| 1.1.1.1 Ensure mounting of cramfs filesystems is disabled - lsmod | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.1 Ensure mounting of cramfs filesystems is disabled - modprobe | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.2 Ensure mounting of freevxfs filesystems is disabled - lsmod | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.3 Ensure mounting of jffs2 filesystems is disabled | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.4 Ensure mounting of hfs filesystems is disabled - modprobe | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure mounting of hfsplus filesystems is disabled | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - lsmod | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.5 Ensure mounting of hfsplus filesystems is disabled - modprobe | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure mounting of squashfs filesystems is disabled | CIS Red Hat 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure mounting of squashfs filesystems is disabled | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure mounting of squashfs filesystems is disabled - lsmod | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure mounting of squashfs filesystems is disabled - modprobe | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure mounting of squashfs filesystems is disabled - modprobe | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.7 Ensure mounting of udf filesystems is disabled | CIS CentOS 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.7 Ensure mounting of udf filesystems is disabled | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.7 Ensure mounting of udf filesystems is disabled | CIS Red Hat 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.3 Ensure nodev option set on /tmp partition | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.9 Ensure nosuid option set on /var/tmp partition | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.13 Ensure separate partition exists for /home | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.21 Ensure sticky bit is set on all world-writable directories | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.21 Ensure sticky bit is set on all world-writable directories | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.5.1 Ensure core dumps are restricted - limits.conf, limits.d/* | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.5.1 Ensure core dumps are restricted - limits.conf, limits.d/* | CIS Red Hat 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.5.1 Ensure core dumps are restricted - sysctl | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.6.4 Ensure core dumps are restricted - limits config | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.7.1.1 Ensure message of the day is configured properly | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.7.1.3 Ensure remote login warning banner is configured properly | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.7.2 Ensure GDM login banner is configured - banner message enabled | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.7.2 Ensure GDM login banner is configured - banner message text | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.6.6 (L1) Ensure 'Domain member: Require strong (Windows 2000 or later) session key' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 2.3.8.2 (L1) Ensure 'Microsoft network client: Digitally sign communications (if server agrees)' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 2.3.10.1 (L1) Ensure 'Network access: Allow anonymous SID/Name translation' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 2.3.11.10 (L1) Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is set to 'Require NTLMv2 session security, Require 128-bit encryption' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 3.2.1.24 Ensure 'Allow setting up new nearby devices' is set to 'Disabled' | AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | SECURITY ASSESSMENT AND AUTHORIZATION |
| 4.1.12 Ensure successful file system mounts are collected - 64-bit | CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.12 Ensure successful file system mounts are collected - auditctl (32-bit) | CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.12 Ensure successful file system mounts are collected - auditctl (64-bit) | CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profile /etc/profile.d | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | ACCESS CONTROL |
| 18.8.22.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 | Windows | SECURITY ASSESSMENT AND AUTHORIZATION |
| 18.8.22.1.3 (L2) Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | SECURITY ASSESSMENT AND AUTHORIZATION |
| 18.8.22.1.5 (L2) Ensure 'Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | SECURITY ASSESSMENT AND AUTHORIZATION |
| 18.8.47.5.1 (L2) Ensure 'Microsoft Support Diagnostic Tool: Turn on MSDT interactive communication with support provider' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 | Windows | SECURITY ASSESSMENT AND AUTHORIZATION |
| 18.8.47.5.1 (L2) Ensure 'Microsoft Support Diagnostic Tool: Turn on MSDT interactive communication with support provider' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | SECURITY ASSESSMENT AND AUTHORIZATION |
| 18.8.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | SECURITY ASSESSMENT AND AUTHORIZATION |
| 18.9.81.2.1 (L1) Ensure 'Configure Default consent' is set to 'Enabled: Always ask before sending data' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SECURITY ASSESSMENT AND AUTHORIZATION |
| 18.9.81.3 (L1) Ensure 'Automatically send memory dumps for OS-generated error reports' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SECURITY ASSESSMENT AND AUTHORIZATION |
| Do not allow drive redirection | MSCT Windows Server v20H2 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows 10 1803 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows 10 1809 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows 10 1903 v1.19.9 | Windows | CONFIGURATION MANAGEMENT |
