| 1.2 Verify Image Profile and VIB Acceptance Levels | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | |
| 1.2.1 Ensure 'Permitted IP Addresses' is set to those necessary for device management | CIS Palo Alto Firewall 11 v1.2.0 L1 | Palo_Alto | ACCESS CONTROL |
| 1.3.4 Ensure 'Minimum Lowercase Letters' is greater than or equal to 1 | CIS Palo Alto Firewall 11 v1.2.0 L1 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| 1.3.8 Ensure 'New Password Differs By Characters' is greater than or equal to 3 | CIS Palo Alto Firewall 11 v1.2.0 L1 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| 1.4.2 Ensure 'Failed Attempts' and 'Lockout Time' for Authentication Profile are properly configured | CIS Palo Alto Firewall 11 v1.2.0 L1 | Palo_Alto | ACCESS CONTROL |
| 1.6.3 Ensure that the Certificate Securing Remote Access VPNs is Valid | CIS Palo Alto Firewall 11 v1.2.0 L2 | Palo_Alto | CONFIGURATION MANAGEMENT |
| 2.3.2 Secure screen saver corners - bottom left corner | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | ACCESS CONTROL |
| 2.5 Ensure that the User-ID Agent has minimal permissions if User-ID is enabled | CIS Palo Alto Firewall 11 v1.2.0 L1 | Palo_Alto | ACCESS CONTROL |
| 2.5.2 Disable sleeping the computer when connected to power | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | ACCESS CONTROL |
| 2.6 Prevent unintended use of dvfilter network APIs | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | ACCESS CONTROL |
| 2.6.6 Enable Location Services | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.6.7 Monitor Location Services Access | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | |
| 2.7.2 iCloud keychain | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | |
| 3.1 Ensure a fully-synchronized High Availability peer is configured | CIS Palo Alto Firewall 11 v1.2.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 3.2 Ensure 'High Availability' requires Link Monitoring and/or Path Monitoring | CIS Palo Alto Firewall 11 v1.2.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 4.3 Create network specific locations | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | |
| 4.4 Ensure http server is not running | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.1 Ensure that WildFire file size upload limits are maximized | CIS Palo Alto Firewall 11 v1.2.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 5.2 Ensure a WildFire Analysis profile is enabled for all security policies | CIS Palo Alto Firewall 11 v1.2.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 5.4 Automatically lock the login keychain for inactivity | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4 Limit CIM Access | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | |
| 5.6 Remove keys from SSH authorized_keys file | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 5.7 Do not enable the 'root' account | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
| 5.8 Disable automatic login | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
| 5.9 Require a password to wake the computer from sleep or screen saver | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
| 5.9 Set DCUI.Access to allow trusted users to override lockdown mode | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | ACCESS CONTROL |
| 5.13 Create a Login window banner | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | ACCESS CONTROL |
| 5.17 Create specialized keychains for different purposes | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | |
| 6.2 Ensure a secure antivirus profile is applied to all relevant security policies | CIS Palo Alto Firewall 11 v1.2.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 6.2 Ensure uniqueness of CHAP authentication secrets | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | |
| 6.4 Safari disable Internet Plugins for global use | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.5.9 (L1) Host SSH daemon, if enabled, must disable stream local forwarding | CIS VMware ESXi 8.0 v1.2.0 L1 Unix | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 6.5.11 (L1) Host SSH daemon, if enabled, must not permit tunnels | CIS VMware ESXi 8.0 v1.2.0 L1 Unix | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 6.8 Ensure that PAN-DB URL Filtering is used | CIS Palo Alto Firewall 11 v1.2.0 L1 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.9 Ensure that URL Filtering uses the action of 'block' or 'override' on the URL categories | CIS Palo Alto Firewall 11 v1.2.0 L1 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.14 Ensure a secure Data Filtering profile is applied to all security policies allowing traffic to or from the Internet | CIS Palo Alto Firewall 11 v1.2.0 L1 | Palo_Alto | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1 Ensure 'SSL Forward Proxy Policy' for traffic destined to the Internet is configured | CIS Palo Alto Firewall 11 v1.2.0 L1 | Palo_Alto | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.2.4 Disconnect unauthorized devices - Serial Devices | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.3.2 Minimize use of the VM console | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | |
| 8.4.1 Control access to VMs through the dvfilter network APIs | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | ACCESS CONTROL |
| 8.4.11 Disable Unity Push Update | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.13 Disable Drag and Drop Version Set | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.16 Disable Trash Folder State | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.18 Disable Unity | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.21 Disable Host Guest File System Server | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.26 Disable VM Console GUI Options | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.28 Control access to VM console via VNC protocol | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 8.6.2 Disable virtual disk shrinking | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 8.6.3 Disable virtual disk wiping | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 8.7.2 Limit number of VM log files | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | AUDIT AND ACCOUNTABILITY |
