Skip to content

Audit Report API

The Audit Report API provide information related to your compliance posture across various compliance standards. The filters available through the API enable you to view your status across different cloud accounts and for different benchmarks (list below)

    GET https://<CLOUDNEETI API DOMAIN>/audit/license/<LICENSE ID>/account/<ACCOUNT ID>/job/<JOB ID>/benchmark/<BENCHMARK ID>/summary
Environment Values for Cloudneeti API domain
PROD api.cloudneeti.com
TRIAL trialapi.cloudneeti.com

URI Parameters

Parameter Description Required/Optional
LICENSE ID Cloudneeti license id​ Required
ACCOUNT ID Cloud account id​ Required
JOB ID Cloud account scan job id Required
BENCHMARK ID Benchmark id​ Required

Authorization

Type Description Required/Optional
Bearer Token Account Token Required
Key Value
Ocp-Apim-Subscription-Key Cloudneeti API key generated

Response

Name Type Description
result Object Cloudneeti cloud account audit report
statusCode Integer Cloudneeti API response status code
message String Response describing operation result as success or failed.

Sample Report


    [
        {
    "BenchmarkName":  "Cloud Security Best Practices",
    "BenchmarkId":  "CSBP",
    "AccountId":  "########-####-####-####-"############",
    "LicenseId":  "########-####-####--####-############",
    "LicenseName":  "License Name",
    "AccountName":  "Azure",
    "ConnectorType":  "Azure",
    "SubscriptionId":  "########-####-####-####-############",
    "AWSAccountId":  null,
    "JobId":  "########-####-####-####-############",
    "ResourceCategories":  [
                               {
                                   "CategoryName":  "Azure - Business continuity and DR",
                                   "ControlCategoryOrder":  1,
                                   "CategoryId":  "AZ_CSBP_Azure_Business_continuity_DR",
                                   "Total":  7,
                                   "Green":  0,
                                   "Red":  2,
                                   "Amber":  0,
                                   "Gray":  5,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "VMConfiguredBackup",
                                                        "ShortTitle":  "Ensure that backup feature is configured for Virtual Machines",
                                                        "ServiceName":  "VirtualMachines",
                                                        "ComplianceNumber":  "1000.1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "SLAVM",
                                                        "ShortTitle":  "Ensure that sufficient capacity is available for Virtual Machines (SLA)",
                                                        "ServiceName":  "VirtualMachines",
                                                        "ComplianceNumber":  "1000.7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "BackupVaultHasPolicy",
                                                        "ShortTitle":  "Ensure that backup policy is associated with every Backup Vault",
                                                        "ServiceName":  "BackupVaultService",
                                                        "ComplianceNumber":  "1000.6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "AppServiceBackupConfigured",
                                                        "ShortTitle":  "Ensure that Backup feature is configured for App Service deployed on Standard and above App Service Plan",
                                                        "ServiceName":  "AppServiceStandardAsp",
                                                        "ComplianceNumber":  "1000.10",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "APIAppBackupConfigured",
                                                        "ShortTitle":  "Ensure that Backup feature is configured for API Apps deployed on Standard and above App Service Plan",
                                                        "ServiceName":  "ApiAppServiceStandardAsp",
                                                        "ComplianceNumber":  "1000.11",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "FuncAppBackupConfigured",
                                                        "ShortTitle":  "Ensure that Backup feature is configured for Function Apps deployed on Standard and above App Service Plan",
                                                        "ServiceName":  "FunctionAppServiceStandardAsp",
                                                        "ComplianceNumber":  "1000.12",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "MobileAppBackupConfigured",
                                                        "ShortTitle":  "Ensure that Backup feature is configured for Mobile Apps deployed on Standard and above App Service Plan",
                                                        "ServiceName":  "MobileAppServiceStandardAsp",
                                                        "ComplianceNumber":  "1000.13",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Azure - Compute (IaaS)",
                                   "ControlCategoryOrder":  2,
                                   "CategoryId":  "AZ_CSBP_Azure_Compute_(IaaS)",
                                   "Total":  23,
                                   "Green":  2,
                                   "Red":  11,
                                   "Amber":  0,
                                   "Gray":  10,
                                   "CompliancePercent":  15.3846159,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "EnableVulnerabilityScanningId",
                                                        "ShortTitle":  "Ensure that Vulnerability Assessment solutions is installed on the Virtual Machines",
                                                        "ServiceName":  "VirtualMachines",
                                                        "ComplianceNumber":  "1100.1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "AntiVirusInstalledId",
                                                        "ShortTitle":  "Ensure that Endpoint Protection is installed on the Virtual Machines",
                                                        "ServiceName":  "VirtualMachines",
                                                        "ComplianceNumber":  "1100.2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "EnsureLatestPatchesVMId",
                                                        "ShortTitle":  "Ensure that latest OS patches are applied to all Virtual Machines",
                                                        "ServiceName":  "VirtualMachines",
