| 1.1.4 Ensure that the --insecure-bind-address argument is not set | CIS Kubernetes 1.8 Benchmark v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.2 Do Not Install a Multi-Use System - chkconfig | CIS BIND DNS v3.0.1 Authoritative Name Server | Unix | CONFIGURATION MANAGEMENT |
| 1.2 Do Not Install a Multi-Use System - systemctl | CIS BIND DNS v3.0.1 Caching Only Name Server | Unix | CONFIGURATION MANAGEMENT |
| 1.2.4.1.1 Set 'Turn off Autoplay on' to 'Enabled:All drives' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.3.7 Ensure that the --address argument is set to 127.0.0.1 | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.7.1.6 Ensure no unconfined services exist | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.21 Ensure 'Wi-Fi assistant' is set to 'Disabled' | MobileIron - CIS Google Android v1.6.0 L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.1.5 Ensure that the --read-only-port argument is set to 0 | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.5 Ensure that the --read-only-port argument is set to 0 | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.2 (L1) Ensure 'Access this computer from the network' is set to 'Administrators, Authenticated Users, ENTERPRISE DOMAIN CONTROLLERS' (DC only) | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.3 Ensure Avahi Server is not installed - avahi | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.6 Ensure LDAP server is not installed | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.7 Ensure nfs-utils is not installed or the nfs-server service is masked | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.8 Ensure rpcbind is not installed or the rpcbind services are masked | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.11 Ensure HTTP server is not installed | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.14 Ensure HTTP Proxy Server is not installed | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.14 Ensure HTTP Proxy Server is not installed | CIS Fedora 19 Family Linux Workstation L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4 Ensure 'Device Information' is set to 'Disabled' | AirWatch - CIS Google Android v1.6.0 L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.4 Ensure 'Device Information' is set to 'Disabled' | MobileIron - CIS Google Android v1.6.0 L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.6 Ensure 'YouTube Search History' is set to 'Disabled' | AirWatch - CIS Google Android v1.6.0 L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.1.4 Ensure that the --insecure-bind-address argument is not set | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.4 Ensure that the --insecure-bind-address argument is not set | CIS Kubernetes 1.8 Benchmark v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 4.11.42.1 (L1) Ensure 'Turn off the offer to update to the latest version of Windows' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.6 Ensure 'IIS Admin Service (IISADMIN)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.7 Ensure 'Internet Connection Sharing (ICS) (SharedAccess)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.20 Ensure 'Remote Procedure Call (RPC) Locator (RpcLocator)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.27 Ensure 'Telnet (TlntSvr)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.29 Ensure Docker's default bridge docker0 is not used | CIS Docker Community Edition v1.1.0 L2 Docker | Unix | CONFIGURATION MANAGEMENT |
| 5.34 Ensure 'WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc)' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| 6.1 Ensure that the SQL Server component to SharePoint is set to listen on non-default ports, with the defaults (UDP 1434 and TCP 1433) disabled | CIS Microsoft SharePoint 2019 DB v1.0.0 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| 8.5 Remove default databases | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Linux | Unix | CONFIGURATION MANAGEMENT |
| 8.5 Remove default databases | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Windows | Windows | CONFIGURATION MANAGEMENT |
| 9.4 Remove Default Databases | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | CONFIGURATION MANAGEMENT |
| 9.4 Remove Default Databases | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | CONFIGURATION MANAGEMENT |
| 18.3.8 (L1) Ensure 'NetBT NodeType configuration' is set to 'Enabled: P-node (recommended)' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 18.4.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3' | CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 18.5.9.1 (L2) Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' | CIS Microsoft Windows Server 2008 Member Server Level 2 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 18.5.9.2 (L2) Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled' | CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 18.5.11 (L2) Ensure 'MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted' is set to 'Enabled: 3' | CIS Windows Server 2012 R2 MS L2 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.1.1 (L1) Ensure 'Turn off notifications network usage' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.48.1 (L2) Ensure 'Turn off the advertising ID' is set to 'Enabled' | CIS Windows Server 2012 R2 MS L2 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.59.3.2.1 (L2) Ensure 'Allow users to connect remotely by using Remote Desktop Services' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.59.3.2.1 Ensure 'Allow users to connect remotely by using Remote Desktop Services' is set to 'Disabled' | CIS Windows 7 Workstation Level 2 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.59.3.3.1 Ensure 'Do not allow COM port redirection' is set to 'Enabled' | CIS Windows 7 Workstation Level 2 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.59.3.3.3 Ensure 'Do not allow LPT port redirection' is set to 'Enabled' | CIS Windows 7 Workstation Level 2 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.1 (L1) Ensure 'Allow Diagnostic Data' is set to 'Enabled: Diagnostic data off (not recommended)' or 'Enabled: Send required diagnostic data' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 68.5 (L2) Ensure 'Upload User Activities' is set to 'Disabled' | CIS Microsoft Intune for Windows 10 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 80.3 (L1) Ensure 'Allow Telemetry' is set to 'Basic' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 80.4 (L2) Ensure 'Disable Enterprise Auth Proxy' is set to 'Enable' | CIS Microsoft Intune for Windows 10 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 80.4 (L2) Ensure 'Disable Enterprise Auth Proxy' is set to 'Enable' | CIS Microsoft Intune for Windows 11 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
