| 1.1.10 Ensure noexec option set on /var/tmp partition | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 1.2.3.2.6 Set 'Enumerate local users on domain-joined computers' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.5.1 Ensure core dumps are restricted -'hard core (limits.conf/limits.d)' | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | ACCESS CONTROL |
| 1.7.1 - Miscellaneous Enhancements - crontab access - 'cron.deny does not exist' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 2.3.4.2 Ensure 'Devices: Prevent users from installing printer drivers' is set to 'Enabled' | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 5.1.8 Ensure at/cron is restricted to authorized users - '/etc/at.allow' | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | ACCESS CONTROL |
| 5.1.8 Ensure at/cron is restricted to authorized users - at.deny does not exist | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 5.1.8 Ensure at/cron is restricted to authorized users - cron.allow | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 5.5 Ensure access to the su command is restricted - pam_wheel.so | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 6.9 Restrict at/cron To Authorized Users - should pass if /etc/cron.d/cron.deny does not exist. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 6.13 Restrict at/cron to Authorized Users - /etc/cron.d/cron.allow perms | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 7.9 Restrict at/cron To Authorized Users, should pass if /etc/at.deny does not exist. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
| 10.3 Restrict manager application | CIS Apache Tomcat 8 L2 v1.1.0 Middleware | Unix | ACCESS CONTROL |
| 18.2.3 Ensure 'Enable Local Admin Password Management' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 18.2.3 Ensure 'Enable Local Admin Password Management' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 18.4.1 Ensure 'MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 18.5.11.3 Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 18.5.11.3 Ensure 'Require domain users to elevate when setting a network's location' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 18.8.22.1.2 Ensure 'Turn off handwriting personalization data sharing' is set to 'Enabled' | CIS Windows 7 Workstation Level 2 v3.2.0 | Windows | ACCESS CONTROL |
| 18.8.22.1.13 Ensure 'Turn off Windows Customer Experience Improvement Program' is set to 'Enabled' | CIS Windows 7 Workstation Level 2 v3.2.0 | Windows | ACCESS CONTROL |
| 18.8.47.11.1 Ensure 'Enable/Disable PerfTrack' is set to 'Disabled' | CIS Windows 7 Workstation Level 2 v3.2.0 | Windows | ACCESS CONTROL |
| 18.9.15.2 Ensure 'Enumerate administrator accounts on elevation' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| Allow user control over installs | MSCT Windows Server v20H2 DC v1.0.0 | Windows | ACCESS CONTROL |
| Always install with elevated privileges | MSCT Windows 10 1909 v1.0.0 | Windows | ACCESS CONTROL |
| Always install with elevated privileges | MSCT Windows Server 1903 MS v1.19.9 | Windows | ACCESS CONTROL |
| Configure Windows Defender SmartScreen - EnableSmartScreen | MSCT Windows 10 1903 v1.19.9 | Windows | ACCESS CONTROL |
| Configure Windows Defender SmartScreen - EnableSmartScreen | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| Disallow WinRM from storing RunAs credentials | MSCT Windows Server v20H2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Do not display network selection UI | MSCT Windows Server 2016 MS v1.0.0 | Windows | ACCESS CONTROL |
| Enable local admin password management | MSCT Windows 10 1909 v1.0.0 | Windows | ACCESS CONTROL |
| Enable local admin password management | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
| Enable local admin password management | MSCT Windows Server 1903 MS v1.19.9 | Windows | ACCESS CONTROL |
| Ensure access to the su command is restricted - pam_wheel.so | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
| Ensure core dumps are restricted - limits.conf | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
| Ensure core dumps are restricted - sysctl | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
| Ensure noexec option set on /dev/shm partition | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
| Ensure noexec option set on /var/tmp partition | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
| Enumerate administrator accounts on elevation | MSCT Windows 10 1909 v1.0.0 | Windows | ACCESS CONTROL |
| Enumerate local users on domain-joined computers | MSCT Windows 10 1903 v1.19.9 | Windows | ACCESS CONTROL |
| Enumerate local users on domain-joined computers | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Do not allow anonymous enumeration of SAM accounts | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Do not allow anonymous enumeration of SAM accounts | MSCT Windows Server 2019 DC v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Do not allow anonymous enumeration of SAM accounts | MSCT Windows Server 1903 MS v1.19.9 | Windows | ACCESS CONTROL |
| Network access: Do not allow anonymous enumeration of SAM accounts and shares | MSCT Windows 10 1909 v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Do not allow anonymous enumeration of SAM accounts and shares | MSCT Windows Server 2019 DC v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Do not allow anonymous enumeration of SAM accounts and shares | MSCT Windows Server v20H2 DC v1.0.0 | Windows | ACCESS CONTROL |
| Network security: Allow LocalSystem NULL session fallback | MSCT Windows 10 1809 v1.0.0 | Windows | ACCESS CONTROL |
| Network security: Allow LocalSystem NULL session fallback | MSCT Windows Server v20H2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Turn on convenience PIN sign-in | MSCT Windows 10 1809 v1.0.0 | Windows | ACCESS CONTROL |
| Turn on PowerShell Script Block Logging - EnableScriptBlockLogging | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
