| 1.1.2.3 Ensure noexec option set on /tmp partition | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.4 Ensure nosuid option set on /tmp partition | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.4.4 Ensure nodev option set on /var/tmp partition | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.6.3 Ensure nodev option set on /var/log/audit partition | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.6.4 Ensure nosuid option set on /var/log/audit partition | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.6.1.1 Ensure SELinux is installed | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.6.1.2 Ensure SELinux is not disabled in bootloader configuration | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.7.4 Ensure permissions on /etc/motd are configured | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.1.8 Ensure 'Allow documents from managed sources in unmanaged destinations' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 End User Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.1.11 Ensure 'Allow Handoff' is set to 'Disabled' | MobileIron - CIS Apple iPadOS 18 v1.0.0 L2 End User Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.3.1 Ensure NGINX directories and files are owned by root | CIS NGINX Benchmark v2.1.0 L1 Proxy | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 2.3.2 Ensure access to NGINX directories and files is restricted | CIS NGINX Benchmark v2.1.0 L1 Proxy | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 2.3.2 Ensure access to NGINX directories and files is restricted | CIS NGINX Benchmark v2.1.0 L1 Webserver | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 2.3.3 Ensure the NGINX process ID (PID) file is secured | CIS NGINX Benchmark v2.1.0 L1 Webserver | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 2.3.10.11 Ensure 'Network access: Shares that can be accessed anonymously' is set to 'None' - None | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 2.3.10.11 Ensure 'Network access: Shares that can be accessed anonymously' is set to 'None' - None | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 2.6.2 Ensure Guest Access to Shared Folders Is Disabled | CIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 2.12.2 Ensure Guest Access to Shared Folders Is Disabled | CIS Apple macOS 15.0 Sequoia v1.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2 Ensure 'log_bin_basename' Files Have Appropriate Permissions | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2 Ensure 'log_bin_basename' Files Have Appropriate Permissions | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2.1.21 Ensure 'Allow documents from managed sources in unmanaged destinations' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 3.3 Ensure 'log_error' Has Appropriate Permissions | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.3.1 Ensure 'Managed Safari Web Domains' is 'Configured' | MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 3.4 Ensure 'slow_query_log' Has Appropriate Permissions | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.4 Ensure 'slow_query_log' Has Appropriate Permissions | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.4 Ensure 'slow_query_log' Has Appropriate Permissions | CIS MySQL 8.0 Enterprise Linux OS L1 v1.3.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.5 Ensure 'relay_log_basename' Files Have Appropriate Permissions | CIS MySQL 8.0 Enterprise Linux OS L1 v1.3.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.5 Ensure Access to Audit Records Is Controlled | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.5 Ensure Access to Audit Records Is Controlled | CIS Apple macOS 13.0 Ventura v3.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.6 Ensure 'general_log_file' Has Appropriate Permissions | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.7 Ensure SSL Key Files Have Appropriate Permissions | CIS MySQL 8.0 Enterprise Linux OS L1 v1.3.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.8 Ensure Plugin Directory Has Appropriate Permissions | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.8 Ensure Plugin Directory Has Appropriate Permissions | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.8 Ensure Plugin Directory Has Appropriate Permissions | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.9 Ensure 'audit_log_file' Has Appropriate Permissions | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.10 Secure MySQL Keyring | CIS MySQL 8.0 Enterprise Linux OS L1 v1.3.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1.3 Ensure private key permissions are restricted | CIS NGINX Benchmark v2.1.0 L1 Loadbalancer | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1.3 Ensure private key permissions are restricted | CIS NGINX Benchmark v2.1.0 L1 Webserver | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started With '--skip-grant-tables' - --skip-grant-tables | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - /etc/mysql/my.cnf | CIS MySQL 5.7 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started With '--skip-grant-tables' - %WINDIR%\my.cnf | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - Doesn't exist | CIS MySQL 5.7 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - MYSQL_INSTALL\my.ini | CIS MySQL 5.7 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - SYSCONFDIR/my.cnf | CIS MySQL 5.7 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started With '--skip-grant-tables' - SYSCONFDIR/my.cnf | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.1 Ensure Home Folders Are Secure | CIS Apple macOS 15.0 Sequoia v1.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.4 Ensure Appropriate Permissions Are Enabled for System Wide Applications | CIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.5 Ensure Appropriate Permissions Are Enabled for System Wide Applications | CIS Apple macOS 14.0 Sonoma v2.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4 Ensure SSH access is limited | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.4 Ensure Guest Access to Shared Folders Is Disabled | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