                                                        "ComplianceNumber":  "1100.3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "EnforceDiskEncryptionVMId",
                                                        "ShortTitle":  "Ensure that Disk Encryption policy is enforced on the Virtual Machines",
                                                        "ServiceName":  "VirtualMachines",
                                                        "ComplianceNumber":  "1100.4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "EnforceOSDiskEncryptionVMId",
                                                        "ShortTitle":  "Ensure that operating system disks are encrypted for Windows Virtual Machines",
                                                        "ServiceName":  "WindowsVirtualMachines",
                                                        "ComplianceNumber":  "1100.5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "AllVMAgentInstalledId",
                                                        "ShortTitle":  "Ensure that VM agent is installed on Virtual Machines",
                                                        "ServiceName":  "VirtualMachines",
                                                        "ComplianceNumber":  "1100.7",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "AntiVirusEnableId",
                                                        "ShortTitle":  "Ensure that Antivirus is enabled for??Virtual Machines",
                                                        "ServiceName":  "VirtualMachines",
                                                        "ComplianceNumber":  "1100.9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "AntiVirusAutoupdatesId",
                                                        "ShortTitle":  "Ensure that auto update for Antivirus software is enabled on the Virtual Machines",
                                                        "ServiceName":  "VirtualMachines",
                                                        "ComplianceNumber":  "1100.10",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "AntiVirusLastScanDateId",
                                                        "ShortTitle":  "Ensure that real time protection is set to ON inside the Windows Virtual Machine",
                                                        "ServiceName":  "WindowsVirtualMachines",
                                                        "ComplianceNumber":  "1100.11",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "VmDiagnosticId",
                                                        "ShortTitle":  "Ensure that diagnostics is enabled on Virtual Machine",
                                                        "ServiceName":  "VirtualMachines",
                                                        "ComplianceNumber":  "1100.13",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "WindowsVMandLogAnalyticsLink",
                                                        "ShortTitle":  "Ensure that Log Analytics VM extension is enabled for Windows Virtual Machines",
                                                        "ServiceName":  "WindowsVirtualMachines",
                                                        "ComplianceNumber":  "1100.20",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Green"
                                                    },
                                                    {
                                                        "PolicyId":  "VMDomainJoined",
                                                        "ShortTitle":  "Ensure that Windows Virtual Machines are always AD Domain joined",
                                                        "ServiceName":  "VirtualMachines",
                                                        "ComplianceNumber":  "1100.21",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "VMSecurityCenterHealthRuleId",
                                                        "ShortTitle":  "Ensure than ASC showing healthy state for Virtual Machine",
                                                        "ServiceName":  "VirtualMachines",
                                                        "ComplianceNumber":  "1100.23",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "EnforceDataDiskEncryptionVMId",
                                                        "ShortTitle":  "Ensure that data disks are encrypted for Windows Virtual Machines",
                                                        "ServiceName":  "WindowsVirtualMachines",
                                                        "ComplianceNumber":  "1100.6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "ServiceFabricClusterVMId",
                                                        "ShortTitle":  "Ensure that Service Fabric cluster consists more than one VM",
                                                        "ServiceName":  "FabricClusterService",
                                                        "ComplianceNumber":  "1100.14",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SFCCertificateSecurityId",
                                                        "ShortTitle":  "Ensure that Certificate security is enabled on the Service Fabric cluster",
                                                        "ServiceName":  "FabricClusterService",
                                                        "ComplianceNumber":  "1100.15",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SFCUpgradeModeId",
                                                        "ShortTitle":  "Ensure that update mode is set to automatic for Service Fabric cluster",
                                                        "ServiceName":  "FabricClusterService",
                                                        "ComplianceNumber":  "1100.16",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SFCVMlogStorageEnabledId",
                                                        "ShortTitle":  "Ensure that log analytics storage is enabled for Service Fabric cluster",
                                                        "ServiceName":  "FabricClusterService",
                                                        "ComplianceNumber":  "1100.17",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SFCAADSecurityId",
                                                        "ShortTitle":  "Ensure that Azure AD security is configured for Service Fabric cluster",
                                                        "ServiceName":  "FabricClusterService",
                                                        "ComplianceNumber":  "1100.18",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "AzureDiskEncryptionId",
                                                        "ShortTitle":  "Ensure that \u0027Unattached disks\u0027 are encrypted",
