| 2.2.25 Ensure 'Deny log on as a batch job' to include 'Guests, Enterprise Admins Group, and Domain Admins Group' (STIG MS only) | CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.2.28 Ensure 'Deny log on as a service' to include 'Enterprise Admins Group and Domain Admins Group' (STIG MS only) | CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.2.29 Ensure 'Deny log on as a service' to include 'Enterprise Admins Group and Domain Admins Group' (STIG MS only) | CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.2.32 Ensure 'Deny log on locally' to include 'Guests, Enterprise Admins group, and Domain Admins group' (STIG MS only) | CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.6 Prevent unintended use of dvfilter network APIs | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | ACCESS CONTROL |
| 2.17.2 Ensure 'Never Allow Users to Specify Groups When Restricting Permission for Documents' is set to Enabled | CIS Microsoft Office 2016 v1.1.0 | Windows | ACCESS CONTROL |
| 2.17.5 Ensure 'Allow Users With Earlier Versions of Office to Read with Browsers....' is set to Disabled | CIS Microsoft Office 2016 v1.1.0 | Windows | ACCESS CONTROL |
| 3.1.10 Authenticate federated users at the instance level | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | ACCESS CONTROL |
| 3.1.10 Authenticate federated users at the instance level | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | ACCESS CONTROL |
| 3.1.11 Authenticate federated users at the instance level | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 DB | IBM_DB2DB | ACCESS CONTROL |
| 4.2 Ensure excessive administrative privileges are revoked | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | ACCESS CONTROL |
| 4.2.7 Ensure 'Allow Window Management permission on these sites' Is Configured | CIS Google Chrome L2 v3.0.0 | Windows | ACCESS CONTROL |
| 4.5.1.5 CDE - sgid/suid binary lockdown | CIS IBM AIX 7.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 4.5.1.10 CDE - /etc/dt/config/Xservers permissions and ownership | CIS IBM AIX 7.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 4.5.1.11 CDE - /etc/dt/config/*/Xresources permissions and ownership | CIS IBM AIX 7.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 4.5.4.4 /etc/mail/sendmail.cf - access control | CIS IBM AIX 7.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 4.42 listener.ora - 'dynamic_registration_listener_name = OFF' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | ACCESS CONTROL |
| 5.4 CIFS - 'cifs.LMCompatibilityLevel <= 3' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 6.1.3 Disable guest account login | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | ACCESS CONTROL |
| 6.1.3 Disable guest account login | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 6.1.3 Disable guest account login | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 8.1 Block system accounts, Ensure account 'bin' is locked. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
| 8.1 Block system accounts, Ensure account 'noaccess' is locked. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
| 8.1 Block system accounts, Ensure account 'uucp' is locked. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
| 8.1 Block System Accounts, should pass if the default shell for 'bin' is set to /dev/null. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
| 8.1 Block System Accounts, should pass if the default shell for 'listen' is set to /dev/null. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
| 8.1 Block System Accounts, should pass if the default shell for 'lp' is set to /dev/null. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
| 8.1 Block System Accounts, should pass if the default shell for 'noaccess' is set to /dev/null. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
| 20.37 Ensure 'Non-administrative accounts or groups only have print permissions on printer shares' | CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG DC | Windows | ACCESS CONTROL |
| 20.37 Ensure 'Non-administrative accounts or groups only have print permissions on printer shares' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 20.37 Ensure 'Non-administrative accounts or groups only have print permissions on printer shares' | CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 20.37 Ensure 'Non-administrative accounts or groups only have print permissions on printer shares' | CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
| Ensure 'TACACS+/RADIUS' is configured correctly - protocol | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | ACCESS CONTROL |
| ESXi : set-dcui-access | VMWare vSphere 6.5 Hardening Guide | VMware | ACCESS CONTROL |
| IBM i : Authority for New Objects (QCRTAUT) - '*CHANGE or *USE or *EXCLUDE' | IBM iSeries Security Reference v5r4 | AS/400 | ACCESS CONTROL |
| IBM i : Authority for New Objects (QCRTAUT) - '*CHANGE' | IBM System i Security Reference for V7R2 | AS/400 | ACCESS CONTROL |
| Network access: Allow anonymous SID/Name translation | MSCT Windows Server v1909 DC v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Allow anonymous SID/Name translation | MSCT Windows Server v20H2 DC v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Allow anonymous SID/Name translation | MSCT Windows 10 v21H2 v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Allow anonymous SID/Name translation | MSCT Windows Server 1903 DC v1.19.9 | Windows | ACCESS CONTROL |
| Network access: Allow anonymous SID/Name translation | MSCT Windows Server 1903 MS v1.19.9 | Windows | ACCESS CONTROL |
| Network access: Allow anonymous SID/Name translation | MSCT Windows Server v2004 DC v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Allow anonymous SID/Name translation | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Allow anonymous SID/Name translation | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Allow anonymous SID/Name translation | MSCT Windows 11 v23H2 v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Allow anonymous SID/Name translation | MSCT Windows 10 1809 v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Allow anonymous SID/Name translation | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
| Network access: Allow anonymous SID/Name translation | MSCT MSCT Windows Server 2022 DC v1.0.0 | Windows | ACCESS CONTROL |
| User IDs which disclose the privileges associated with it, should not be created. 'lock' | TNS IBM HTTP Server Best Practice Middleware | Unix | ACCESS CONTROL |
| User IDs which disclose the privileges associated with it, should not be created. 'nologin' | TNS IBM HTTP Server Best Practice Middleware | Unix | ACCESS CONTROL |
