| 1.2.8 Ensure that the --authorization-mode argument includes RBAC | CIS Kubernetes Benchmark v1.9.0 L1 Master | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.6.1 Ensure 'SSH source restriction' is set to an authorized IP address | CIS Cisco ASA 9.x Firewall L1 v1.1.0 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.11 Do not setup access keys during initial user setup for all IAM users that have a console password | CIS Amazon Web Services Foundations L1 3.0.0 | amazon_aws | ACCESS CONTROL, MEDIA PROTECTION |
| 1.18 Ensure IAM instance roles are used for AWS resource access from instances | CIS Amazon Web Services Foundations L2 3.0.0 | amazon_aws | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.30 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.8 Ensure Handler is not granted Write and Script/Execute - Applications | CIS IIS 10 v1.2.1 Level 1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.1.1 Ensure that the cluster-admin role is only used where required | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.1.10 Minimize access to the proxy sub-resource of nodes | CIS Kubernetes Benchmark v1.9.0 L1 Master | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.2.4 Ensure SSH access is limited | CIS SUSE Linux Enterprise 12 v3.1.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4 Ensure SSH access is limited | CIS SUSE Linux Enterprise 15 Server L1 v1.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4 Ensure SSH access is limited | CIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4 Ensure SSH access is limited | CIS SUSE Linux Enterprise 12 v3.1.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.14 Ensure SSH access is limited | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.14 Ensure SSH access is limited | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.3.5 Ensure SSH access is limited | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.3.5 Ensure SSH access is limited | CIS Red Hat 6 Server L1 v3.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.3.6 Ensure SSH access is limited | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.3.6 Ensure SSH access is limited | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| DTAM144 - McAfee VirusScan Access Protection Rules Common Standard Protection must be set to prevent termination of McAfee processes. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | ACCESS CONTROL |
| DTAM144 - McAfee VirusScan Access Protection: Common Standard Protection must be set to prevent termination of McAfee processes. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | ACCESS CONTROL |
| DTOO199 - Changing permissions on rights managed content for users must be enforced. | DISA STIG Microsoft Office System 2013 v2r1 | Windows | ACCESS CONTROL |
| DTOO200 - Office must be configured to not allow read with browsers. | DISA STIG Microsoft Office System 2013 v2r1 | Windows | ACCESS CONTROL |
| DTOO208 - Office client polling of SharePoint servers published links must be disabled. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | ACCESS CONTROL |
| GEN000020 - The system must require authentication upon booting into single-user and maintenance modes. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN000020 - The system must require authentication upon booting into single-user and maintenance modes. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN000020 - The system must require authentication upon booting into single-user and maintenance modes. | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN000020 - The system must require authentication upon booting into single-user and maintenance modes. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN004820 - Anonymous FTP must not be active on the system unless authorized. | DISA STIG Solaris 10 SPARC v2r1 | Unix | ACCESS CONTROL |
| GEN004820 - Anonymous FTP must not be active on the system unless authorized. | DISA STIG Solaris 10 X86 v2r1 | Unix | ACCESS CONTROL |
| GEN004820 - Anonymous FTP must not be active on the system unless authorized. | DISA STIG Solaris 10 X86 v2r2 | Unix | ACCESS CONTROL |
| GEN004820 - Anonymous FTP must not be active on the system unless authorized. | DISA STIG Solaris 10 SPARC v2r2 | Unix | ACCESS CONTROL |
| GEN008620 - System BIOS or system controllers supporting password protection must have administrator accounts/passwords configured, and no others. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN008620 - System BIOS or system controllers supporting password protection must have administrator accounts/passwords configured, and no others. | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN008620 - System BIOS or system controllers supporting password protection must have administrator accounts/passwords configured, and no others. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN008700 - The system boot loader must require authentication - '/boot/grub/grub.conf' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN008700 - The system boot loader must require authentication - '/boot/grub/menu.lst' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN008700 - The system boot loader must require authentication - '/boot/grub/menu.lst' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN008700 - The system boot loader must require authentication. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN008710 - The system boot loader must protect passwords using an MD5 or stronger cryptographic hash. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| Monterey - Disable AirDrop | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable AirDrop | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable AirDrop | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable AirDrop | NIST macOS Monterey v1.0.0 - 800-171 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable AirDrop | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable AirDrop | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable AirDrop | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable AirDrop | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable AirDrop | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| SRG-OS-99999-ESXI5-000151 - The system must prevent unintended use of dvfilter network APIs | DISA STIG VMWare ESXi Server 5 STIG v1r10 | VMware | ACCESS CONTROL |
| SRG-OS-99999-ESXI5-000151 - The system must prevent unintended use of dvfilter network APIs | DISA STIG VMWare ESXi Server 5 STIG v1r9 | VMware | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
