| 1.2 Use IP address rather than hostname | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | CONFIGURATION MANAGEMENT |
| 2.1 Enable Secure Admin Access - 'ssh.port = 22' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.3.2 - MobileIron - Require Use Only in Mail for Sensitive Mail Accounts - EMAIL Configurations | MobileIron - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 2.4.2 Disable Internet Sharing | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.5.1 Disable 'Wake for network access' | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | ACCESS CONTROL |
| 2.19 Disable Mounting of freevxfs Filesystems | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.20 Disable Mounting of jffs2 Filesystems | CIS Debian Linux 7 L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.16 Disable database discovery | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | CONFIGURATION MANAGEMENT |
| 3.1.17 Reserve the desired port number or name for incoming connection requests | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Linux | Unix | CONFIGURATION MANAGEMENT |
| 3.1.18 Reserve the desired port number or name for incoming SSL connections | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Windows | Windows | CONFIGURATION MANAGEMENT |
| 3.3.2 Set a generic system name | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Windows | Windows | CONFIGURATION MANAGEMENT |
| 3.7 Verify that Docker environment file ownership is set to root:root | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 3.20 Verify that TLS CA certificate file permissions are set to 444 or more restrictive | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 4.7 Enable cron Logging - Check if permissions for /var/cron/log are OK. | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.5 NFS - 'nfs.v4.write_delegation = on' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 6.5 Configure Network Time Protocol (NTP) - restrict -6 default kod nomodify notrap nopeer noquery | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.7 Set Default Screen Lock for CDE Users - Check if file permissions for files under /etc/dt/config/*/sys.resources are OK. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.4.3 Verify Permissions on /etc/hosts.allow | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 7.5 Set "mesg n" as Default for All Users - /etc/profile mesg = n | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.1 Create Warnings for Standard Login Services - etc/motd perms | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.1 Create Warnings for Standard Login Services - etc/issue perms | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.1.18 Make the Audit Configuration Immutable | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.2 Restrict access to starting and stopping the DB2 administration server | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Linux | Unix | ACCESS CONTROL |
| 8.2.4 Create and Set Permissions on rsyslog Log Files - /var/log/news/news.notice | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.4 Create warnings for FTP daemon - Check if permissions for /etc/ftpd/banner.msg are OK. Applicable only for Solaris 2.6 or later | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 9.1.4 Set User/Group Owner and Permission on /etc/cron.daily | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.3.3 Set Permissions on /etc/ssh/sshd_config | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.3.10 Do Not Allow Users to Set Environment Options | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.9 Check Permissions on User .netrc Files | CIS Solaris 11 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.12 Check That Users Are Assigned Home Directories | CIS Solaris 11.1 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.14 Check User Home Directory Ownership | CIS Solaris 11 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 11.1 Set Warning Banner for Standard Login Services - /etc/motd.tail permissions | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | ACCESS CONTROL |
| 11.2 Remove OS Information from Login Warning Banners - /etc/issue | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 13.7 Check Permissions on User Home Directories | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 13.9 Check Permissions on User .netrc Files | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 13.12 Check That Users Are Assigned Valid Home Directories | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 13.13 Check User Home Directory Ownership | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| Adtran : Disable SSID Broadcast | TNS Adtran AOS Best Practice Audit | Adtran | CONFIGURATION MANAGEMENT |
| FireEye - CLI commands do not hide any settings from administrators | TNS FireEye | FireEye | CONFIGURATION MANAGEMENT |
| Fortigate - Use non default admin access ports - 'HTTPS' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | CONFIGURATION MANAGEMENT |
| IBM i : Scan File Systems (QSCANFS) - '*ROOTOPNUD' | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | CONFIGURATION MANAGEMENT |
| OpenStack Identity - strict permissions set for Identity configuration files - /etc/keystone/policy.json | TNS OpenStack Keystone/Identity Security Guide | Unix | CONFIGURATION MANAGEMENT |
| OpenStack Identity - user/group ownership of config files set to keystone - /etc/keystone/logging.conf | TNS OpenStack Keystone/Identity Security Guide | Unix | CONFIGURATION MANAGEMENT |
| OpenStack Identity - user/group ownership of config files set to keystone - /etc/keystone/ssl/certs/ca.pem | TNS OpenStack Keystone/Identity Security Guide | Unix | CONFIGURATION MANAGEMENT |
| OpenStack Networking - strict permissions set for Compute configuration files - /etc/neutron/api-paste.ini | TNS OpenStack Neutron/Networking Security Guide | Unix | CONFIGURATION MANAGEMENT |
| OpenStack Networking - user/group ownership of config files set to root/neutron - /etc/neutron/neutron.conf | TNS OpenStack Neutron/Networking Security Guide | Unix | CONFIGURATION MANAGEMENT |
| SonicWALL - AAA - RADIUS server is trusted | TNS SonicWALL v5.9 | SonicWALL | CONFIGURATION MANAGEMENT |
| SonicWALL - Use non default admin access ports - HTTP | TNS SonicWALL v5.9 | SonicWALL | CONFIGURATION MANAGEMENT |
| Use a static IP on the management network interface | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| XenServer - Identify a network interface to be used for storage access | TNS Citrix XenServer | Unix | CONFIGURATION MANAGEMENT |
