| 1.1.39 Ensure that the --authorization-mode argument includes RBAC | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.3.7 Ensure that the --address argument is set to 127.0.0.1 | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.4.4 Set IP address for 'logging host' | CIS Cisco IOS XR 7.x v1.0.0 L1 | Cisco | AUDIT AND ACCOUNTABILITY, INCIDENT RESPONSE, SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4 Set IP address for 'logging host' | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | AUDIT AND ACCOUNTABILITY, INCIDENT RESPONSE, SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4 Set IP address for 'logging host' | CIS Cisco IOS XE 17.x v2.1.0 L1 | Cisco | AUDIT AND ACCOUNTABILITY, INCIDENT RESPONSE, SYSTEM AND INFORMATION INTEGRITY |
| 2.3 Ensure the WebDAV Modules Are Disabled | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.4 Ensure 'Database Mail XPs' Server Configuration Option is set to '0' | CIS SQL Server 2008 R2 DB Engine L1 v1.7.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 2.4 Ensure 'Database Mail XPs' Server Configuration Option is set to '0' | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 2.7 Ensure 'Remote Admin Connections' Server Configuration Option is set to '0' | CIS SQL Server 2012 Database L1 AWS RDS v1.6.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 2.8 Ensure the Info Module Is Disabled | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.9 Ensure the Basic and Digest Authentication Modules are Disabled - auth_basic_module | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.9 Ensure the Basic and Digest Authentication Modules are Disabled - auth_digest_module | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.11 Ensure SQL Server is configured to use non-standard ports | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 2.11 Ensure SQL Server is configured to use non-standard ports | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 2.11 Ensure Unnecessary SQL Server Protocols are set to 'Disabled' - 'VIA protocol is disabled' | CIS SQL Server 2008 R2 DB OS L1 v1.7.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.12 Ensure 'Hide Instance' option is set to 'Yes' for Production SQL Server instances | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 2.15 Ensure 'xp_cmdshell' Server Configuration Option is set to '0' | CIS SQL Server 2012 Database L1 AWS RDS v1.6.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.1 Ensure DCCP is disabled - lsmod | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.2 Ensure SCTP is disabled - lsmod | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.2 Ensure SCTP is disabled - modprobe | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.3 Ensure RDS is disabled - modprobe | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.5.2 Ensure SCTP is disabled - modprobe | CIS Debian Family Workstation L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.6 Ensure SSH X11 forwarding is disabled | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.21 Ensure SSH AllowTcpForwarding is disabled | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.3 (L1) Ensure 'Computer Browser (Browser)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.3 Ensure a WildFire file blocking profile is enabled for all security policies allowing Internet traffic flows | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 5.7 Ensure HTTP Request Methods Are Restricted - 'No Deny/Allow' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - 'httpd.conf <VirtualHost> RewriteEngine = on' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - Rewrite module not loaded | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 Ensure Old HTTP Protocol Versions Are Disallowed - Rewrite module not loaded | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.12 Ensure IP Address Based Requests Are Disallowed - 'httpd.conf RewriteEngine = on' | CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.12 Ensure IP Address Based Requests Are Disallowed - 'httpd.conf RewriteRule ^.(.*) - [L,F] exists' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.13 Ensure the IP Addresses for Listening for Requests Are Specified - 'httpd.conf Listen 0.0.0.0:80 does not exists' | CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.13 Ensure the IP Addresses for Listening for Requests Are Specified - 'httpd.conf Listen 80 does not exists' | CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.20 (L1) Ensure 'Remote Procedure Call (RPC) Locator (RpcLocator)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.24 (L1) Ensure 'Simple TCP/IP Services (simptcp)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.26 (L1) Ensure 'SSDP Discovery (SSDPSRV)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.27 (L1) Ensure 'Telnet (TlntSvr)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.29 (L1) Ensure 'Web Management Service (WMSvc)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 6.14 Ensure alerting after a threshold of credit card or Social Security numbers is detected is enabled - Data Filtering Profile | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 6.15 Ensure a secure Data Filtering profile is applied to all security policies allowing traffic to or from the Internet | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 7.1 Do Not Define a Static Source Port | CIS BIND DNS v1.0.0 L1 Authoritative Name Server | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 7.1 Do Not Define a Static Source Port | CIS BIND DNS v1.0.0 L1 Caching Only Name Server | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 8.2 Ensure 'SSL Inbound Inspection' is required for all untrusted traffic destined for servers using SSL or TLS | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 9.4 Disable the HTTP Statistics Server | CIS BIND DNS v1.0.0 L1 Authoritative Name Server | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 18.3.3 Ensure 'Configure SMB v1 server' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Show security warning for potentially unsafe files - Internet Zone | MSCT Windows 10 v1507 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Show security warning for potentially unsafe files - Internet Zone | MSCT Windows 10 1903 v1.19.9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Show security warning for potentially unsafe files - Internet Zone | MSCT Windows Server v20H2 DC v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Show security warning for potentially unsafe files - Restricted Sites Zone | MSCT Windows 10 v1507 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
