| 1.1.1 Enable 'aaa new-model' | CIS Cisco IOS 12 L1 v4.0.0 | Cisco | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 1.2.1.2. Attachment Previewing in Outlook: Level II Enabled | CIS MS Office 2007 v1.1.0 L2 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.2 Ensure that an exclusionary Geographic Access Policy is considered | CIS Microsoft Azure Foundations v2.1.0 L1 | microsoft_azure | ACCESS CONTROL |
| 1.4.2.1 Ensure 'TACACS+/RADIUS' is configured correctly - protocol | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration | CIS Amazon Linux 2 v1.0.0 L2 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - enforcing = 0 | CIS Ubuntu Linux 16.04 LTS Workstation L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - enforcing=0 | CIS CentOS 6 Server L2 v2.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - enforcing=0 | CIS Oracle Linux 6 Server L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - selinux=0 | CIS Oracle Linux 6 Workstation L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.7.1.2 Ensure SELinux is not disabled in bootloader configuration - enforcing = 0 | CIS Oracle Linux 8 Server L2 v1.0.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.7.1.2 Ensure SELinux is not disabled in bootloader configuration - selinux = 0 | CIS Oracle Linux 7 Server L1 v3.0.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 2.2.1.3 Fortezza Certificate Policies: Not Configured | CIS MS Office 2007 v1.1.0 L1 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 4.4 Ensure Oslogin Is Enabled for a Project | CIS Google Cloud Platform v3.0.0 L1 | GCP | ACCESS CONTROL |
| 5.1 Specify a Secure Connection Authentication Type (SRVCON_AUTH) | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL |
| 5.1 Specify a Secure Connection Authentication Type (SRVCON_AUTH) | CIS IBM DB2 11 v1.1.0 Windows OS Level 1 | Windows | ACCESS CONTROL |
| 5.1.8.1 Ensure that password hash sync is enabled for hybrid deployments | CIS Microsoft 365 Foundations E3 L1 v3.1.0 | microsoft_azure | ACCESS CONTROL |
| 5.2 Specify a Secure Authentication Type (AUTHENTICATION) | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL |
| 5.10 Ensure Access to .ht* Files Is Restricted | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Big Sur - Allow Administrators to Modify Security Settings and System Attributes | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL |
| Big Sur - Disable Media Sharing | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| Big Sur - Enforce Approved Authorization for Logical Access | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | ACCESS CONTROL |
| Big Sur - Enforce Approved Authorization for Logical Access | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| Big Sur - Enforce Approved Authorization for Logical Access | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL |
| Big Sur - Enforce Approved Authorization for Logical Access | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL |
| Big Sur - Enforce Approved Authorization for Logical Access | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | ACCESS CONTROL |
| Big Sur - Enforce Approved Authorization for Logical Access | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | ACCESS CONTROL |
| Big Sur - Enforce Approved Authorization for Logical Access | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | ACCESS CONTROL |
| Big Sur - Enforce Approved Authorization for Logical Access | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL |
| Big Sur - Enforce Approved Authorization for Logical Access | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
| Catalina - Disable Media Sharing - com.apple.amp.mediasharingd | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | ACCESS CONTROL |
| Catalina - Disable Media Sharing - home-sharing-enabled | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | ACCESS CONTROL |
| Catalina - Enforce Approved Authorization for Logical Access | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| Catalina - Enforce Approved Authorization for Logical Access | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | ACCESS CONTROL |
| Catalina - Enforce Approved Authorization for Logical Access | NIST macOS Catalina v1.5.0 - 800-171 | Unix | ACCESS CONTROL |
| Catalina - Enforce Approved Authorization for Logical Access | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | ACCESS CONTROL |
| Catalina - Enforce Approved Authorization for Logical Access | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
| Catalina - Enforce Approved Authorization for Logical Access | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL |
| Ensure 'TACACS+/RADIUS' is configured correctly - protocol | Tenable Cisco Firepower Best Practices Audit | Cisco | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Allow Administrators to Modify Security Settings and System Attributes | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |
| Monterey - Allow Administrators to Promote Other Users to Administrator Status | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |
| Monterey - Allow Information Transfer with Other Operating Systems | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |
| Monterey - Enforce Approved Authorization for Logical Access | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |
| Monterey - Enforce Approved Authorization for Logical Access | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | ACCESS CONTROL |
| Monterey - Enforce Approved Authorization for Logical Access | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| Monterey - Enforce Approved Authorization for Logical Access | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL |
| Monterey - Enforce Approved Authorization for Logical Access | NIST macOS Monterey v1.0.0 - 800-171 | Unix | ACCESS CONTROL |
| Monterey - Enforce Approved Authorization for Logical Access | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL |
| Monterey - Enforce Approved Authorization for Logical Access | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | ACCESS CONTROL |
| Monterey - Enforce Approved Authorization for Logical Access | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | ACCESS CONTROL |
| Monterey - Enforce Approved Authorization for Logical Access | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
