| 1.1 Keep ESXi system properly patched | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | |
| 1.2 Verify Image Profile and VIB Acceptance Levels | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | |
| 1.3 Verify no unauthorized kernel modules are loaded on the host | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | |
| 2.3.5.3 (L1) Ensure 'Domain controller: LDAP server channel binding token requirements' is set to 'Always' (DC Only) | CIS Microsoft Windows Server 2019 v4.0.0 L1 DC | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 2.4 Do not use default self-signed certificates for ESXi communication | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | |
| 2.5 Disable client facing Stack Traces - check for defined exception type | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 4.2 Restrict access to $CATALINA_BASE | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.12 Restrict access to Tomcat server.xml | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2 Use LockOut Realms | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 5.6 Remove keys from SSH authorized_keys file | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 5.7 Set a timeout to automatically terminate idle ESXi Shell and SSH sessions | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | ACCESS CONTROL |
| 6.1 Setup Client-cert Authentication | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.3 Ensure scheme is set accurately | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in web application | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.5 Ensure that port groups are not configured to VLAN values reserved by upstream physical switches | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | |
| 7.6 Ensure directory in logging.properties is a secure location - check log directory location | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | ACCESS CONTROL |
| 8.2.2 Disconnect unauthorized devices - CD/DVD Devices | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | |
| 8.2.6 Prevent unauthorized removal and modification of devices. | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | ACCESS CONTROL |
| 8.4.10 Disable Unity Window Contents | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.25 Disable VM Console Drag and Drop operations | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.27 Disable VM Console Paste operations | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.28 Control access to VM console via VNC protocol | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 8.6.2 Disable virtual disk shrinking | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 8.7.2 Limit number of VM log files | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | AUDIT AND ACCOUNTABILITY |
| 8.7.4 Limit VM log file size | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | AUDIT AND ACCOUNTABILITY |
| 10.5 Rename the manager application - host-manager/manager.xml | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 10.7 Turn off session facade recycling | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 10.8 Do not allow additional path delimiters - ALLOW_ENCODED_SLASH | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 10.9 Configure connectionTimeout | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 10.12 Do not allow symbolic linking | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 10.17 Setting Security Lifecycle Listener - check for umask present in startup | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | ACCESS CONTROL |
| CIS_Amazon_Linux_2_STIG_v2.0.0_L2_Server.audit from CIS Amazon Linux 2 STIG Benchmark v2.0.0 | CIS Amazon Linux 2 STIG v2.0.0 L2 Server | Unix | |
| CIS_CentOS_8_Server_L2_v2.0.0.audit from CIS CentOS Linux 8 Benchmark v2.0.0 | CIS CentOS Linux 8 Server L2 v2.0.0 | Unix | |
| CIS_IBM_AIX_7_v1.1.0_L2.audit from CIS IBM AIX 7 Benchmark v1.1.0 | CIS IBM AIX 7 v1.1.0 L2 | Unix | |
| CIS_Mozilla_Firefox_38_ESR_v1.0.0_Windows_Level2.audit for CIS Mozilla Firefox 38 ESR v1.0.0 | CIS Mozilla Firefox 38 ESR Windows L2 v1.0.0 | Windows | |
| CIS_MySQL_5.7_Enterprise_Benchmark_v2.0.0_Level_2_OS_MS.audit from CIS Oracle MySQL 5.7 Enterprise Edition Benchmark | CIS MySQL 5.7 Enterprise Windows OS L2 v2.0.0 | Windows | |
| CIS_MySQL_8.0_Community_Benchmark_v1.1.0_Level_2_OS_Linux.audit from CIS Oracle MySQL 8.0 Community Edition Benchmark | CIS MySQL 8.0 Community Linux OS L2 v1.1.0 | Unix | |
| CIS_MySQL_8.0_Enterprise_Benchmark_v1.4.0_Level_1_OS_Linux.audit from CIS Oracle MySQL 8.0 Enterprise Edition Benchmark | CIS MySQL 8.0 Enterprise Linux OS L1 v1.4.0 | Unix | |
| CIS_MySQL_8.4_Enterprise_Benchmark_v1.0.0_Level_1_Database.audit from CIS Oracle MySQL 8.4 Enterprise Edition Benchmark | CIS MySQL 8.4 Enterprise v1.0.0 L1 Database | MySQLDB | |
| CIS_MySQL_8.4_Enterprise_Benchmark_v1.0.0_Level_1_OS_Linux.audit from CIS Oracle MySQL 8.4 Enterprise Edition Benchmark | CIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L1 MySQL OS Linux | Unix | |
| CIS_Oracle_Linux_8_STIG_v1.0.0_CAT_I.audit from CIS Oracle Linux 8 STIG Benchmark v1.0.0 | CIS Oracle Linux 8 STIG v1.0.0 CAT I | Unix | |
| CIS_Oracle_Linux_8_STIG_v1.0.0_CAT_II.audit from CIS Oracle Linux 8 STIG Benchmark v1.0.0 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | |
| CIS_SUSE_Linux_Enterprise_15_v2.0.1_L1_Workstation.audit from CIS SUSE Linux Enterprise 15 Benchmark v2.0.1 | CIS SUSE Linux Enterprise 15 v2.0.1 L1 Workstation | Unix | |
| CIS_SUSE_Linux_Enterprise_15_v2.0.1_L2_Server.audit from CIS SUSE Linux Enterprise 15 Benchmark v2.0.1 | CIS SUSE Linux Enterprise 15 v2.0.1 L2 Server | Unix | |
| CIS_Ubuntu_Linux_18.04_LTS_v2.2.0_L1_Server.audit from CIS Ubuntu Linux 18.04 LTS Benchmark v2.2.0 | CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server | Unix | |
| CIS_Ubuntu_Linux_20.04_LTS_v3.0.0_L1_Server.audit from CIS Ubuntu Linux 20.04 LTS Benchmark v3.0.0 | CIS Ubuntu Linux 20.04 LTS v3.0.0 L1 Server | Unix | |
| CIS_Ubuntu_Linux_22.04_LTS_v2.0.0_L2_Workstation.audit from CIS Ubuntu Linux 22.04 LTS Benchmark v2.0.0 | CIS Ubuntu Linux 22.04 LTS v2.0.0 L2 Workstation | Unix | |
| CIS_Ubuntu_Linux_24.04_LTS_v1.0.0_L1_Workstation.audit from CIS Ubuntu Linux 24.04 LTS Benchmark v1.0.0 | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation | Unix | |
| CIS_Ubuntu_Linux_24.04_LTS_v1.0.0_L2_Workstation.audit from CIS Ubuntu Linux 24.04 LTS Benchmark v1.0.0 | CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Workstation | Unix | |
