| 1.1 (L1) Ensure 'Open 'safe' files after downloading' is 'Disabled' | CIS MacOS Safari v2.0.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.1.14 Ensure 'Restrict ActiveX Install' is set to Enabled - groove.exe | CIS Microsoft Office 2016 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1 Ensure 'Blocked File Types' is configured to match the enterprise blacklist | CIS Microsoft SharePoint 2019 OS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.2 Ensure 'Default geolocation setting' is set to 'Enabled: Do not allow any site to track the users' physical location' | CIS Google Chrome L1 v2.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.16 Ensure 'Enable URL-keyed anonymized data collection' is set to 'Disabled' | CIS Google Chrome L1 v2.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3 Set 'Restrict ActiveX Install' to 'Enabled' - explorer.exe | CIS IE 9 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3 Set 'Restrict ActiveX Install' to 'Enabled'-iexplore.exe | CIS IE 9 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Set 'Consistent Mime Handling' to 'Enabled' - (Reserved) | CIS IE 9 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.7 Set 'Mime Sniffing Safety Feature' to 'Enabled' - iexplore.exe | CIS IE 9 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1.28 Set 'Enable dragging of content from different domains across windows' to 'Enabled:Disable' | CIS IE 10 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1.28 Set 'Enable dragging of content from different domains across windows' to 'Enabled:Disable' | CIS IE 11 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3.35 Set 'Enable dragging of content from different domains within a window' to 'Enabled:Disable' | CIS IE 10 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3.40 Set 'Enable dragging of content from different domains across windows' to 'Enabled:Disable' | CIS IE 10 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.8.1 Ensure 'Disallow Autoplay for non-volume devices' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 v3.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.8.2 Ensure 'Turn off Autoplay' is set to 'Enabled: All drives' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.8.2 Ensure 'Turn off Autoplay' is set to 'Enabled: All drives' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.59.1 Ensure 'Prevent downloading of enclosures' is set to 'Enabled' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.59.1 Ensure 'Prevent downloading of enclosures' is set to 'Enabled' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.59.1 Ensure 'Prevent downloading of enclosures' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 19.7.44.2.1 Ensure 'Prevent Codec Download' is set to 'Enabled' | CIS Windows 7 Workstation Level 2 v3.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow loading of XAML files - Internet Zone | MSCT Windows 10 v2004 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow loading of XAML files - Restricted Sites Zone | MSCT Windows 10 1803 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| BSI-100-2: S 4.57: Disabling automatic CD-ROM recognition | BSI-100-2 Windows 2005 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disallow Autoplay for non-volume devices | MSCT Windows Server 2019 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Disallow Autoplay for non-volume devices | MSCT Windows 10 v20H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Enable dragging of content from different domains across windows - Internet Zone | MSCT Windows 10 v2004 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Enable dragging of content from different domains across windows - Restricted Sites Zone | MSCT Windows Server 2019 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Enable dragging of content from different domains across windows - Restricted Sites Zone | MSCT Windows 10 1803 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Enable dragging of content from different domains within a window - Internet Zone | MSCT Windows 10 1809 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Enable dragging of content from different domains within a window - Internet Zone | MSCT Windows 10 v20H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Enable dragging of content from different domains within a window - Restricted Sites Zone | MSCT Windows Server 2016 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Enable dragging of content from different domains within a window - Restricted Sites Zone | MSCT Windows 10 v20H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - Consistent Mime Handling - explorer.exe | MSCT Windows 10 1809 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - Consistent Mime Handling - iexplore.exe | MSCT Windows 10 1809 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - explorer.exe - Consistent Mime Handling | MSCT Windows 10 1803 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_MIME_HANDLING - (Reserved) | MSCT Windows Server 2016 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_MIME_HANDLING - explorer.exe | MSCT Windows Server 2016 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_MIME_HANDLING - explorer.exe | MSCT Windows 10 1903 v1.19.9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_MIME_HANDLING - explorer.exe | MSCT Windows 10 v2004 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_MIME_HANDLING - iexplore.exe | MSCT Windows Server 2016 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_MIME_HANDLING - iexplore.exe | MSCT Windows 10 v2004 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_MIME_SNIFFING - explorer.exe | MSCT Windows Server 2016 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_MIME_SNIFFING - iexplore.exe | MSCT Windows 10 1903 v1.19.9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_RESTRICT_ACTIVEXINSTALL - (Reserved) | MSCT Windows 10 1903 v1.19.9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_RESTRICT_ACTIVEXINSTALL - (Reserved) | MSCT Windows 10 v2004 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - iexplore.exe - Restrict ActiveX Install | MSCT Windows 10 1803 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - Mime Sniffing Safety Feature - explorer.exe | MSCT Windows Server 2019 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - Mime Sniffing Safety Feature - iexplore.exe | MSCT Windows 10 1809 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - Restrict ActiveX Install - (Reserved) | MSCT Windows 10 1809 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Set the default behavior for AutoRun | MSCT Windows Server 2019 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
