| 1.1.3.9.12 Configure 'MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.6 Set 'service tcp-keepalives-in' | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.2 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users, ENTERPRISE DOMAIN CONTROLLERS' (DC only) | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.3 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users' (MS only) | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 3.1.14 Ensure That 'Notify about alerts with the following severity' is Set to 'High' | CIS Microsoft Azure Foundations v3.0.0 L1 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 3.2.2 Set inbound 'ip access-group' on the External Interface | CIS Cisco IOS XE 16.x v2.1.0 L2 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.2 Ensure SCTP is disabled - lsmod | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.3 Ensure RDS is disabled - modprobe | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.4 Ensure TIPC is disabled - modprobe | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.10.28.5.1 (L1) Ensure 'Allow network connectivity during connected-standby (on battery)' is set to 'Disabled' | CIS Microsoft Intune for Windows 10 v3.0.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 3.11.36.4.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.6 Ensure SSH X11 forwarding is disabled | CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.6 Ensure SSH X11 forwarding is disabled | CIS Ubuntu Linux 18.04 LXD Container L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.21 Ensure SSH AllowTcpForwarding is disabled | CIS Ubuntu Linux 18.04 LXD Container L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 7.6 Ensure port groups are not configured to VLAN 4095 except for Virtual Guest Tagging (VGT) | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.3.1 Ensure unnecessary or superfluous functions inside VMs are disabled | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.3 Ensure VMsafe Agent Port is configured correctly | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.8 Ensure Unity Taskbar is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.13 Ensure Drag and Drop Version Set is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.14 Ensure Shell Action is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.18 Ensure Unity is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.22 Ensure Guest Host Interaction Launch Menu is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.25 Ensure VM Console Drag and Drop operations is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 18.3.4 (L1) Ensure 'NetBT NodeType configuration' is set to 'Enabled: P-node (recommended)' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.4.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3' | CIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.5.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' | CIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.31.2 (L1) Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.32.6.1 (L2) Ensure 'Allow network connectivity during connected-standby (on battery)' is set to 'Disabled' | CIS Microsoft Windows Server 2019 STIG v2.0.0 L2 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.33.6.1 (L1) Ensure 'Allow network connectivity during connected-standby (on battery)' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.33.6.2 (L1) Ensure 'Allow network connectivity during connected-standby (plugged in)' is set to 'Disabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.33.6.2 (L1) Ensure 'Allow network connectivity during connected-standby (plugged in)' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.47.9.4 (L1) Ensure 'Turn on script scanning' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.59.3.2.1 (L2) Ensure 'Allow users to connect remotely by using Remote Desktop Services' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.4.1 (L1) Ensure 'Let Windows apps activate with voice while the system is locked' is set to 'Enabled: Force Deny' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.4.1 (L1) Ensure 'Let Windows apps activate with voice while the system is locked' is set to 'Enabled: Force Deny' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.15.1 (L1) Ensure 'Allow Diagnostic Data' is set to 'Enabled: Diagnostic data off (not recommended)' or 'Enabled: Send required diagnostic data' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.15.1 (L1) Ensure 'Allow Diagnostic Data' is set to 'Enabled: Diagnostic data off (not recommended)' or 'Enabled: Send required diagnostic data' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL + NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.10.4 (L1) Ensure 'Turn on script scanning' is set to 'Enabled' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.10.4 (L1) Ensure 'Turn on script scanning' is set to 'Enabled' | CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.56.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.65.4 (L1) Ensure 'Turn off the offer to update to the latest version of Windows' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 21.1 (L1) Ensure 'Allow Behavior Monitoring' is set to 'Allowed' | CIS Microsoft Intune for Windows 10 v3.0.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 21.1 (L1) Ensure 'Allow Behavior Monitoring' is set to 'Allowed' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 30.5 (L1) Ensure 'Do not show feedback notifications' is set to 'Feedback notifications are disabled' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 43.1 (L2) Ensure 'Disallow KMS Client Online AVS Validation' is set to 'Allow' | CIS Microsoft Intune for Windows 10 v3.0.1 L2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 62.1 (L2) Ensure 'Allow Online Tips' is set to 'Block' | CIS Microsoft Intune for Windows 11 v3.0.1 L2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 80.1 (L2) Ensure 'Allow suggested apps in Windows Ink Workspace' is set to 'Block' | CIS Microsoft Intune for Windows 10 v3.0.1 L2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 80.1 (L2) Ensure 'Allow suggested apps in Windows Ink Workspace' is set to 'Block' | CIS Microsoft Intune for Windows 11 v3.0.1 L2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 80.2 (L1) Ensure 'Allow Windows Ink Workspace' is set to 'Enabled: but the user can't access it above the lock screen' OR 'Disabled' | CIS Microsoft Intune for Windows 10 v3.0.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 86.1.3 (L2) Ensure 'Configure Authenticated Proxy usage for the Connected User Experience and Telemetry service' is set to 'Enabled: Disable Authenticated Proxy usage' | CIS Microsoft Intune for Windows 10 v3.0.1 L2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
