| 2.4.1 Ensure 'POP3' Windows services are 'Disabled' | CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.5 Allowlist Authorized Scripts and Report Violations | CIS IBM AIX 7.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.5.10.8.1.2.3 Ensure 'Prevent publishing to Office.com' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.6.5.2 Ensure 'Disable Slide Update' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 2.8.4.1.1 Ensure 'Block macros from running in Office files from the internet' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.11.8.7.2.6 Ensure 'Dynamic Data Exchange' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 3.1.7 Disable Instance Discoverability (DISCOVER_INST) | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.7 Disable Instance Discoverability (DISCOVER_INST) | CIS IBM DB2 11 v1.1.0 Windows OS Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 3.2 Ensure the Apache User Account Has an Invalid Shell | CIS Apache HTTP Server 2.4 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 3.2 Ensure the Apache User Account Has an Invalid Shell | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 3.10.25.6 (L1) Ensure 'Turn off picture password sign-in' is set to 'Enabled' | CIS Microsoft Intune for Windows 10 v3.0.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| 4.1.4 Disable Database Discovery (DISCOVER_DB) | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | CONFIGURATION MANAGEMENT |
| 4.3 Ensure 'Allow invocation of file selection dialogs' is set to 'Disabled' | CIS Google Chrome L2 v3.0.0 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled | CIS Apple macOS 12.0 Monterey v3.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled | CIS Apple macOS 13.0 Ventura v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.1.2 Ensure System Integrity Protection Status (SIP) Is Enabled | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.3.3 Ensure that Content Security Policy (CSP) is enabled and configured properly | CIS NGINX Benchmark v2.1.0 L2 Webserver | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.15 Ensure the IP Addresses for Listening for Requests Are Specified - 'httpd.conf Listen [::ffff:0.0.0.0]:80 does not exists' | CIS Apache HTTP Server 2.4 L2 v2.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 6.3 Ensure that server-side scripting is disabled if not needed | CIS MongoDB 3.6 L2 Windows Audit v1.1.0 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 6.3.1 Ensure 'external scripts enabled' database flag for Cloud SQL SQL Server instance is set to 'off' | CIS Google Cloud Platform v3.0.0 L1 | GCP | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 7.6 Ensure directory in logging.properties is a secure location - check application log directory is secure | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 7.6 Ensure directory in logging.properties is a secure location - check log directory location | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 7.6 Ensure directory in logging.properties is a secure location - check log directory location | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 8.3 Ensure All Default Apache Content Is Removed - 'httpd.conf Include conf/extra/httpd-autoindex.conf does not exists' | CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 8.4 Ensure ETag Response Header Fields Do Not Include Inodes | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.4 Ensure ETag Response Header Fields Do Not Include Inodes | CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 10.12 Do not allow symbolic linking | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 10.14 Do not allow cross context requests | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 10.14 Do not allow cross context requests | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 10.14 Do not allow cross context requests | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.31.1 (L1) Ensure 'Allow Clipboard synchronization across devices' is set to 'Disabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.28.3 (L1) Ensure 'Turn off heap termination on corruption' is set to 'Disabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.56.3.3.1 (L1) Ensure 'Allow UI Automation redirection' is set to 'Disabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.58.7 (L1) Ensure 'Allow search highlights' is set to 'Disabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| Monterey - Disable Bonjour Multicast | NIST macOS Monterey v1.0.0 - All Profiles | Unix | CONFIGURATION MANAGEMENT |
| Monterey - Disable Bonjour Multicast | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | CONFIGURATION MANAGEMENT |
| Monterey - Disable Bonjour Multicast | NIST macOS Monterey v1.0.0 - 800-171 | Unix | CONFIGURATION MANAGEMENT |
| Monterey - Disable Bonjour Multicast | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | CONFIGURATION MANAGEMENT |
| Monterey - Disable Bonjour Multicast | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | CONFIGURATION MANAGEMENT |
| Monterey - Disable Bonjour Multicast | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | CONFIGURATION MANAGEMENT |
| Monterey - Disable FaceTime.app | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable FaceTime.app | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable FaceTime.app | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable FaceTime.app | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Messages App | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Messages App | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Siri Setup during Setup Assistant | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Siri Setup during Setup Assistant | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Siri Setup during Setup Assistant | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Siri Setup during Setup Assistant | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
