| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 7 v1.2.0 L1 Unix | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.3.9.5 (L1) Ensure 'Microsoft network server: Server SPN target name validation level' is set to 'Accept if provided by client' or higher (MS only) | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.27.4 Ensure 'ActiveX Control Initialization' is set to 'Enabled: 6' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.27.15 Ensure 'Load Controls in Forms3' is set to 'Enabled: 4' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.27.18 Ensure 'Protect document metadata for rights managed Office Open XML Files' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.31.2 Ensure 'Suppress external signature services menu item' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.1.2.1 Ensure 'Authentication with Exchange server' is set to 'Enabled: Kerberos Password Authentication' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND SERVICES ACQUISITION |
| 2.5.1.6.1 Ensure 'Download full text of articles as HTML attachments' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.1.6.2 Ensure 'Synchronize Outlook RSS Feeds with Common Feed List' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.9.2.1 Ensure 'PST Null Data on Delete' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | MEDIA PROTECTION |
| 2.5.10.8.1.2.4 Ensure 'Restrict level of calendar details users can publish' is set to 'Enabled: Disables Full details and Limited details' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.10.8.4.1 Ensure 'Add e-mail recipients to users' Safe Senders Lists' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.10.8.4.2 Ensure 'Hide Junk Mail UI' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.10.8.4.4 Ensure 'Trust e-mail from contacts' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.11.1 Ensure 'Turn off Outlook Social Connector' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.1.3 Ensure 'Display pictures and external content in HTML e-mail' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.2.1.2 Ensure 'Missing CRLs' is set to 'Enabled: Error' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.5.14.2.2 Ensure 'Do not display 'Publish to GAL' button' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.14.2.3 Ensure 'Do not provide Continue option on Encryption warning dialog boxes' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.3.1.2 Ensure 'Display Level 1 attachments' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.14.3.1.4 Ensure 'Do not prompt about Level 1 attachments when sending an item' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.14.3.2.2 Ensure 'Set Outlook object model custom actions execution prompt' is set to 'Enabled: Automatically Deny' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.3.3.2 Ensure 'Configure Outlook object model prompt when accessing an address book' is set to 'Enabled: Automatically Deny' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.3.3.4 Ensure 'Configure Outlook object model prompt when executing Save As' is set to 'Enabled: Automatically Deny' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.3.3.5 Ensure 'Configure Outlook object model prompt when reading address information' is set to 'Enabled: Automatically Deny' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.3.3.7 Ensure 'Configure Outlook object model prompt when sending mail' is set to 'Enabled: Automatically Deny' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.14.5 Ensure 'Allow Active X One Off Forms' is set to 'Enabled: Load only Outlook Controls' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.6.6.2.2.1 Ensure 'Do not open files from the Internet zone in Protected View' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.6.6.2.2.5 Ensure 'Turn off Protected View for attachments opened from Outlook' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.6.6.2.5 Ensure 'Disable Trust Bar Notification for unsigned application add-ins and block them' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.6.6.6.2.7 Ensure 'Trust Access to Visual Basic Project' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.6.6.6.4 Ensure 'Run Programs' is set to 'Enabled: disable (don't run any programs)' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.6.6.6.7 Ensure 'Unblock automatic download of linked images' is set to 'Disabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8.4.1.4 Ensure 'VBA Macro Notification Settings' is set to 'Enabled: Disable all except digitally signed macros' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.8.4.2 Ensure 'Publisher Automation Security Level' is set to 'Enabled: By UI (prompted)' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2 Ensure that role-based access control is enabled and configured appropriately | CIS MongoDB 7 v1.2.0 L1 MongoDB | MongoDB | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 7 v1.2.0 L2 Unix | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.4 Ensure that new entries are appended to the end of the log file | CIS MongoDB 7 v1.2.0 L2 Unix | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2 Ensure that operating system resource limits are set for MongoDB | CIS MongoDB 7 v1.2.0 L2 Unix | Unix | CONFIGURATION MANAGEMENT |
| 7.2 Ensure appropriate database file permissions are set. | CIS MongoDB 7 v1.2.0 L1 Unix | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 18.8.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.7.1.2 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A' | CIS Microsoft Windows 10 Enterprise v4.0.0 BL | Windows | MEDIA PROTECTION |
| CIS Control 13 (13.6) Encrypt Mobile Device Data | CAS Implementation Group 1 Audit File | Unix | ACCESS CONTROL |
| CIS_Apache_Tomcat_9_L2_v1.2.0.audit from CIS Apache Tomcat 9 Benchmark | CIS Apache Tomcat 9 L2 v1.2.0 | Unix | |
| CIS_Cisco_IOS_15_v4.1.1_Level_1.audit from CIS Cisco IOS 15 Benchmark | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | |
| CIS_Debian_Linux_9_Workstation_v1.0.1_L1.audit from CIS Debian Linux 9 Benchmark | CIS Debian 9 Workstation L2 v1.0.1 | Unix | |
| CIS_IBM_DB2_9_Benchmark_v3.0.1_Level_1_OS_Linux.audit from CIS IBM DB2 9 Benchmark v3.0.1 | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Linux | Unix | |
| CIS_IBM_DB2_11_v1.1.0_Level_1_OS_Windows.audit from CIS IBM DB2 11 v1.1.0 Benchmark | CIS IBM DB2 11 v1.1.0 Windows OS Level 1 | Windows | |
| CIS_Microsoft_Edge_v3.0.0_L2.audit from CIS Microsoft Edge Benchmark v3.0.0 | CIS Microsoft Edge v3.0.0 L2 | Windows | |
| CIS_VMware_ESXi_6.7_v1.3.0_L2_Bare_Metal.audit from CIS VMware ESXi 6.7 Benchmark v1.3.0 | CIS VMware ESXi 6.7 v1.3.0 Level 2 Bare Metal | Unix | |
