| 1.1.9 Disable Automounting | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | MEDIA PROTECTION |
| 1.1.42 (L1) Ensure 'Password Manager' is set to 'Disabled' | CIS Mozilla Firefox ESR GPO v1.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.3.5 Ensure AIDE is configured to use FIPS 140-2 - installed | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.5 (L1) Host integrated hardware management controller must be secure | CIS VMware ESXi 8.0 v1.1.0 L1 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.17.1 (L1) Ensure 'Enable saving passwords to the password manager' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 3.1.1.1 Ensure that Auto provisioning of 'Log Analytics agent for Azure VMs' is Set to 'On' | CIS Microsoft Azure Foundations v3.0.0 L1 | microsoft_azure | RISK ASSESSMENT |
| 3.7.1 (L1) Ensure 'Allow Print Spooler to accept client connections' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.2.22 Ensure only FIPS 140-2 ciphers are used for SSH | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.14 OAS - 'SSL Cipher Suite - Set SSL Cipher Suite. ssl_cipher_suites = SSL_RSA_WITH_3DES_EDE_CBC_SHA' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - fips_enabled | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl version | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3 Set Strong Password Creation Policies - MINALPHA is set to 2 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.7 Ensure Firewall is active - iptables-persistent run level 2 | CIS Debian Linux 7 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8 - Managing TLS and SSL - SSLv3 disabled | NetApp Security Hardening Guide for ONTAP 9 v1.7.0 | Netapp_API | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8 - Managing TLS and SSL - Supported Ciphers | NetApp Security Hardening Guide for ONTAP 9 v1.7.0 | Netapp_API | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8 - Managing TLS and SSL - TLSv1 disabled | NetApp Security Hardening Guide for ONTAP 9 v1.7.0 | Netapp_API | SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS Control 2 (2.1(a)) Maintain and Inventory of Authorized Software | CAS Implementation Group 1 Audit File | Unix | CONFIGURATION MANAGEMENT |
| CIS_AIX_7.1_Benchmark_v2.1.0_Level_2.audit from CIS AIX 7.1 Benchmark v2.1.0 Level 2 Benchmark | CIS IBM AIX 7.1 L2 v2.1.0 | Unix | |
| DG0025-ORACLE11 - DBMS cryptography must be NIST FIPS 140-2 validated. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DTOO245 - Level 2 file extensions must be blocked and not removed. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption type for password protected Office Open XML files | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption type for password protected Office Open XML files | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-06-000017 - The SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| GEN006460 - Any NIS+ server must be operating at security level 2. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006460 - Any NIS+ server must be operating at security level 2. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| password-auth authfail unlock_time | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| review open ports and ip6tables rules | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| rpcbind exist | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| samba services exist | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| sshd maxsessions setting | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| sshd_config | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| system-auth authfail | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| system-auth pam_faillock | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| system-auth preauth | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| system-auth preauth deny | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| VCSA-80-000265 The vCenter server must disable SNMPv1/2 receivers. | DISA VMware vSphere 8.0 vCenter STIG v2r1 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VM : disable-unexposed-features-launchmenu | VMWare vSphere 6.0 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-launchmenu | VMWare vSphere 6.5 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000009 - The unexposed feature keyword isolation.tools.ghi.autologon.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000013 - The unexposed feature keyword isolation.tools.memSchedFakeSampleStats.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000016 - The unexposed feature keyword isolation.tools.dispTopoRequest.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000020 - The unexposed feature keyword isolation.tools.unityInterlockOperation.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000024 - The unexposed feature keyword isolation.tools.unity.windowContents.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-65-000012 - The unexposed feature keyword isolation.tools.ghi.launchmenu.change must be set on the virtual machine. | DISA STIG VMware vSphere Virtual Machine 6.5 v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-65-000013 - The unexposed feature keyword isolation.tools.memSchedFakeSampleStats.disable must be set on the virtual machine. | DISA STIG VMware vSphere Virtual Machine 6.5 v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-65-000018 - The unexposed feature keyword isolation.tools.ghi.trayicon.disable must be set on the virtual machine. | DISA STIG VMware vSphere Virtual Machine 6.5 v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-65-000019 - The unexposed feature keyword isolation.tools.unity.disable must be set on the virtual machine. | DISA STIG VMware vSphere Virtual Machine 6.5 v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-65-000025 - The unexposed feature keyword isolation.tools.vmxDnDVersionGet.disable must be set on the virtual machine. | DISA STIG VMware vSphere Virtual Machine 6.5 v2r2 | VMware | CONFIGURATION MANAGEMENT |
| xinetd.service enabled | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| ypserv.service active | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
