| 1.1.3 - AirWatch - Disallow Simple Passcode | AirWatch - CIS Apple iOS 9 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 1.1.3 - MobileIron - Disallow Simple Passcode | MobileIron - CIS Apple iOS 8 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 1.1.5 - AirWatch - Enable Erase Data | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.5 - MobileIron - Enable Erase Data | MobileIron - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.8 - AirWatch - Forget Wi-Fi networks to prevent automatic rejoin | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.8 - AirWatch - Turn off Ask to Join Networks | AirWatch - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.8 - MobileIron - Forget Wi-Fi networks to prevent automatic rejoin | MobileIron - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.10 - AirWatch - Turn off Auto-Join for all Wi-Fi networks | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.11 - AirWatch - Turn off Wi-Fi when not needed | AirWatch - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.12 - MobileIron - Turn off Wi-Fi when not needed | MobileIron - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.15 - AirWatch - Turn off Personal Hotspot when not needed | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.17 - MobileIron - Turn on Airplane Mode | MobileIron - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.20 - AirWatch - Enable Find My iPhone/iPad | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.22 - AirWatch - Enable SIM Password | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.2.4 - AirWatch - Disable Auto Fill for Names and Passwords | AirWatch - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.2.8 - MobileIron - Turn On Private Browsing When Needed | MobileIron - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.2.9 - AirWatch - Turn On Do Not Track | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.2.9 - AirWatch - Turn On Do Not Track | AirWatch - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 2.1.1.6 Audit Find My Mac | CIS Apple macOS 13.0 Ventura v3.0.0 L2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.2.1.10 Ensure 'Force Apple Watch wrist detection' is set to 'Enabled' | MobileIron - CIS Apple iOS 12 v1.0.0 End User Owned L1 | MDM | |
| 2.2.1.12 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | AirWatch - CIS Apple iOS 17 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.2.1.12 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 End User Owned | MDM | CONFIGURATION MANAGEMENT |
| 2.2.1.12 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | MobileIron - CIS Apple iOS 17 v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.2.1.12 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.2.1.12 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | CONFIGURATION MANAGEMENT |
| 2.2.3 - AirWatch - Require alphanumeric value | AirWatch - CIS Apple iOS 9 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.3.2 - AirWatch - Require Use Only in Mail for Sensitive Mail Accounts | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 2.3.2 - MobileIron - Require Use Only in Mail for Sensitive Mail Accounts - EMAIL Configurations | MobileIron - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 2.14.1 Audit Game Center Settings | CIS Apple macOS 15.0 Sequoia v1.0.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.2 - AirWatch - Enable 'Require alphanumeric value' | AirWatch - CIS Apple iOS 9 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 3.1.2 - MobileIron - Enable 'Require alphanumeric value' | MobileIron - CIS Apple iOS 8 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 3.1.2 - MobileIron - Enable 'Require alphanumeric value' | MobileIron - CIS Apple iOS 9 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 3.1.4 - MobileIron - Set the 'minimum number of character sets' | MobileIron - CIS Apple iOS 8 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 3.2.1.25 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2.1.25 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.2.1.25 Ensure 'Allow sending diagnostic and usage data to Apple' is set to 'Disabled' | AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.5 Ensure the latest iOS device architecture is used by high-value targets | MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L2 | MDM | SYSTEM AND INFORMATION INTEGRITY |
| 5.1.7 Ensure No World Writable Folders Exist in the Library Folder | CIS Apple macOS 15.0 Sequoia v1.0.0 L2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4 Ensure Complex Password Must Contain Numeric Character Is Configured | CIS Apple macOS 15.0 Sequoia v1.0.0 L2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.6 Ensure Complex Password Must Contain Uppercase and Lowercase Characters Is Configured | CIS Apple macOS 15.0 Sequoia v1.0.0 L2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.8 Ensure a Login Window Banner Exists | CIS Apple macOS 15.0 Sequoia v1.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| AIOS-12-011200 - Apple iOS must implement the management setting: Disable Allow MailDrop. | MobileIron - DISA Apple iOS 12 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-15-011800 - Apple iOS/iPadOS 15 must implement the management setting: force Apple Watch wrist detection. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-011800 - Apple iOS/iPadOS 16 must implement the management setting: Force Apple Watch wrist detection. | MobileIron - DISA Apple iOS/iPadOS 16 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-011800 - Apple iOS/iPadOS 18 must implement the management setting: force Apple Watch wrist detection. | MobileIron - DISA Apple iOS/iPadOS 18 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| Big Sur - Disable Sending Diagnostic and Usage Data to Apple | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Disable Sending Diagnostic and Usage Data to Apple | NIST macOS Catalina v1.5.0 - 800-171 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Disable Sending Diagnostic and Usage Data to Apple | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| CISC-RT-000680 - The Cisco PE switch providing Virtual Private LAN Services (VPLS) must be configured to have all attachment circuits defined to the virtual forwarding instance (VFI) with the globally unique VPN ID assigned for each customer VLAN. | DISA STIG Cisco IOS XE Switch RTR v3r1 | Cisco | CONFIGURATION MANAGEMENT |
| Monterey - Disable Sending Diagnostic and Usage Data to Apple | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
