| 1.1.2.1.1 Ensure /tmp is a separate partition | CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.3 (L1) Host hardware must enable Intel TXT, if available | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.4 (L1) Host hardware must enable and configure a TPM 2.0 | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.5.5 Ensure Automatic Error Reporting is not enabled | CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.6 (L1) Host integrated hardware management controller must enable time synchronization | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 2.1.19 Ensure xinetd services are not in use | CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.2.5 Ensure LDAP server is not installed | CIS Debian 10 Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.6 Ensure NFS is not installed | CIS Debian 10 Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4 Ensure nonessential services are removed or masked | CIS Debian 10 Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.3.3 Ensure bogus icmp responses are ignored | CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.3.3 Ensure secure ICMP redirects are not accepted | CIS Debian 10 Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.3.7 Ensure reverse path filtering is enabled | CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.3.10 Ensure tcp syn cookies is enabled | CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 4.2.12 Ensure SSH X11 forwarding is disabled | CIS Debian 10 Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.2 (L1) Ensure the ESXi shell is disabled | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 5.5 (L2) Host should deactivate virtual hardware management network interfaces | CIS VMware ESXi 8.0 v1.2.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 5.7 (L1) Ensure 'IIS Admin Service (IISADMIN)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 5.11 (L1) Ensure 'LxssManager (LxssManager)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 5.14 (L1) Ensure 'OpenSSH SSH Server (sshd)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.31 (L1) Ensure 'Special Administration Console Helper (sacsvr)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 5.33 (L1) Ensure 'UPnP Device Host (upnphost)' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 5.45 (L1) Ensure 'Xbox Live Auth Manager (XblAuthManager)' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.47 (L1) Ensure 'Xbox Live Networking Service (XboxNetApiSvc)' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 6.1.1 (L1) Host CIM services, if enabled, must limit access | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 6.5.4 (L1) Host SSH daemon, if enabled, must not allow host-based authentication | CIS VMware ESXi 8.0 v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 6.5.5 (L1) Host SSH daemon, if enabled, must set a timeout count on idle sessions | CIS VMware ESXi 8.0 v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 6.5.7 (L1) Host SSH daemon, if enabled, must display the system login banner before granting access | CIS VMware ESXi 8.0 v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 6.5.11 (L1) Host SSH daemon, if enabled, must not permit tunnels | CIS VMware ESXi 8.0 v1.2.0 L1 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 7.10 (L1) Virtual machines must remove unnecessary audio devices | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 7.14 (L1) Virtual machines must remove unnecessary parallel port devices | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 8.2.3 (L1) Ensure unnecessary parallel ports are disconnected | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 8.2.6 (L1) Ensure unauthorized modification and disconnection of devices is disabled | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 8.2.7 (L1) Ensure unauthorized connection of devices is disabled | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.7 (L2) Ensure Unity Window Contents is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.8 (L2) Ensure Unity Push Update is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.12 (L2) Ensure Request Disk Topology is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.18 (L2) Ensure Host Guest File System Server is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.22 (L1) Ensure VM Console Drag and Drop operations is disabled | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.23 (L1) Ensure VM Console GUI Options is disabled | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 8.5.2 (L2) Ensure hardware-based 3D acceleration is disabled and mks.enable3d is set to "False" | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.15 (L2) VMware Tools must deactivate Guest Operations unless required | CIS VMware ESXi 8.0 v1.2.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 18.6.23.2.1 (L1) Ensure 'Allow Windows to automatically connect to suggested open hotspots, to networks shared by contacts, and to hotspots offering paid services' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.13.3 (L1) Ensure 'Turn off Microsoft consumer experiences' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.13.3 (L1) Ensure 'Turn off Microsoft consumer experiences' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.18.4 (L1) Ensure 'Enable App Installer Local Archive Malware Scan Override' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.29.5 (L1) Ensure 'Turn off shell protocol protected mode' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.51.1 (L1) Ensure 'Prevent the usage of OneDrive for file storage' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.57.3.3.3 (L1) Ensure 'Do not allow drive redirection' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.59.5 (L1) Ensure 'Allow indexing of encrypted files' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.78.1 (L1) Ensure 'Enables or disables Windows Game Recording and Broadcasting' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
