| 1.1 Ensure packages are obtained from authorized repositories | CIS PostgreSQL 10 OS v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1 Ensure packages are obtained from authorized repositories | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1 Ensure packages are obtained from authorized repositories | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.3.6.3 Set 'startup (minutes)' to '10 or more minute(s)' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2 Ensure Installation of Binary Packages | CIS PostgreSQL 10 OS v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.2 Ensure Installation of Binary Packages | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.2 Ensure Installation of Binary Packages | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.2.4.7.6 Set 'Configure automatic updating' to '3 - Auto download and notify for install' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.4.15 Configure 'Turn off Automatic Download of updates' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.3 Ensure Apache Is Installed From the Appropriate Binaries | CIS Apache HTTP Server 2.4 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.3 Ensure Apache Is Installed From the Appropriate Binaries | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 2.1 Ensure Only Necessary Authentication and Authorization Modules Are Enabled | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 2.1 Ensure Only Necessary Authentication and Authorization Modules Are Enabled - 'auth*' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1 Ensure Only Necessary Authentication and Authorization Modules Are Enabled - 'auth*' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1 Ensure Only Necessary Authentication and Authorization Modules Are Enabled - 'LDAP' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1 Ensure Only Necessary Authentication and Authorization Modules Are Enabled - 'Loaded ldap* modules' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or `From current website only` | AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or `From current website only` | MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster - authenticationMechanisms | CIS MongoDB 5 L2 OS Windows v1.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster - CAFile | CIS MongoDB 5 L2 OS Windows v1.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster - clusterAuthMode | CIS MongoDB 5 L2 OS Windows v1.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster - clusterFile | CIS MongoDB 5 L2 OS Windows v1.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster - PEMKeyFile | CIS MongoDB 6 L2 OS Windows v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.13 Ensure Cloud Asset Inventory Is Enabled | CIS Google Cloud Platform v3.0.0 L1 | GCP | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT |
| 3.2.1.8 Ensure 'Allow USB drive access in Files app' is set to 'Disabled' | MobileIron - CIS Apple iPadOS 17 Institutionally Owned L2 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.8 Ensure 'Allow USB drive access in Files app' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 17 Institutionally Owned L2 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.8 Ensure 'Allow USB drive access in Files app' is set to 'Disabled' | AirWatch - CIS Apple iOS 17 Institution Owned L2 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.8 Ensure 'Allow USB drive access in Files app' is set to 'Disabled' | MobileIron - CIS Apple iOS 17 Institution Owned L2 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.9 Ensure 'Allow network drive access in Files app' is set to 'Disabled' | MobileIron - CIS Apple iOS 17 Institution Owned L2 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.9 Ensure 'Allow network drive access in Files app' is set to 'Disabled' | AirWatch - CIS Apple iOS 17 Institution Owned L2 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.9 Ensure 'Allow network drive access in Files app' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 17 Institutionally Owned L2 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.9 Ensure 'Allow network drive access in Files app' is set to 'Disabled' | MobileIron - CIS Apple iPadOS 17 Institutionally Owned L2 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.19 Ensure 'Allow USB accessories while the device is locked' is set to 'Disabled' | MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.19 Ensure 'Allow USB accessories while the device is locked' is set to 'Disabled' | AirWatch - CIS Apple iOS 17 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.19 Ensure 'Allow USB accessories while the device is locked' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.19 Ensure 'Allow USB accessories while the device is locked' is set to 'Disabled' | MobileIron - CIS Apple iOS 17 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.3 Ensure AWS Config is enabled in all regions | CIS Amazon Web Services Foundations L2 3.0.0 | amazon_aws | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT |
| 5.10 Ensure system is set to hibernate | CIS Apple macOS 10.13 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.10.5 Enable Security Posture | CIS Google Kubernetes Engine (GKE) v1.6.1 L2 | GCP | CONFIGURATION MANAGEMENT |
| 5.11 Ensure system is set to hibernate | CIS Apple macOS 10.12 L2 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.1 Ensure an Azure Bastion Host Exists | CIS Microsoft Azure Foundations v3.0.0 L2 | microsoft_azure | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1 Check for Remote Consoles | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 18.9.24.1 (BL) Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 18.9.24.1 (L1) Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All' | CIS Microsoft Windows Server 2022 v3.0.0 L1 Domain Controller | Windows | CONFIGURATION MANAGEMENT |
| 18.9.24.1 Ensure 'Enumeration policy for external devices incompatible with Kernel DMA Protection' is set to 'Enabled: Block All' | CIS Microsoft Windows Server 2022 STIG v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| CIS Control 2 (2.1(a)) Maintain and Inventory of Authorized Software | CAS Implementation Group 1 Audit File | Unix | CONFIGURATION MANAGEMENT |
| CIS Control 2 (2.1(b)) Maintain and Inventory of Authorized Software | CAS Implementation Group 1 Audit File | Unix | CONFIGURATION MANAGEMENT |
| Rackspace Networks and their attached subnets | Tenable Best Practices RackSpace v2.0.0 | Rackspace | CONFIGURATION MANAGEMENT |
| Rackspace Server Flavors | Tenable Best Practices RackSpace v2.0.0 | Rackspace | CONFIGURATION MANAGEMENT |
| Review the list of Ports and their details | Tenable Best Practices RackSpace v2.0.0 | Rackspace | CONFIGURATION MANAGEMENT |
