| 1.1 (L1) Ensure 'Open 'safe' files after downloading' is 'Disabled' | CIS MacOS Safari v2.0.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | AirWatch - CIS Apple iOS 10 v2.0.0 End User Owned L1 | MDM | |
| 2.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | AirWatch - CIS Apple iOS 12 v1.0.0 End User Owned L1 | MDM | |
| 2.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | AirWatch - CIS Apple iOS 11 v1.0.0 End User Owned L1 | MDM | |
| 2.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | MobileIron - CIS Apple iOS 11 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | MobileIron - CIS Apple iOS 12 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | MobileIron - CIS Apple iOS 10 v2.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | MobileIron - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | AirWatch - CIS Apple iOS 10 v2.0.0 End User Owned L1 | MDM | |
| 2.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | AirWatch - CIS Apple iOS 11 v1.0.0 End User Owned L1 | MDM | |
| 2.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | MobileIron - CIS Apple iOS 11 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | MobileIron - CIS Apple iOS 10 v2.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | MobileIron - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | AirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or `From current website only` | AirWatch - CIS Apple iOS 12 v1.0.0 End User Owned L1 | MDM | |
| 2.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or `From current website only` | MobileIron - CIS Apple iOS 12 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or `From current website only` | MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | AirWatch - CIS Apple iOS 10 v2.0.0 Institution Owned L1 | MDM | |
| 3.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | |
| 3.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | AirWatch - CIS Apple iOS 12 v1.0.0 Institution Owned L1 | MDM | |
| 3.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | MobileIron - CIS Apple iOS 10 v2.0.0 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | MobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | MobileIron - CIS Apple iOS 12 v1.0.0 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.2.1 Ensure 'Force fraud warning' is set to 'Enabled' | MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | AirWatch - CIS Apple iOS 10 v2.0.0 Institution Owned L1 | MDM | |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | MobileIron - CIS Apple iOS 10 v2.0.0 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | MobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or `From current website only` | AirWatch - CIS Apple iOS 12 v1.0.0 Institution Owned L1 | MDM | |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or `From current website only` | MobileIron - CIS Apple iOS 12 v1.0.0 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or `From current website only` | AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or `From current website only` | MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 6.1 (L1) Ensure 'Warn when visiting a fraudulent website' is 'Enabled' | CIS MacOS Safari v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.11 Ensure no users have .forward files | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.11 Ensure no users have .forward files | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.11 Ensure no users have .forward files | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.11 Ensure no users have .forward files | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.11 Ensure no users have .forward files | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.3 (L2) Ensure 'Block pop-up windows' is 'Enabled' (Scored) | CIS MacOS Safari v2.0.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 10.1 (L1) Ensure 'Show full website address' is 'Enabled' | CIS MacOS Safari v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 11.1 (L1) Ensure 'Show Status Bar' is not 'Hidden' | CIS MacOS Safari v2.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 18.8.22.1.6 Ensure 'Turn off Internet File Association service' is set to 'Enabled' | CIS Windows 7 Workstation Level 2 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.22.1.6 Ensure 'Turn off Internet File Association service' is set to 'Enabled' | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.85.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled' | CIS Windows 7 Workstation Level 2 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.85.3 Ensure 'Prevent Internet Explorer security prompt for Windows Installer scripts' is set to 'Disabled' | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| Turn off Internet download for Web publishing and online ordering wizards | MSCT Windows 10 v2004 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Turn off Internet download for Web publishing and online ordering wizards | MSCT Windows 10 v20H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
