| 1.1.4.1.2 Ensure 'Bind to object' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.4.1.10 Ensure 'Protection From Zone Elevation' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.1.4.1.11 Ensure 'Restrict ActiveX Install' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.4.1.12 Ensure 'Restrict File Download' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.1.4.1.14 Ensure 'Scripted Window Security Restrictions' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8 (L2) Host integrated hardware management controller must secure authentication | CIS VMware ESXi 8.0 v1.2.0 L2 | VMware | ACCESS CONTROL |
| 1.10 (L2) Host hardware must enable Intel SGX, if available | CIS VMware ESXi 8.0 v1.2.0 L2 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.12 (L2) Host integrated hardware management controller must deactivate internal networking | CIS VMware ESXi 8.0 v1.2.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 2.1.1.4.1.1 Ensure 'Underline hyperlinks' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.4.1.1.1.1 Ensure 'Load Pictures from Web pages not created in Excel' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.4.7.2.2.2 Ensure 'Dif and Sylk files' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.7.2.2.4 Ensure 'Excel 2 worksheets' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.7.2.2.5 Ensure 'Excel 3 macrosheets and add-in files' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.7.2.2.7 Ensure 'Excel 4 macrosheets and add-in files' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.7.2.2.9 Ensure 'Excel 4 worksheets' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.7.2.2.10 Ensure 'Excel 95 workbooks' is set to 'Enabled: Open/Save Blocked, Use Open Policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.7.2.2.12 Ensure 'Excel 97-2003 workbooks and templates' is set to 'Enabled: Open/Save Blocked, Use Open Policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.7.2.2.13 Ensure 'Set default file block behavior' is set to 'Enabled: Blocked files are not opened' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.7.2.3.1 Ensure 'Always open untrusted database files in Protected View' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.4.7.2.6 Ensure 'Block macros from running in Office files from the internet' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.7.2.8 Ensure 'Macro Notification Settings' is set to 'Enabled: Disable VBA macros except digitally signed macros' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4.7.2.11 Ensure 'Require that application add-ins are signed by Trusted Publisher' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.3.18.1 Ensure 'Allow users with earlier versions of Office to read with browsers...' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | ACCESS CONTROL |
| 2.3.18.3 Ensure 'Always require users to connect to verify permission' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.11.8.7.2.1.2 Ensure 'Word 2 and earlier binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.11.8.7.2.1.7 Ensure 'Word 95 binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.11.8.7.2.2.3 Ensure 'Set document behavior if file validation fails' is set to 'Enabled: Open in Protected View' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.11.8.7.2.2.5 Ensure 'Turn off Protected View for attachments opened from Outlook' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.11.8.7.2.7 Ensure 'Require that application add-ins are signed by Trusted Publisher' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.11.8.7.2.10 Ensure 'VBA Macro Notification Settings' is set to 'Enabled: Disable all except digitally signed macros' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.11.8.7.3 Ensure 'Make hidden markup visible' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 3.3 Ensure that MongoDB is run using a non-privileged, dedicated service account | CIS MongoDB 6 v1.2.0 L1 MongoDB | Unix | ACCESS CONTROL |
| 3.4 (L1) Host must deactivate SLP | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 3.5 (L1) Host must deactivate CIM | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 3.6 (L1) Host should deactivate SNMP | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 3.25 (L1) Host must display a login banner for SSH connections | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 4.4 (L1) Host must set the logging informational level to info | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | AUDIT AND ACCOUNTABILITY |
| 4.11 (L1) Host must use strict x509 verification for TLS-enabled remote logging endpoints | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 5.3 (L1) Host must restrict use of the dvFilter network API | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.8 (L1) Host should reject promiscuous mode requests on standard virtual switches and port groups | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.9 (L1) Host must restrict access to a default or native VLAN on standard virtual switches | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.10 (L1) Host must restrict the use of Virtual Guest Tagging (VGT) on standard virtual switches | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.2.1 (L1) Host must isolate storage communications | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.3 Ensure that server-side scripting is disabled if not needed | CIS MongoDB 6 v1.2.0 L2 MongoDB | Unix | CONFIGURATION MANAGEMENT |
| 7.7 (L1) Virtual machines must limit PCI/PCIe device passthrough functionality | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 7.11 (L1) Virtual machines must remove unnecessary AHCI devices | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 7.19 (L1) Virtual machines must deactivate console paste operations | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 8.4 (L2) VMware Tools on deployed virtual machines must prevent being recustomized | CIS VMware ESXi 8.0 v1.2.0 L2 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 8.12 (L1) VMware Tools must limit the use of MSI transforms when reconfiguring VMware Tools | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 8.13 (L1) VMware Tools must enable VMware Tools logging | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | AUDIT AND ACCOUNTABILITY |
