| 1.1.38 (L1) Ensure 'Minimum SSL version enabled' is set to 'Enabled: TLS 1.2' | CIS Mozilla Firefox ESR GPO v1.0.0 L1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2 Set 'Allow Active X One Off Forms' to 'Enabled:Load only Outlook Controls' | CIS MS Office Outlook 2010 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.7 Ensure logging data is monitored | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | AUDIT AND ACCOUNTABILITY |
| 2.0 Install & Config - 'Disable FilerView HTTP' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable SNMPv1' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable SNMPv3' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable SSHv1' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable SSLv2' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.0 Install & Config - 'Disable Telnet' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable TFTP' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Enable FilerView HTTPS' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.0 Install & Config - 'Enable SSHv2' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 3.10.9.1.3 (BL) Ensure 'Prevent installation of devices that match any of these device IDs: Prevent installation of devices that match any of these device IDs' is set to 'PCI\CC_0C0A' | CIS Microsoft Intune for Windows 10 v3.0.1 BitLocker (BL) | Windows | MEDIA PROTECTION |
| 4.5 Set Security TLS Version Minimum | CIS Mozilla Firefox 102 ESR Linux L1 v1.0.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Set Security TLS Version Minimum | CIS Mozilla Firefox 102 ESR Windows L1 v1.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.4 CIFS - 'cifs.smb2.durable_handle.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 5.4 CIFS - 'cifs.smb2.durable_handle.timeout' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 6.17 Ensure Biosdevname is not enabled | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 7.4 Ensure TLS 1.0 is disabled | CIS IIS 8.0 v1.5.1 Level 2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure TLS 1.0 is enabled | CIS IIS 7 L1 v1.8.0 | Windows | |
| 7.4 Ensure TLS 1.0 is enabled - DisabledByDefault | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure TLS 1.0 is enabled - enabled | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.2.8 (L1) Ensure PCI and PCIe device passthrough is disabled | CIS VMware ESXi 7.0 v1.4.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 8.2.8 Ensure PCI and PCIe device passthrough is disabled | CIS VMware ESXi 6.7 v1.3.0 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 20.25 Ensure 'Domain-joined systems have a Trusted Platform Module (TPM) enabled and ready for use' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.25 Ensure 'Domain-joined systems have a Trusted Platform Module (TPM) enabled and ready for use' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.25 Ensure 'Domain-joined systems have a Trusted Platform Module (TPM) enabled and ready for use' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.25 Ensure 'Domain-joined systems have a Trusted Platform Module (TPM) enabled and ready for use' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.25 Ensure 'Domain-joined systems have a Trusted Platform Module (TPM) enabled and ready for use' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| Allow Active X One Off Forms | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow Active X One Off Forms | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow Active X One Off Forms | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow Active X One Off Forms | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow Active X One Off Forms | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow Active X One Off Forms | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow Active X One Off Forms | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| BIND-9X-001120 - A BIND 9.x server must implement NIST FIPS-validated cryptography for provisioning digital signatures and generating cryptographic hashes. | DISA BIND 9.x STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI014 - The IE TLS parameter must be set correctly. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO234 - ActiveX One-Off forms must be configured. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO234 - ActiveX One-Off forms must be configured. | DISA STIG Microsoft Outlook 2013 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO234 - Outlook - Active X One-Off forms must be configured. | DISA STIG Office 2010 Outlook v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| MYS8-00-011500 - The MySQL Database Server 8.0 must use NSA-approved cryptography to protect classified information in accordance with the data owner's requirements. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MYS8-00-011500 - The MySQL Database Server 8.0 must use NSA-approved cryptography to protect classified information in accordance with the data owner's requirements. | DISA Oracle MySQL 8.0 v2r2 OS Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-OU-000007 - Active X One-Off forms must only be enabled to load with Outlook Controls. | DISA STIG Microsoft Office 365 ProPlus v3r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WDNS-CM-000015 - Digital signature algorithm used for DNSSEC-enabled zones must be FIPS-compatible. | DISA Microsoft Windows 2012 Server DNS STIG v2r7 | Windows | CONFIGURATION MANAGEMENT |
| WN10-EP-000310 - Windows 10 Kernel (Direct Memory Access) DMA Protection must be enabled. | DISA Windows 10 STIG v3r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-EP-000310 - Windows 11 Kernel (Direct Memory Access) DMA Protection must be enabled. | DISA Windows 11 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN16-00-000100 - Windows Server 2016 domain-joined systems must have a Trusted Platform Module (TPM) enabled and ready for use. | DISA Windows Server 2016 STIG v2r9 | Windows | CONFIGURATION MANAGEMENT |
| WN19-00-000090 - Windows Server 2019 domain-joined systems must have a Trusted Platform Module (TPM) enabled and ready for use. | DISA Microsoft Windows Server 2019 STIG v3r3 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000090 - Windows Server 2022 domain-joined systems must have a Trusted Platform Module (TPM) enabled and ready for use. | DISA Microsoft Windows Server 2022 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
