| 1.1.1.1 Ensure mounting of cramfs filesystems is disabled - modprobe | CIS Red Hat EL7 Server L1 v3.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.3 Ensure mounting of jffs2 filesystems is disabled - modprobe | CIS Ubuntu Linux 18.04 LTS Workstation L1 v2.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.9 Ensure 'Developer Options' is set to 'Disabled' | AirWatch - CIS Google Android v1.3.0 L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.1 Ignore Erroneous or Unwanted Queries - RFC 1918 172.16/12; addresses | CIS BIND DNS v1.0.0 L1 Caching Only Name Server | Unix | CONFIGURATION MANAGEMENT |
| 3.1 Ignore Erroneous or Unwanted Queries - RFC 1918 192.168/16; addresses | CIS BIND DNS v1.0.0 L1 Caching Only Name Server | Unix | CONFIGURATION MANAGEMENT |
| 3.1.2 Ensure wireless interfaces are disabled | CIS Red Hat EL7 Server L1 v3.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.4 Restrict Queries of the Cache - Caching Only | CIS BIND DNS v1.0.0 L1 Caching Only Name Server | Unix | CONFIGURATION MANAGEMENT |
| 3.5.3.2.6 Ensure iptables is enabled and running - enabled | CIS Red Hat EL7 Server L1 v3.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.5.3.3.6 Ensure ip6tables is enabled and running - enabled | CIS Red Hat EL7 Server L1 v3.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.16 Configure Mail Transfer Agent for Local-Only Mode - O DaemonPortOptions=Port=smtp, Addr=127.0.0.1, Name=MTA | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.11 Ensure no users have .forward files | CIS Ubuntu Linux 18.04 LTS Workstation L1 v2.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.14 Ensure no users have .rhosts files | CIS Ubuntu Linux 18.04 LTS Workstation L1 v2.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.14 Ensure no users have .rhosts files | CIS Ubuntu Linux 18.04 LTS Server L1 v2.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 18.5.9.1 Ensure 'Turn on Mapper I/O (LLTDIO) driver' is set to 'Disabled' - AllowLLTDIOOndomain | CIS Windows 7 Workstation Level 2 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.5.9.2 Ensure 'Turn on Responder (RSPNDR) driver' is set to 'Disabled' - AllowRspndrOnPublicNet | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.5.20.1 Ensure 'Configuration of wireless settings using Windows Connect Now' is set to 'Disabled' - DisableInBand802DOT11Registrar | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.22.1.9 Ensure 'Turn off Search Companion content file updates' is set to 'Enabled' | CIS Windows 7 Workstation Level 2 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| Android Compliance Policy - Block apps from unknown sources | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Android Device Configuration - Google backup | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Android Work Profile Device Configuration - Add and remove accounts | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Android Work Profile Device Configuration - Contact sharing via Bluetooth | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Android Work Profile Device Configuration - Work profile notifications while device locked | Tenable Best Practices for Microsoft Intune Android v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Big Sur - Enable SSH Server for Remote Access Sessions | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | CONFIGURATION MANAGEMENT |
| Disable Automounting | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows Server 1903 MS v1.19.9 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows 10 1909 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows 10 v2004 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows 10 v1507 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows 10 v21H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Do not allow drive redirection | MSCT Windows Server 1903 DC v1.19.9 | Windows | CONFIGURATION MANAGEMENT |
| Ensure rsh server is not enabled - rexec | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure rsh server is not enabled - rlogin | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure rsh server is not enabled - rsh | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| iOS Device Management - AirDrop | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Block iCloud Document sync | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Camera | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Changes to app cellular data usage settings | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Configuration profile changes | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Device name modification | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Game Center | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Passcode modification | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Safari fraud warnings | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Share usage data | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Simple passwords | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Today view while device locked | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Viewing corporate documents in unmanaged apps | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| iOS Device Management - Wallet notifications while device locked | Tenable Best Practices for Microsoft Intune iOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| macOS Compliance Policy - Block Simple Passwords | Tenable Best Practices for Microsoft Intune macOS v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| WA000-WI035 - The IISADMPWD directory has not been removed from the Web Server. | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| Windows Device Configuration - Removable storage | Tenable Best Practices for Microsoft Intune Windows v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
