| 1.13 Ensure That 'Users Can Register Applications' Is Set to 'No' | CIS Microsoft Azure Foundations v2.1.0 L1 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 1.19 Ensure that 'Owners can manage group membership requests in the Access Panel' is set to 'No' | CIS Microsoft Azure Foundations v2.1.0 L2 | microsoft_azure | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.1 (L1) Ensure 'Access Credential Manager as a trusted caller' is set to 'No One' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.1 (L1) Ensure 'Access Credential Manager as a trusted caller' is set to 'No One' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.2 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users, ENTERPRISE DOMAIN CONTROLLERS' (DC only) | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.2 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Remote Desktop Users' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NG | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.3 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users' (MS only) | CIS Microsoft Windows Server 2022 v3.0.0 L1 Member Server | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.3 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users' (MS only) | CIS Microsoft Windows Server 2019 v3.0.1 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.6 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NG | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.6 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BL | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.6 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.6 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.6 (L1) Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NG | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.15 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.15 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.15 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.15 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.15 (L1) Ensure 'Debug programs' is set to 'Administrators' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.23 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + NG | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.23 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BL | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.23 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.28 (L1) Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'Administrators' (DC only) | CIS Microsoft Windows Server 2022 v3.0.0 L1 Domain Controller | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.29 (L2) Configure 'Log on as a service' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.30 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators' | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.30 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.31 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Microsoft Windows Server 2022 v3.0.0 L1 Member Server | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.38 Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure that role-based access control is enabled and configured appropriately - roles | CIS MongoDB 4 L1 DB v1.0.0 | MongoDB | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure that role-based access control is enabled and configured appropriately - roles | CIS MongoDB 5 L1 DB v1.2.0 | MongoDB | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 6.16 Ensure that a Zone Protection Profile with tuned Flood Protection settings enabled for all flood types is attached to all untrusted zones | CIS Palo Alto Firewall 11 v1.1.0 L2 | Palo_Alto | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 74.2 (L1) Ensure 'Access From Network' is set to 'Administrators, Remote Desktop Users' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 74.12 (L1) Ensure 'Debug Programs' is set to 'Administrators' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| GEN000252 - The time synchronization configuration file (such as /etc/ntp.conf) must have mode 0640 or less permissive. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN001180 - All network services daemon files must have mode 0755 or less permissive - sshd | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN001320 - NIS/NIS+/yp files must be owned by root, sys, or bin - /var/yp/* | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN001360 - The NIS/NIS+/yp command files must have mode 0755 or less permissive - /usr/lib/netsvc/yp/* | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN001360 - The NIS/NIS+/yp command files must have mode 0755 or less permissive - /var/yp/* | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN001400 - The /etc/shadow (or equivalent) file must be owned by root. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN002320 - Audio devices must have mode 0660 or less permissive - /dev/audio* | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN003220 - Cron programs must not set the umask to a value less restrictive than 077. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN003255 - The at.deny file must not have an extended ACL. | DISA STIG Solaris 10 X86 v2r2 | Unix | ACCESS CONTROL |
| GEN003400 - The 'at' directory must have mode 0755 or less permissive - at directory must have mode 0755 or less permissive. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN003410 - The 'at' directory must not have an extended ACL - at directory must not have an extended ACL. | DISA STIG Solaris 10 X86 v2r2 | Unix | ACCESS CONTROL |
| GEN003745 - The inetd.conf file must not have extended ACLs. | DISA STIG Solaris 10 X86 v2r2 | Unix | ACCESS CONTROL |
| GEN003760 - The services file must be owned by root or bin. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN003950 - The hosts.lpd (or equivalent) file must not have an extended ACL. | DISA STIG Solaris 10 X86 v2r2 | Unix | ACCESS CONTROL |
| GEN004480 - The SMTP service log file must be owned by root - /var/adm/messages | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN005375 - The snmpd.conf file must not have an extended ACL. | DISA STIG Solaris 10 X86 v2r2 | Unix | ACCESS CONTROL |
| GEN006290 - The /etc/news/hosts.nntp.nolimit file must not have an extended ACL. | DISA STIG Solaris 10 X86 v2r2 | Unix | ACCESS CONTROL |
| GEN006310 - The /etc/news/nnrp.access file must not have an extended ACL. | DISA STIG Solaris 10 X86 v2r2 | Unix | ACCESS CONTROL |
