| 2.1.1.4.1.1 (L1) Ensure 'Underline hyperlinks' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.4.7.2.3.5 (L1) Ensure 'Set document behavior if file validation fails' is set to 'Unchecked: Do not allow edit' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.5 Review Undocumented (Underscore) Parameters Not Set To 'DEFAULT' Values | CIS Oracle Database 23ai v1.0.0 L1 RDBMS | OracleDB | CONFIGURATION MANAGEMENT |
| 2.3.10.12 (L1) Ensure 'Network access: Sharing and security model for local accounts' is set to 'Classic - local users authenticate as themselves' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| 2.3.15.1 (L1) Ensure 'System objects: Require case insensitivity for non-Windows subsystems' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 2.3.15.1 (L1) Ensure 'System objects: Require case insensitivity for non-Windows subsystems' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| 2.3.19.3 (L1) Ensure 'Always require users to connect to verify permission' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.39.2 (L1) Ensure 'Automatically receive small updates to improve reliability' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5 Set Update Wait Time Prompt | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.10.8.1.2.4 (L1) Ensure 'Restrict level of calendar details users can publish' is set to 'Enabled: Disables Full details and Limited details' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.14.3.4 (L1) Ensure 'Outlook Security Mode' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.6.6.6.2.3.2 (L2) Ensure 'Disable all trusted locations' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 2.11.8.3.1 (L1) Ensure 'Hidden text' is set to 'Enabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.11.8.7.2.3.1 (L1) Ensure 'Allow Trusted Locations on the network' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 3.4 Enable Warning For 'Phishy' URLs | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 4.1.1 Ensure cron daemon is enabled and active | CIS Debian 10 Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.7.3 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 4.11.5.1 (L1) Ensure 'Do not preserve zone information in file attachments (User)' is set to 'Disabled' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 6.2 Do Not Accept Third Party Cookies | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.2.1 (L1) Ensure all forms of mail forwarding are blocked and/or disabled | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 6.2.3 (L1) Ensure email from external senders is identified | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 6.3 Tracking Protection - privacy.trackingprotection.enabled | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.5.2 (L1) Ensure MailTips are enabled for end users | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 7.3.2 (L2) Ensure OneDrive sync is restricted for unmanaged devices | CIS Microsoft 365 Foundations v5.0.0 L2 E5 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 8.1.2 (L1) Ensure users can't send emails to a channel email address | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 18.1.1.1 (L1) Ensure 'Prevent enabling lock screen camera' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.1.1.2 (L1) Ensure 'Prevent enabling lock screen slide show' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.1.1.2 (L1) Ensure 'Prevent enabling lock screen slide show' is set to 'Enabled' | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.7.3 (L1) Ensure 'Configure RPC connection settings: Protocol to use for outgoing RPC connections' is set to 'Enabled: RPC over TCP' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.7.3 (L1) Ensure 'Configure RPC connection settings: Protocol to use for outgoing RPC connections' is set to 'Enabled: RPC over TCP' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| 18.7.4 (L1) Ensure 'Configure RPC connection settings: Use authentication for outgoing RPC connections' is set to 'Enabled: Default' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.7.8 (L1) Ensure 'Configure RPC packet level privacy setting for incoming connections' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.7.8 (L1) Ensure 'Configure RPC packet level privacy setting for incoming connections' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.7.8 (L1) Ensure 'Configure RPC packet level privacy setting for incoming connections' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| 18.7.13 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.7.13 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| 18.8.2 (L2) Ensure 'Remove Personalized Website Recommendations from the Recommended section in the Start Menu' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.2 (L2) Ensure 'Remove Personalized Website Recommendations from the Recommended section in the Start Menu' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| 18.9.27.1 (L2) Ensure 'Disallow copying of user input methods to the system account for sign-in' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.10.9.1.1 (L1) Ensure 'Configure enhanced anti-spoofing' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.10.9.1.1 (L1) Ensure 'Configure enhanced anti-spoofing' is set to 'Enabled' | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| 19.7.5.1 (L1) Ensure 'Do not preserve zone information in file attachments' is set to 'Disabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 19.7.5.1 (L1) Ensure 'Do not preserve zone information in file attachments' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 19.7.5.1 (L1) Ensure 'Do not preserve zone information in file attachments' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| Allow unconfigured sites to be reloaded in Internet Explorer mode | MSCT Edge v137 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Edge Website Typo Protection | MSCT Edge v133 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Configure Edge Website Typo Protection | MSCT Edge v135 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Enable browser legacy extension point blocking | MSCT Edge v137 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Enable site isolation for every site | MSCT Edge v136 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
