| 1.1.4 Ensure nodev option set on /tmp partition | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.1.7 Ensure noexec option set on /dev/shm partition | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.8 Ensure nodev option set on /dev/shm partition | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.20 Ensure removable media partitions include noexec option | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.2.2 Ensure package manager repositories are configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.3 Ensure gpgcheck is globally activated | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.3.1 Ensure AIDE is installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.5.4 Ensure prelink is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.6.1.1 Ensure SELinux is installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.6.1.3 Ensure SELinux policy is configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.7.1 Ensure message of the day is configured properly | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.1.1 Ensure xinetd is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.1.1 Ensure time synchronization is in use | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.5 Ensure DHCP Server is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.7 Ensure DNS Server is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.11 Ensure Samba is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.12 Ensure HTTP Proxy Server is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.15 Ensure telnet-server is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.19 Ensure rsync is not installed or the rsyncd service is masked | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.3.3 Ensure talk client is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.3.4 Ensure telnet client is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.1.2 Ensure wireless interfaces are disabled | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3.4 Ensure secure ICMP redirects are not accepted | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.3.6 Ensure broadcast ICMP requests are ignored | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.3.8 Ensure Reverse Path Filtering is enabled | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.5.1.1 Ensure firewalld is installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.1.4 Ensure firewalld service enabled and running | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.5.1.6 Ensure network interfaces are assigned to appropriate zone | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.2.2 Ensure firewalld is either not installed or masked with nftables | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.2.10 Ensure nftables service is enabled | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.3.1.3 Ensure firewalld is either not installed or masked with iptables | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.3.3.4 Ensure ip6tables default deny firewall policy | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.3.3.6 Ensure ip6tables is enabled and running | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.1.3 Ensure rsyslog default file permissions configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.2.3 Ensure logrotate is configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.6 Ensure permissions on /etc/cron.monthly are configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.7 Ensure permissions on /etc/cron.d are configured | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 18.10.15.3 (L1) Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.3 Ensure 'Prevent the use of security questions for local accounts' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-protocolhandler | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-shellaction | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-toporequest | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-trashfolderstate | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-unity | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-unity-interlock | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-unity-taskbar | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-unity-unityactive | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-versionget | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VM : disable-unexposed-features-versionset | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
