| 1.2.4 Recommended Ciphers, MACs, and Algorithms | CIS HPE Aruba Networking CX Switch v1.0.1 L1 | ArubaOS | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.4 Recommended Ciphers, MACs, and Algorithms | CIS HPE Aruba Networking CX Switch v1.0.1 Optional Security Recommendations | ArubaOS | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.4.2 Configure Password Encryption | CIS Cisco NX-OS v1.2.0 L2 | Cisco | IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION |
| 1.6.1 TLS Check Key Usage | CIS HPE Aruba Networking CX Switch v1.0.1 L2 | ArubaOS | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.1 TLS Check Key Usage | CIS HPE Aruba Networking CX Switch v1.0.1 Optional Security Recommendations | ArubaOS | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.16 UBTU-22-231010 | CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.104 UBTU-24-600090 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.4.2 Ensure Time Machine Volumes Are Encrypted If Time Machine Is Enabled | CIS Apple macOS 13.0 Ventura v4.0.0 L1 | Unix | CONTINGENCY PLANNING, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.4.2 Ensure Time Machine Volumes Are Encrypted If Time Machine Is Enabled | CIS Apple macOS 14.0 Sonoma v3.0.0 L1 | Unix | CONTINGENCY PLANNING, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.4.2 Ensure Time Machine Volumes Are Encrypted If Time Machine Is Enabled | CIS Apple macOS 15.0 Sequoia v2.0.0 L1 | Unix | CONTINGENCY PLANNING, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.4.2 Ensure Time Machine Volumes Are Encrypted If Time Machine Is Enabled | CIS Apple macOS 26 Tahoe v1.0.0 L1 | Unix | CONTINGENCY PLANNING, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.1.3 Ensure all user storage CoreStorage volumes are encrypted | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.1.3 Ensure all user storage CoreStorage volumes are encrypted | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.1.3 Ensure all user storage CoreStorage volumes are encrypted | CIS Apple macOS 12.0 Monterey v4.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.1.3 Ensure all user storage CoreStorage volumes are encrypted | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.7.2 Ensure Time Machine Volumes Are Encrypted | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | CONTINGENCY PLANNING, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.7.2 Ensure Time Machine Volumes Are Encrypted If Time Machine Is Enabled | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | CONTINGENCY PLANNING, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.7.2 Ensure Time Machine Volumes Are Encrypted If Time Machine Is Enabled | CIS Apple macOS 12.0 Monterey v4.0.0 L1 | Unix | CONTINGENCY PLANNING, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.7.2 Ensure Time Machine Volumes Are Encrypted If Time Machine Is Enabled | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | CONTINGENCY PLANNING, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2 Ensure Federal Information Processing Standard (FIPS) is enabled | CIS MongoDB 3.6 L2 Windows Audit v1.1.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2 Ensure Federal Information Processing Standard (FIPS) is enabled | CIS MongoDB 3.6 L2 Unix Audit v1.1.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.4 Ensure Federal Information Processing Standard (FIPS) is enabled | CIS MongoDB 7 v1.2.0 L2 Windows | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.4 Ensure Federal Information Processing Standard (FIPS) is enabled | CIS MongoDB 8 v1.0.0 L2 Unix | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.4 Ensure Federal Information Processing Standard (FIPS) is enabled | CIS MongoDB 7 v1.2.0 L2 Unix | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.4 Ensure Federal Information Processing Standard (FIPS) is enabled | CIS MongoDB 8 v1.0.0 L2 Windows | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Ensure CloudTrail logs are encrypted at rest using KMS CMKs | CIS Amazon Web Services Foundations v7.0.0 L2 | amazon_aws | AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.6 Ensure rotation for customer-created symmetric CMKs is enabled | CIS Amazon Web Services Foundations v7.0.0 L2 | amazon_aws | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.9 Ensure that Tri-Secret Secure is enabled for the Snowflake account | CIS Snowflake Foundations v1.0.0 L2 | Snowflake | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.2 Ensure all user storage CoreStorage volumes are encrypted | CIS Apple macOS 13.0 Ventura v4.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.2 Ensure all user storage CoreStorage volumes are encrypted | CIS Apple macOS 15.0 Sequoia v2.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.2 Ensure all user storage CoreStorage volumes are encrypted | CIS Apple macOS 26 Tahoe v1.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.2 Ensure all user storage CoreStorage volumes are encrypted | CIS Apple macOS 14.0 Sonoma v3.0.0 L1 | Unix | IDENTIFICATION AND AUTHENTICATION, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3 Ensure Database Backups are Encrypted | CIS Microsoft SQL Server 2022 v1.2.1 L2 Database Engine | MS_SQLDB | CONTINGENCY PLANNING, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3 Ensure Database Backups are Encrypted | CIS Microsoft SQL Server 2025 v1.0.0 L2 Database Engine | MS_SQLDB | CONTINGENCY PLANNING, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
