| 1.1.3.6.4 Set 'Interactive logon: Do not display last user name' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.1.3.15.1 Set 'System objects: Strengthen default permissions of internal system objects (e'g' Symbolic Links)' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2 Use IP address rather than hostname | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows | Windows | CONFIGURATION MANAGEMENT |
| 1.2.3.1.4 Set 'Turn off the 'Publish to Web' task for files and folders' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.3.3.3 Set 'Require a Password When a Computer Wakes (Plugged In)' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.3.3.4 Set 'Require a Password When a Computer Wakes (On Battery)' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.4.2.9 Set 'Allow Standby States (S1-S3) When Sleeping (On Battery)' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.2.4.18 Configure 'Prevent the computer from joining a homegroup' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.3.1 Ensure that the --terminated-pod-gc-threshold argument is set as appropriate | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.3 Ensure that the config file permissions are set to 644 or more restrictive | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.5 Ensure that the scheduler file permissions are set to 644 or more restrictive | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.6 Ensure that the scheduler file ownership is set to root:root | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.7 Ensure that the etcd pod specification file permissions are set to 644 or more restrictive | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.8 Ensure that the etcd pod specification file ownership is set to root:root | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.8 Ensure that the etcd.conf file ownership is set to root:root | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.10 Ensure that the Container Network Interface file ownership is set to root:root | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.13 Ensure that the admin.conf file permissions are set to 644 or more restrictive | CIS Kubernetes 1.8 Benchmark v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.21 Ensure that the Kubernetes PKI key file permissions are set to 600 | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.6.8 Place compensating controls in the form of PSP and RBAC for privileged containers usage - clusterrolebinding | CIS Kubernetes 1.11 Benchmark v1.3.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 1.7.4 Do not admit containers wishing to share the host network namespace | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.2 Ensure that the kubelet.conf file ownership is set to root:root | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.3 Ensure that the kubelet file permissions are set to 644 or more restrictive | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.3 Ensure that the kubelet service file permissions are set to 644 or more restrictive | CIS Kubernetes 1.8 Benchmark v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.3 Ensure that the kubelet service file permissions are set to 644 or more restrictive | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.4 Ensure that the kubelet service file ownership is set to root:root | CIS Kubernetes 1.8 Benchmark v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.4 Ensure that the kubelet service file ownership is set to root:root | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.5 Ensure that the proxy file permissions are set to 644 or more restrictive | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.5 Ensure that the proxy kubeconfig file permissions are set to 644 or more restrictive | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.3 Set 'Notify antivirus programs when opening attachments' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 3.1.8 Require instance name for discovery requests | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | CONFIGURATION MANAGEMENT |
| 3.3.2 Set a generic system name | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Linux | Unix | CONFIGURATION MANAGEMENT |
| 3.4 Verify that docker-registry.service file permissions are set to 644 or more restrictive | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.9 Verify that docker-network environment file ownership is set to root:root | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.17 Verify that registry certificate file ownership is set to root:root | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.18 Verify that registry certificate file permissions are set to 444 or more restrictive | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.19 Ensure that /etc/default/docker file ownership is set to root:root | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.25 Verify that Docker socket file ownership is set to root:docker - /var/run/docker.sock | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 4.2 Set a default secure level | CIS FreeBSD v1.0.5 | Unix | CONFIGURATION MANAGEMENT |
| 5.3 Enable Automatic Database Maintenance | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | CONFIGURATION MANAGEMENT |
| 5.26 Ensure container health is checked at runtime | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 6.3 Disable 'nobody' Access for RPC Encryption Key Storage Service - Check if 'ENABLE_NOBODY_KEYS' is set to NO. | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Restrict at/cron to authorized users (/etc/crontab permissions) | CIS FreeBSD v1.0.5 | Unix | CONFIGURATION MANAGEMENT |
| 7.5 Ensure Docker's secret management commands are used for managing secrets in a Swarm cluster | CIS Docker Community Edition v1.1.0 L2 Docker | Unix | CONFIGURATION MANAGEMENT |
| 11.2 Remove OS Information from Login Warning Banners - /etc/issue.net | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 13.12 Check That Users Are Assigned Valid Home Directories | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| Outlook Security Mode | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Set document behavior if file validation fails - excel | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Turn off file validation - excel | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Turn off heap termination on corruption | MSCT Windows Server 2019 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Turn off heap termination on corruption | MSCT Windows 10 1803 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
