| 1.2 Set 'Allow Active X One Off Forms' to 'Enabled:Load only Outlook Controls' | CIS MS Office Outlook 2010 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.5.1.8 Ensure SETroubleshoot is not installed | CIS Oracle Linux 8 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.5.1.8 Ensure SETroubleshoot is not installed | CIS Red Hat EL8 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.7.7 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.7 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.8 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.7.8 (L1) Ensure 'Interactive logon: Prompt user to change password before expiration' is set to 'between 5 and 14 days' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.7 Only enable Kerberos-related daemons if absolutely necessary (kadmind5_server_enable) | CIS FreeBSD v1.0.5 | Unix | CONFIGURATION MANAGEMENT |
| 2.7 Only enable Kerberos-related daemons if absolutely necessary (kerberos5_enable) | CIS FreeBSD v1.0.5 | Unix | CONFIGURATION MANAGEMENT |
| 2.7 Only enable Kerberos-related daemons if absolutely necessary (kpasswdd_server_enable) | CIS FreeBSD v1.0.5 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.22 Set archive log failover retry limit | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 3.1.22 Set archive log failover retry limit | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.22 Set archive log failover retry limit | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | CONFIGURATION MANAGEMENT |
| 3.1.22 Set archive log failover retry limit | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (64-bit) | CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - init_module/delete_module (64-bit) | CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - insmod | CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - modprobe | CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - rmmod | CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.18 Ensure kernel module loading and unloading is collected - auditctl init_module | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.18 Ensure kernel module loading and unloading is collected - auditctl rmmod | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.18 Ensure kernel module loading and unloading is collected - modprobe | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.18 Ensure kernel module loading and unloading is collected - rmmod | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.18 Ensure kernel module loading and unloading is collected - rmmod | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.1.1 Ensure Home Folders Are Secure | CIS Apple macOS 12.0 Monterey v4.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.6 Enable OCSP and CRL certificate checking - CRL | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.6 Enable OCSP and CRL certificate checking - OCSP | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.14 Set the 'on-failure' container restart policy to 5 - RestartPolicyName | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1.17 Collect Kernel Module Loading and Unloading - '32bit init_module/delete_module' | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.17 Collect Kernel Module Loading and Unloading - '64bit init_module/delete_module' | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.17 Collect Kernel Module Loading and Unloading- '/sbin/insmod' | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.17 Collect Kernel Module Loading and Unloading- '/sbin/rmmod' | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 89.19 (L1) Ensure 'Increase Scheduling Priority' is set to 'Administrators, Window Manager\Window Manager Group' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| CISC-RT-000320 - The Cisco perimeter router must be configured to filter traffic destined to the enclave in accordance with the guidelines contained in DoD Instruction 8551.1. | DISA STIG Cisco IOS-XR Router RTR v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTAVSEL-013 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Clean as first action when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-015 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Clean as first action when programs and jokes are found. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-016 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Quarantine if first action fails when programs and jokes are found. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Ensure 'logging trap severity ' is greater than or equal to '5' | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
| GEN000000-LNX00360 - The X server must have the correct options enabled - '-audit = 4' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN000800 - The system must prohibit the reuse of passwords within five iterations. | DISA STIG AIX 6.1 v1r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN002753 - The audit system must be configured to audit account termination - 'groupdel' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - 'groupdel' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - 'userdel' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - 'userdel' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN005190 - The .Xauthority files must not have extended ACLs. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| OL08-00-040320 - The graphical display manager must not be installed on OL 8 unless approved. | DISA Oracle Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| VCLD-80-000100 The vCenter VAMI service must implement prevent rendering inside a frame or iframe on another site. | DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCLD-80-000101 The vCenter VAMI service must protect against MIME sniffing. | DISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
