| 1.4 Ensure systemd Service Files Are Enabled | CIS PostgreSQL 11 OS v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.26.1 (L1) Ensure 'Disable Bing chat entry-points on Microsoft Edge Enterprise new tab page' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 1.135 (L2) Ensure 'Enable QR Code Generator' is set to 'Disabled' | CIS Microsoft Edge v3.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.8.1 (L1) Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 2.3.8.3 (L1) Ensure 'Microsoft network client: Send unencrypted password to third-party SMB servers' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 2.3.9.2 (L1) Ensure 'Microsoft network server: Digitally sign communications (always)' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 2.3.25.1.3 Ensure 'Disable Opt-in Wizard on first run' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.3.29.1.1 Ensure 'Disable Internet Fax feature' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.4.1 Ensure 'Allow simple value' is set to 'Disabled' | AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.4.2 Ensure 'IMAP4' Windows services are 'Disabled' | CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.5.10.8.1.2.2 Ensure 'Prevent publishing to a DAV server' is set to 'Enabled' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 2.14 Ensure 'sa' Login Account has been renamed | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| 2.14 Ensure 'sa' Login Account has been renamed | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| 2.17 Ensure no login exists with the name 'sa' | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| 3.1 Ensure a fully-synchronized High Availability peer is configured | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | CONFIGURATION MANAGEMENT |
| 3.1.1 Ensure 'Controls when the profile can be removed' is set to 'Never' | AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.1.16 Ensure 'debug_print_plan' is disabled | CIS PostgreSQL 11 DB v1.0.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 3.2 Ensure 'High Availability' requires Link Monitoring and/or Path Monitoring | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | CONFIGURATION MANAGEMENT |
| 3.2.1.13 Ensure 'Allow installing configuration profiles' is set to 'Disabled' | AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.13 Ensure 'Allow installing configuration profiles' is set to 'Disabled' | MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.1.14 Ensure 'Allow installing configuration profiles' is set to 'Disabled' | AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.4.1 Ensure 'Allow simple value' is set to 'Disabled' | AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.4.1 Ensure 'Allow simple value' is set to 'Disabled' | MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.4.2 Ensure 'Minimum passcode length' is set to '6' or greater | AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.4.5 Ensure 'Maximum number of failed attempts' is set to '6' | AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.10.25.6 (L1) Ensure 'Turn off picture password sign-in' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| 3.11.18.3 (L1) Ensure 'Turn off heap termination on corruption' is set to 'Disabled' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| 4.1.5.12 klogin | CIS IBM AIX 7.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.5.14 login | CIS IBM AIX 7.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.5.19 rexd | CIS IBM AIX 7.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.5.25 sprayd | CIS IBM AIX 7.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.5.30 time | CIS IBM AIX 7.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.1.5 Ensure 'Interact with and share R and Python' visuals is 'Disabled' | CIS Microsoft 365 Foundations E3 L2 v3.1.0 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 9.2 Ensure 'MASTER_SSL_VERIFY_SERVER_CERT' is enabled | CIS MariaDB 10.6 Database L1 v1.1.0 | MySQLDB | CONFIGURATION MANAGEMENT |
| 18.9.28.6 (L1) Ensure 'Turn off picture password sign-in' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.95.1 (L1) Ensure 'Turn on PowerShell Script Block Logging' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 18.9.95.2 (L1) Ensure 'Turn on PowerShell Transcription' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 18.10.10.1 (L1) Ensure 'Allow Use of Camera' is set to 'Disabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.15.6 (L1) Ensure 'Limit Diagnostic Log Collection' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.49.1 (L1) Ensure 'Enable news and interests on the taskbar' is set to 'Disabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.56.3.3.4 (L1) Ensure 'Do not allow location redirection' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.71.1 (L1) Ensure 'Allow widgets' is set to 'Disabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.90.1 (L1) Ensure 'Allow clipboard sharing with Windows Sandbox' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.90.1 (L1) Ensure 'Allow clipboard sharing with Windows Sandbox' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.90.2 (L1) Ensure 'Allow networking in Windows Sandbox' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 19.7.8.5 (L1) Ensure 'Turn off Spotlight collection on Desktop' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 58.1 (L2) Ensure 'Allow Cross Device Clipboard' is set to 'Block' | CIS Microsoft Intune for Windows 10 v3.0.1 L2 | Windows | CONFIGURATION MANAGEMENT |
| 67.5 (L1) Ensure 'Limit Diagnostic Log Collection' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | CONFIGURATION MANAGEMENT |
