telemetry service' is set to 'Enabled: Disable Authenticated Proxy usage' | CIS Microsoft Windows Server 2022 v3.0.0 L2 Member Server | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.10.4 (L1) Ensure 'Turn on script scanning' is set to 'Enabled' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.62.1 (L2) Ensure 'Turn off KMS Client Online AVS Validation' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v3.0.1 L2 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.62.1 (L2) Ensure 'Turn off KMS Client Online AVS Validation' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v3.0.1 L2 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.79.1 (L2) Ensure 'Allow suggested apps in Windows Ink Workspace' is set to 'Disabled' | CIS Microsoft Windows Server 2019 v3.0.1 L2 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.79.2 (L1) Ensure 'Allow Windows Ink Workspace' is set to 'Enabled: On, but disallow access above lock' OR 'Enabled: Disabled' | CIS Microsoft Windows Server 2022 v3.0.0 L1 Member Server | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 42.1 (L1) Ensure 'Enable insecure guest logons' is set to 'Disabled' | CIS Microsoft Intune for Windows 10 v3.0.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 42.1 (L1) Ensure 'Enable insecure guest logons' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 58.4 (L1) Ensure 'Let Apps Activate With Voice Above Lock' is set to 'Enabled: Force Deny' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 58.5 (L2) Ensure 'Upload User Activities' is set to 'Disabled' | CIS Microsoft Intune for Windows 10 v3.0.1 L2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 58.5 (L2) Ensure 'Upload User Activities' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v3.0.1 L2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
