| 5.3 (L1) Ensure 'Computer Browser (Browser)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.4 (L2) Ensure 'Downloaded Maps Manager (MapsBroker)' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 5.12 (L1) Ensure 'OpenSSH SSH Server (sshd)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BL | Windows | CONFIGURATION MANAGEMENT |
| 5.13 (L2) Ensure 'Peer Name Resolution Protocol (PNRPsvc)' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 5.13 (L2) Ensure 'Peer Name Resolution Protocol (PNRPsvc)' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 5.14 (L2) Ensure 'Peer Networking Grouping (p2psvc)' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 5.16 (L2) Ensure 'PNRP Machine Name Publication Service (PNRPAutoReg)' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 5.19 (L2) Ensure 'Remote Access Auto Connection Manager (RasAuto)' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 5.20 (L2) Ensure 'Remote Desktop Configuration (SessionEnv)' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 5.24 (L2) Ensure 'Remote Registry (RemoteRegistry)' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 5.26 (L2) Ensure 'Server (LanmanServer)' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 5.27 (L1) Ensure 'Simple TCP/IP Services (simptcp)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.30 (L1) Ensure 'SSDP Discovery (SSDPSRV)' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.33 (L2) Ensure 'Windows Error Reporting Service (WerSvc)' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 5.34 (L2) Ensure 'Windows Event Collector (Wecsvc)' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 5.35 (L1) Ensure 'Windows Media Player Network Sharing Service (WMPNetworkSvc)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.37 (L2) Ensure 'Windows Push Notifications System Service (WpnService)' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 5.39 (L2) Ensure 'Windows Remote Management (WS-Management) (WinRM)' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 5.39 (L2) Ensure 'Windows Remote Management (WS-Management) (WinRM)' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.5.8 (L2) Ensure 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.6.4.3 (L1) Ensure 'Turn off multicast name resolution' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.6.23.2.1 (L1) Ensure 'Allow Windows to automatically connect to suggested open hotspots, to networks shared by contacts, and to hotspots offering paid services' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.4 (L2) Ensure 'Turn off handwriting recognition error reporting' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.4 (L2) Ensure 'Turn off handwriting recognition error reporting' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.5 (L2) Ensure 'Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.6 (L1) Ensure 'Turn off Internet download for Web publishing and online ordering wizards' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BL | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.7 (L2) Ensure 'Turn off printing over HTTP' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.7 (L2) Ensure 'Turn off printing over HTTP' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.8 (L2) Ensure 'Turn off Registration if URL connection is referring to Microsoft.com' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.9 (L2) Ensure 'Turn off Search Companion content file updates' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.11 (L2) Ensure 'Turn off the 'Publish to Web' task for files and folders' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.12 (L2) Ensure 'Turn off the Windows Messenger Customer Experience Improvement Program' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.28.5 (L1) Ensure 'Turn off app notifications on the lock screen' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BL | Windows | CONFIGURATION MANAGEMENT |
| 18.9.35.2 (L1) Ensure 'Configure Solicited Remote Assistance' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BL | Windows | CONFIGURATION MANAGEMENT |
| 18.9.47.5.1 (L2) Ensure 'Microsoft Support Diagnostic Tool: Turn on MSDT interactive communication with support provider' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.47.11.1 (L2) Ensure 'Enable/Disable PerfTrack' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.49.1 (L2) Ensure 'Turn off the advertising ID' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.28.5 (L1) Ensure 'Turn off shell protocol protected mode' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.28.5 (L1) Ensure 'Turn off shell protocol protected mode' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.2 (L1) Ensure 'Allow camera and microphone access in Microsoft Defender Application Guard' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.5 (L1) Ensure 'Configure Microsoft Defender Application Guard clipboard settings: Clipboard behavior setting' is set to 'Enabled: Enable clipboard operation from an isolated session to the host' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.56.2.2 (L2) Ensure 'Disable Cloud Clipboard integration for server-to-client data transfer' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.56.3.2.1 (L2) Ensure 'Allow users to connect remotely by using Remote Desktop Services' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.56.3.3.2 (L2) Ensure 'Do not allow COM port redirection' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.56.3.3.3 (L1) Ensure 'Do not allow drive redirection' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.56.3.3.3 (L1) Ensure 'Do not allow drive redirection' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.56.3.3.7 (L2) Ensure 'Do not allow WebAuthn redirection' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 19.6.6.1.1 (L2) Ensure 'Turn off Help Experience Improvement Program' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 19.7.8.4 (L2) Ensure 'Turn off all Windows spotlight features' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
