| 1.1.3.10.6 Set 'Network access: Sharing and security model for local accounts' to 'Classic - local users authenticate as themselves' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 1.1.3.10.11 Configure 'Network access: Do not allow storage of passwords and credentials for network authentication' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 1.1.3.17.2 Set 'User Account Control: Detect application installations and prompt for elevation' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 1.1.3.17.6 Set 'User Account Control: Virtualize file and registry write failures to per-user locations' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 1.1.3.17.10 Set 'User Account Control: Run all administrators in Admin Approval Mode' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 3.2 Configure a Default Drop/Cleanup Rule | CIS Check Point Firewall L2 v1.1.0 | CheckPoint | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.13 Ensure VPN traffic goes through the relevant ACL | CIS Cisco ASA 9.x Firewall L2 v1.1.0 | Cisco | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT |
| 3.14 Ensure Accept RIP is not enabled | CIS Check Point Firewall L2 v1.1.0 | CheckPoint | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 9.1.1 (L1) Ensure 'Windows Firewall: Domain: Firewall state' is set to 'On (recommended)' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.8.21.2 (L1) Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.2 Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.3 (L1) Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.3 Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.4 (L1) Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.4 Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| Big Sur - Enforce Enrollment in Mobile Device Management | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | CONFIGURATION MANAGEMENT |
| Big Sur - Enforce Enrollment in Mobile Device Management | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | CONFIGURATION MANAGEMENT |
| Big Sur - Enforce Enrollment in Mobile Device Management | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | CONFIGURATION MANAGEMENT |
| Big Sur - Enforce Enrollment in Mobile Device Management | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | CONFIGURATION MANAGEMENT |
| Catalina - Enforce Enrollment in Mobile Device Management | NIST macOS Catalina v1.5.0 - 800-171 | Unix | CONFIGURATION MANAGEMENT |
| Catalina - Enforce Enrollment in Mobile Device Management | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | CONFIGURATION MANAGEMENT |
| Catalina - Enforce Enrollment in Mobile Device Management | NIST macOS Catalina v1.5.0 - All Profiles | Unix | CONFIGURATION MANAGEMENT |
| Catalina - Enforce Enrollment in Mobile Device Management | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | CONFIGURATION MANAGEMENT |
| Catalina - Enforce Enrollment in Mobile Device Management | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | CONFIGURATION MANAGEMENT |
| Catalina - Enforce Enrollment in Mobile Device Management | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | CONFIGURATION MANAGEMENT |
| EC2: DescribeAccountAttributes - 'default VPC' | Tenable AWS Best Practice Audit | amazon_aws | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| EC2: DescribeAccountAttributes - 'supported platforms' | Tenable AWS Best Practice Audit | amazon_aws | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| EC2: DescribeInstances - 'Review list of current VPCs and their platforms' | Tenable AWS Best Practice Audit | amazon_aws | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| EC2: DescribeInstances - 'Review list of current VPCs and their status' | Tenable AWS Best Practice Audit | amazon_aws | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| EC2: DescribeInstanceStatus - 'Review instances with impaired system status' | Tenable AWS Best Practice Audit | amazon_aws | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| EC2: DescribeInstanceStatus - 'Review instances with impared instance status' | Tenable AWS Best Practice Audit | amazon_aws | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| EC2: DescribeInstanceStatus - 'Review instances with insufficient-data instance status' | Tenable AWS Best Practice Audit | amazon_aws | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| EC2: DescribeInstanceStatus - 'Review instances with insufficient-data system status' | Tenable AWS Best Practice Audit | amazon_aws | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| EC2: DescribeInstanceStatus - 'Review pending instances' | Tenable AWS Best Practice Audit | amazon_aws | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| EC2: DescribeInstanceStatus - 'Review shutting down instances' | Tenable AWS Best Practice Audit | amazon_aws | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| EC2: DescribeInstanceStatus - 'Review status of instances' | Tenable AWS Best Practice Audit | amazon_aws | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| EC2: DescribeInstanceStatus - 'Review stopped instances' | Tenable AWS Best Practice Audit | amazon_aws | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| EC2: DescribeInstanceStatus - 'Review terminated instances' | Tenable AWS Best Practice Audit | amazon_aws | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| EC2: DescribeVpcs - 'Review the current VPC list' | Tenable AWS Best Practice Audit | amazon_aws | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| GEN000140 - A file integrity baseline must be created and maintained. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN000140 - A file integrity baseline must be created and maintained. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN000140-2 - A file integrity baseline including cryptographic hashes must be created and maintained - 'cryptographic hash is used ' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN005160 - Any X Windows host must write .Xauthority files. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005220 - .Xauthority or X*.hosts (or equivalent) file(s) must be used to restrict access to the X server. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| HP ProCurve - 'Secure Management VLAN is configured' | TNS HP ProCurve | HPProCurve | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| HP ProCurve - 'Secure Management VLAN is enabled' | TNS HP ProCurve | HPProCurve | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Enforce Enrollment in Mobile Device Management | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | CONFIGURATION MANAGEMENT |
| Monterey - Enforce Enrollment in Mobile Device Management | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | CONFIGURATION MANAGEMENT |
| Monterey - Enforce Enrollment in Mobile Device Management | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | CONFIGURATION MANAGEMENT |
| Monterey - Enforce Enrollment in Mobile Device Management | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | CONFIGURATION MANAGEMENT |
