| 2.2.18 Ensure 'Deny log on locally' to include 'Guests' | CIS Microsoft Windows Server 2022 Stand-alone v2.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.19 (L1) Ensure 'Deny log on locally' to include 'Guests' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.19 (L1) Ensure 'Deny log on locally' to include 'Guests' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.19 (L1) Ensure 'Deny log on locally' to include 'Guests' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.19 (L1) Ensure 'Deny log on locally' to include 'Guests' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.19 (L1) Ensure 'Deny log on locally' to include 'Guests' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.19 (L1) Ensure 'Deny log on locally' to include 'Guests' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL |
| 2.2.19 Ensure 'Deny log on locally' to include 'Guests' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL |
| 2.2.19 Ensure 'Deny log on locally' to include 'Guests' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.19 Ensure 'Deny log on locally' to include 'Guests' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.23 (L1) Ensure 'Deny log on locally' to include 'Guests' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | ACCESS CONTROL |
| 2.2.23 (L1) Ensure 'Deny log on locally' to include 'Guests' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | ACCESS CONTROL |
| 2.2.23 (L1) Ensure 'Deny log on locally' to include 'Guests' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.2.23 (L1) Ensure 'Deny log on locally' to include 'Guests' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.2.23 (L1) Ensure 'Deny log on locally' to include 'Guests' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.2.24 (L1) Ensure 'Deny log on locally' to include 'Guests' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.2.24 (L1) Ensure 'Deny log on locally' to include 'Guests' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.2.24 (L1) Ensure 'Deny log on locally' to include 'Guests' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.2.24 (L1) Ensure 'Deny log on locally' to include 'Guests' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.2.24 Ensure 'Deny log on locally' to include 'Guests' | CIS Microsoft Windows Server 2022 v5.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.25 (L1) Ensure 'Deny log on locally' to include 'Guests' | CIS Microsoft Windows Server 2016 v4.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.4 Configure TCP Wrappers - Deny access to this server from all networks | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4 Configure TCP Wrappers - Make sure that /etc/hosts.deny does exist. | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
| 2.11.8.7.2.1.6 (L1) Ensure 'Word 6.0 binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.11.8.7.2.1.6 Ensure 'Word 6.0 binary documents and templates' is set to 'Enabled: Open/Save blocked, use open policy' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 3.3 Enable Stack Protection - Makes sure 'noexec_user_stack_log' is set to 1 in /etc/system. Note: Only applicable if NX bit is set. | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Enable Stack Protection - Makes sure 'noexec_user_stack' is set to 1 in /etc/system. Note: Only applicable if NX bit is set. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.11 Ensure 'encryption providers' are locked down | CIS IIS 8.0 v1.5.1 Level 2 | Windows | ACCESS CONTROL |
| 6.12 Set EEPROM Security Mode and Log Failed Access - SPARC only. Should *not* be 'security-mode=none'. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 89.14 (L1) Ensure 'Deny Local Log On' to include 'Guests' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 89.14 (L1) Ensure 'Deny Local Log On' to include 'Guests' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| CIS Security Benchmark For Microsoft IIS 7.0/7.5 v1.8.0 Level I. | CIS IIS 7 L1 v1.8.0 | Windows | |
| CIS Security Benchmark For Microsoft IIS 7.0/7.5 v1.8.0 Level II. | CIS IIS 7 L2 v1.8.0 | Windows | |
| CIS_MS_IIS_10_v1.2.1_Level_1.audit from CIS Microsoft IIS 10 Benchmark v1.2.1 | CIS IIS 10 v1.2.1 Level 1 | Windows | |
| CIS_MS_IIS_10_v1.2.1_Level_2.audit from CIS Microsoft IIS 10 Benchmark v1.2.1 | CIS IIS 10 v1.2.1 Level 2 | Windows | |
| DKER-EE-001800 - The insecure registry capability in the Docker Engine - Enterprise component of Docker Enterprise must be disabled. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-001810 - On Linux, a non-AUFS storage driver in the Docker Engine - Enterprise component of Docker Enterprise must be used. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-001830 - The userland proxy capability in the Docker Engine - Enterprise component of Docker Enterprise must be disabled. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-001840 - Experimental features in the Docker Engine - Enterprise component of Docker Enterprise must be disabled. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-001870 - The Docker Enterprise self-signed certificates in Universal Control Plane (UCP) must be replaced with DoD trusted, signed certificates. | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-001880 - The Docker Enterprise self-signed certificates in Docker Trusted Registry (DTR) must be replaced with DoD trusted, signed certificates. | DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-001890 - The option in Universal Control Plane (UCP) allowing users and administrators to schedule containers on all nodes, including UCP managers and Docker Trusted Registry (DTR) nodes must be disabled in Docker Enterprise. | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-001900 - The Create repository on push option in Docker Trusted Registry (DTR) must be disabled in Docker Enterprise. | DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-001910 - Periodic data usage and analytics reporting in Universal Control Plane (UCP) must be disabled in Docker Enterprise. | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-001920 - Periodic data usage and analytics reporting in Docker Trusted Registry (DTR) must be disabled in Docker Enterprise. | DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2 | Unix | CONFIGURATION MANAGEMENT |
| ESXi : disable-mob | VMWare vSphere 6.5 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| PPS9-00-007700 - The EDB Postgres Advanced Server must utilize centralized management of the content captured in audit records generated by all components of the EDB Postgres Advanced Server. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-007800 - The EDB Postgres Advanced Server must provide centralized configuration of the content to be captured in audit records generated by all components of the EDB Postgres Advanced Server. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| WA000-WI035 - The IISADMPWD directory has not been removed from the Web Server - permissions | DISA STIG IIS 6.0 Server v6r16 | Windows | |
| WA000-WI035 - The IISADMPWD directory has not been removed from the Web Server. | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
