| 1.1.1 Enable 'aaa new-model' | CIS Cisco IOS 15 L1 v4.0.1 | Cisco | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 1.1.1 Enable 'aaa new-model' | CIS Cisco IOS 16 L1 v1.1.0 | Cisco | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 1.1.1.5 URL Syntax That Includes User name and Password: Level I Enabled - spDesign.exe | CIS MS Office 2007 v1.1.0 L1 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 1.1.1.5 URL Syntax That Includes User name and Password: Level I Enabled - winword.exe | CIS MS Office 2007 v1.1.0 L1 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 1.1.16 Ensure nosuid option set on /dev/shm partition | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.2.1 Ensure 'Permitted IP Addresses' is set to those necessary for device management | CIS Palo Alto Firewall 11 v1.1.0 L1 | Palo_Alto | ACCESS CONTROL |
| 1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled | CIS Palo Alto Firewall 11 v1.1.0 L1 | Palo_Alto | ACCESS CONTROL |
| 1.4.1 Enable SELinux in /etc/grub.conf 'enforcing != 0' | CIS Red Hat Enterprise Linux 5 L2 v2.2 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.4.1 Enable SELinux in /etc/grub.conf 'selinux != 0' | CIS Red Hat Enterprise Linux 5 L2 v2.2 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - enforcing = 0 | CIS Debian 8 Workstation L2 v2.0.1 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - enforcing = 0 | CIS Debian 8 Server L2 v2.0.1 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - enforcing=0 | CIS Red Hat 6 Workstation L2 v2.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - selinux = 0 | CIS Debian 8 Server L2 v2.0.1 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - selinux = 0 | CIS Debian 8 Workstation L2 v2.0.1 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - selinux=0 | CIS Red Hat 6 Workstation L2 v2.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.7.1.2 Ensure SELinux is not disabled in bootloader configuration - selinux = 0 | CIS Oracle Linux 8 Workstation L2 v1.0.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 2.3.10.7 (L1) Ensure 'Network access: Remotely accessible registry paths' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.3.10.7 Ensure 'Network access: Remotely accessible registry paths' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.3.10.8 Ensure 'Network access: Remotely accessible registry paths and sub-paths' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.3.18.4 Ensure 'Never allow users to specify groups when restricting permission for documents' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.1.0 L1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.5 Application Data with requirement for world writable directories | CIS IBM AIX 7.2 L1 v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.8 Ensure cron is restricted to authorized users | CIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.8 Ensure cron is restricted to authorized users | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.9 Ensure at is restricted to authorized users | CIS SUSE Linux Enterprise 12 v3.1.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.9 Ensure at is restricted to authorized users | CIS CentOS Linux 8 Workstation L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.6 Ensure access to the su command is restricted - /etc/pam.d/su | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.6 Ensure access to the su command is restricted - /etc/pam.d/su | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.10 Ensure Access to .ht* Files Is Restricted | CIS Apache HTTP Server 2.4 L1 v1.5.0 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 7.2.3 Ensure external content sharing is restricted | CIS Microsoft 365 Foundations E3 L1 v3.1.0 | microsoft_azure | ACCESS CONTROL, MEDIA PROTECTION |
| 7.2.4 Ensure OneDrive content sharing is restricted | CIS Microsoft 365 Foundations E3 L2 v3.1.0 | microsoft_azure | ACCESS CONTROL, MEDIA PROTECTION |
| 7.2.7 Ensure link sharing is restricted in SharePoint and OneDrive | CIS Microsoft 365 Foundations E3 L1 v3.1.0 | microsoft_azure | ACCESS CONTROL, MEDIA PROTECTION |
| 9.1.7 Ensure shareable links are restricted | CIS Microsoft 365 Foundations E3 L1 v3.1.0 | microsoft_azure | ACCESS CONTROL, MEDIA PROTECTION |
| 10.2 Allowlist Approved Servers Belonging to a MySQL InnoDB Cluster | CIS MySQL 8.0 Enterprise Database L2 v1.3.0 | MySQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 17.6.1 Ensure 'Audit Detailed File Share' is set to include 'Failure' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 17.6.2 (L1) Ensure 'Audit File Share' is set to 'Success and Failure' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 17.6.2 Ensure 'Audit File Share' is set to 'Success and Failure' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| Big Sur - Disable Media Sharing | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL |
| Big Sur - Disable Media Sharing | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | ACCESS CONTROL |
| Big Sur - Disable Media Sharing | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL |
| Big Sur - Disable Media Sharing | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | ACCESS CONTROL |
| Catalina - Disable Media Sharing - com.apple.amp.mediasharingd | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL |
| Catalina - Disable Media Sharing - com.apple.amp.mediasharingd | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| Catalina - Disable Media Sharing - com.apple.amp.mediasharingd | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | ACCESS CONTROL |
| Catalina - Disable Media Sharing - home-sharing-enabled | NIST macOS Catalina v1.5.0 - 800-171 | Unix | ACCESS CONTROL |
| Catalina - Disable Media Sharing - home-sharing-enabled | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | ACCESS CONTROL |
| IAM: Policies are attached only to groups or roles | Tenable AWS Best Practice Audit | amazon_aws | ACCESS CONTROL |
| Monterey - Disable Media Sharing | NIST macOS Monterey v1.0.0 - 800-171 | Unix | ACCESS CONTROL |
| Monterey - Disable Media Sharing | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL |
| Monterey - Disable Media Sharing | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | ACCESS CONTROL |
| Monterey - Disable Media Sharing | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |
