| 1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - SNMP | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | ACCESS CONTROL |
| 2.7 Ensure TLS authentication for Docker daemon is configured - tlskey | CIS Docker v1.6.0 L1 Docker Linux | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.8.1 Ensure 'Allow remote access connections to this machine' is set to 'Disabled' | CIS Google Chrome L1 v3.0.0 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.8.2 Ensure 'Allow remote users to interact with elevated windows in remote assistance sessions' is set to 'Disabled' | CIS Google Chrome L1 v3.0.0 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.8.3 Ensure 'Configure the required domain names for remote access clients' is set to 'Enabled' with a domain defined | CIS Google Chrome L1 v3.0.0 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.8.4 Ensure 'Enable curtaining of remote access hosts' is set to 'Disabled' | CIS Google Chrome L1 v3.0.0 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.8.5 Ensure 'Enable firewall traversal from remote access host' is set to 'Disabled' | CIS Google Chrome L1 v3.0.0 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.8.6 Ensure 'Enable or disable PIN-less authentication for remote access hosts' is set to 'Disabled' | CIS Google Chrome L1 v3.0.0 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.32 Ensure 'Allow remote debugging' is set to 'Disabled' | CIS Google Chrome L1 v3.0.0 | Windows | ACCESS CONTROL, RISK ASSESSMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 3.2.1.29 Ensure 'Allow proximity based password sharing requests' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 3.2.1.29 Ensure 'Allow proximity based password sharing requests' is set to 'Disabled' | MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 3.2.1.29 Ensure 'Allow proximity based password sharing requests' is set to 'Disabled' | AirWatch - CIS Apple iOS 17 Institution Owned L1 | MDM | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 3.2.1.29 Ensure 'Allow proximity based password sharing requests' is set to 'Disabled' | MobileIron - CIS Apple iOS 17 Institution Owned L1 | MDM | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 4.04 init.ora - 'remote_os_roles = FALSE' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | ACCESS CONTROL |
| 4.10 (L1) Host must verify certificates for TLS remote logging endpoints | CIS VMware ESXi 8.0 v1.1.0 L1 | VMware | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 5.2.8 Ensure SSH root login is disabled | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | ACCESS CONTROL |
| 6.2 Ensure that operating system resource limits are set for MongoDB | CIS MongoDB 3.6 L2 Windows Audit v1.1.0 | Windows | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 6.2 Ensure that operating system resource limits are set for MongoDB | CIS MongoDB 3.6 L2 Unix Audit v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 18.8.36.1 Ensure 'Configure Offer Remote Assistance' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 18.9.65.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.9.65.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.9.65.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.9.65.3.9.1 Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.10.56.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.10.57.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.10.57.3.9.1 (L1) Ensure 'Always prompt for password upon connection' is set to 'Enabled' | CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Allow Basic authentication - Client - AllowBasic | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| Allow Basic authentication - Client - AllowBasic | MSCT Windows Server v20H2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Allow Basic authentication - Service - AllowBasic | MSCT Windows 10 v21H2 v1.0.0 | Windows | ACCESS CONTROL |
| Allow Basic authentication - Service - AllowBasic | MSCT Windows Server v2004 MS v1.0.0 | Windows | ACCESS CONTROL |
| Allow Basic authentication - Service - AllowBasic | MSCT Windows Server v20H2 DC v1.0.0 | Windows | ACCESS CONTROL |
| Allow Basic authentication - WinRM Client | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Client - AllowUnencryptedTraffic | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Client - AllowUnencryptedTraffic | MSCT Windows Server v1909 MS v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Client - AllowUnencryptedTraffic | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Client - AllowUnencryptedTraffic | MSCT Windows Server v20H2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Service - AllowUnencryptedTraffic | MSCT Windows 10 v1507 v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Service - AllowUnencryptedTraffic | MSCT Windows 10 v21H2 v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Service - AllowUnencryptedTraffic | MSCT Windows Server 1903 MS v1.19.9 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Service - AllowUnencryptedTraffic | MSCT Windows 10 1909 v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - WinRM Client | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - WinRM Client | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - WinRM Service | MSCT Windows Server 2019 DC v1.0.0 | Windows | ACCESS CONTROL |
| Always prompt for password upon connection | MSCT Windows 11 v22H2 v1.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Managed Access Control Points | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
| Configure Solicited Remote Assistance - fAllowToGetHelp | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
| Disallow Digest authentication | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| Monterey - Managed Access Control Points | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows Server 1903 MS v1.19.9 | Windows | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows Server v2004 MS v1.0.0 | Windows | ACCESS CONTROL |
