| 1.2.3 Ensure repo_gpgcheck is globally activated | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.2 Ensure 'SSH version 2' is enabled | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.2 Ensure 'SSH version 2' is enabled | CIS Cisco ASA 9.x Firewall L1 v1.1.0 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.2 Ensure 'SSH version 2' is enabled | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.2 Ensure ldap client is not installed | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.3.7.9 (L1) Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or higher | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL |
| 4.1.1 Ensure firewalld is installed | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1.2 Ensure firewalld.service state is configured | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1.7 Ensure firewalld services and ports are configured | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.4 Ensure users must provide password for escalation | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | ACCESS CONTROL |
| 5.29 Ensure 'Web Management Service (WMSvc)' is set to 'Disabled' or 'Not Installed' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 5.32 Ensure 'Web Management Service (WMSvc)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.34 (L1) Ensure 'Web Management Service (WMSvc)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 5.34 (L1) Ensure 'Web Management Service (WMSvc)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.34 (L1) Ensure 'Web Management Service (WMSvc)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT |
| 5.117 - Users must be prevented from connecting using Terminal Services. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 6.1.2 Set SSH Protocol to 2 - Check if Protocol is set to 2 and not commented for client. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.2.1.2 Ensure auditing for processes that start prior to auditd is enabled | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1.3 Ensure audit_backlog_limit is sufficient | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 6.2.2.1 Ensure audit log storage size is configured | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.2.3 Ensure system is disabled when audit logs are full | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.5 Ensure events that modify the system's network environment are collected | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 6.2.3.7 Ensure unsuccessful file access attempts are collected | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.8 Ensure events that modify user/group information are collected | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.20 Ensure the audit configuration is loaded regardless of errors | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.4.1 Ensure the audit log file directory mode is configured | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 6.2.4.5 Ensure audit configuration files mode is configured | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.4.6 Ensure audit configuration files owner is configured | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3 Ensure 'log_error_verbosity' is Set to '2' | CIS Oracle MySQL Community Server 8.0 v1.2.0 L2 MySQL RDBMS MySQLDB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.3 Ensure 'log_error_verbosity' is Set to '2' | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.3 Ensure 'log_error_verbosity' is Set to '2' | CIS Oracle MySQL Enterprise Edition 8.4 v1.1.0 L2 MySQL RDBMS MySQLDB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.3 Ensure 'log_error_verbosity' is Set to '2' | CIS Oracle MySQL Enterprise Edition 8.4 v1.1.0 L2 MySQL RDBMS on Linux MySQLDB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.3 Ensure 'log_warnings' is Set to '2' | CIS MySQL 5.6 Community Database L2 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.3 Ensure 'log_warnings' is Set to '2' | CIS MariaDB 10.11 v1.0.0 L2 MariaDB RDBMS MySQLDB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.77.1.5 Ensure 'Service Enabled' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 81.29 (L1) Ensure 'Web Management Service (WMSvc)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 81.34 (L1) Ensure 'Web Management Service (WMSvc)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 89.34 (L1) Ensure 'Shut Down The System' is set to 'Administrators, Users' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| Enable IKE Version 1/2 - cipher-suite | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure SSH Protocol is set to 2 | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Excel 2 macrosheets and add-in files | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Remove file extensions blocked as Level 2 | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Flood Protection - Layer 2 - WAN machines | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN10-00-000085 - Standard local user accounts must not exist on a system in a domain. | DISA Microsoft Windows 10 STIG v3r6 | Windows | CONFIGURATION MANAGEMENT |
