| 1.1 Keep ESXi system properly patched | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | |
| 1.2 Verify Image Profile and VIB Acceptance Levels | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | |
| 1.3 Verify no unauthorized kernel modules are loaded on the host | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | |
| 1.3.4 Ensure 'Minimum Lowercase Letters' is greater than or equal to 1 | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| 1.3.5 Ensure 'Minimum Numeric Letters' is greater than or equal to 1 | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| 1.3.6 Ensure 'Minimum Special Characters' is greater than or equal to 1 | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| 1.4 Enable system data files and security update installs - 'ConfigDataInstall' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.6.3 Ensure that the Certificate Securing Remote Access VPNs is Valid | CIS Palo Alto Firewall 10 v1.2.0 L2 | Palo_Alto | CONFIGURATION MANAGEMENT |
| 2.1 Ensure that IP addresses are mapped to usernames | CIS Palo Alto Firewall 10 v1.2.0 L2 | Palo_Alto | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.1 Enable 'Set time and date automatically' | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 2.4 Do not use default self-signed certificates for ESXi communication | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | |
| 2.4.4 Disable Printer Sharing | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4.5 Disable Remote Login | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
| 2.4.7 Disable Bluetooth Sharing | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | |
| 2.6.1 Enable FileVault - Encryption Status | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.5 Review Application Firewall Rules | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6.7 Monitor Location Services Access | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | |
| 2.7.2 iCloud keychain | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | |
| 3.2 Enable security auditing | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1 Ensure 'Antivirus Update Schedule' is set to download and install updates hourly | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.3 Ensure Encryption of Data in Transit TLS or SSL (Transport Encryption) | CIS MongoDB 5 L1 OS Linux v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.6 Ensure nfs server is not running | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.2 Use LockOut Realms | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 5.2.4 Complex passwords must contain a Numeric Character - '1 number' | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.6 Remove keys from SSH authorized_keys file | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 5.7 Set a timeout to automatically terminate idle ESXi Shell and SSH sessions | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | ACCESS CONTROL |
| 5.10 Require an administrator password to access system-wide preferences | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.1 Setup Client-cert Authentication | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.10 Ensure that access to every URL is logged | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.12 Ensure secure URL filtering is enabled for all security policies allowing traffic to the Internet | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.14 Ensure a secure Data Filtering profile is applied to all security policies allowing traffic to or from the Internet | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.17 Ensure that all zones have Zone Protection Profiles with all Reconnaissance Protection settings enabled, tuned, and set to appropriate actions | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.5 Ensure that port groups are not configured to VLAN values reserved by upstream physical switches | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | |
| 8.2.2 Disconnect unauthorized devices - CD/DVD Devices | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | |
| 8.2.6 Prevent unauthorized removal and modification of devices. | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | ACCESS CONTROL |
| 8.3 Ensure that the Certificate used for Decryption is Trusted | CIS Palo Alto Firewall 10 v1.2.0 L2 | Palo_Alto | CONFIGURATION MANAGEMENT |
| 8.4.9 Disable Unity Active | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.10 Disable Unity Window Contents | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.13 Disable Drag and Drop Version Set | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.21 Disable Host Guest File System Server | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.25 Disable VM Console Drag and Drop operations | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.27 Disable VM Console Paste operations | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.28 Control access to VM console via VNC protocol | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 8.6.2 Disable virtual disk shrinking | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 8.7.1 Disable VIX messages from the VM | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.7.2 Limit number of VM log files | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | AUDIT AND ACCOUNTABILITY |
| 8.7.3 Do not send host information to guests | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.7.4 Limit VM log file size | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | AUDIT AND ACCOUNTABILITY |
| 10.9 Configure connectionTimeout | CIS Apache Tomcat 9 L2 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