                                                        "ServiceName":  "AzureDiskService",
                                                        "ComplianceNumber":  "1100.22",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "LinuxVMandLogAnalyticsLink",
                                                        "ShortTitle":  "Ensure that Log Analytics VM extension is enabled for Linux Virtual Machines",
                                                        "ServiceName":  "LinuxVirtualMachines",
                                                        "ComplianceNumber":  "1100.24",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "EnforceOSDiskEncryptionLinuxVMId",
                                                        "ShortTitle":  "Ensure that operating system disks are encrypted for Linux Virtual Machines",
                                                        "ServiceName":  "LinuxVirtualMachines",
                                                        "ComplianceNumber":  "1100.25",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "EnforceDataDiskEncryptionLinuxVM",
                                                        "ShortTitle":  "Ensure that data disks are encrypted for Linux Virtual Machines",
                                                        "ServiceName":  "LinuxVirtualMachines",
                                                        "ComplianceNumber":  "1100.26",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Azure - Compute (PaaS and Serverless)",
                                   "ControlCategoryOrder":  3,
                                   "CategoryId":  "AZ_CSBP_Azure_Compute_(PaaS_Serverless)",
                                   "Total":  55,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  55,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "Http20EnabledMobileApp",
                                                        "ShortTitle":  "Ensure HTTP/2 is enabled for an App Service Mobile Apps",
                                                        "ServiceName":  "MobileAppService",
                                                        "ComplianceNumber":  "1200.1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "AppServiceAlwaysOn",
                                                        "ShortTitle":  "Ensure that \u0027Always On\u0027 is enabled for App Services deployed on Basic and above App Service Plan",
                                                        "ServiceName":  "AppServiceBasicAsp",
                                                        "ComplianceNumber":  "1200.2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "APIAppAlwaysOn",
                                                        "ShortTitle":  "Ensure that \u0027Always On\u0027 is enabled for Api Apps deployed on Basic and above App Service Plan",
                                                        "ServiceName":  "ApiAppServiceBasicAsp",
                                                        "ComplianceNumber":  "1200.3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "MobileAppAlwaysOn",
                                                        "ShortTitle":  "Ensure that \u0027Always On\u0027 is enabled for Mobile Apps deployed on Basic and above App Service Plan",
                                                        "ServiceName":  "MobileAppServiceBasicAsp",
                                                        "ComplianceNumber":  "1200.4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "FunctionAppAlwaysOn",
                                                        "ShortTitle":  "Ensure that \u0027Always On\u0027 is enabled for Function Apps deployed on Basic and above App Service Plan",
                                                        "ServiceName":  "FunctionAppServiceBasicAsp",
                                                        "ComplianceNumber":  "1200.5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "AppServiceAutoHeal",
                                                        "ShortTitle":  "Ensure that \u0027Auto Heal\u0027 is enabled for App Services",
                                                        "ServiceName":  "AppService",
                                                        "ComplianceNumber":  "1200.6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "MobileAppAutoHeal",
                                                        "ShortTitle":  "Ensure that \u0027Auto Heal\u0027 is enabled for Mobile Apps",
                                                        "ServiceName":  "MobileAppService",
                                                        "ComplianceNumber":  "1200.7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "APIAppAutoHeal",
                                                        "ShortTitle":  "Ensure that \u0027Auto Heal\u0027 is enabled for Api Apps",
                                                        "ServiceName":  "ApiAppService",
                                                        "ComplianceNumber":  "1200.8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "FunctionAppAutoHeal",
                                                        "ShortTitle":  "Ensure that \u0027Auto Heal\u0027 is enabled for Function Apps",
                                                        "ServiceName":  "FunctionAppService",
                                                        "ComplianceNumber":  "1200.9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "AppServiceMSI",
                                                        "ShortTitle":  "Ensure that Register with Azure Active Directory is enabled on App Service",
                                                        "ServiceName":  "AppService",
                                                        "ComplianceNumber":  "1200.10",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "MobileAppMSI",
                                                        "ShortTitle":  "Ensure that Managed Service Identity (MSI) is enabled for Mobile Apps",
                                                        "ServiceName":  "MobileAppService",
                                                        "ComplianceNumber":  "1200.11",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "FunctionAppMSI",
                                                        "ShortTitle":  "Ensure that Managed Service Identity (MSI) is enabled for Function Apps",
                                                        "ServiceName":  "FunctionAppService",
                                                        "ComplianceNumber":  "1200.12",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "APIAppMSI",
                                                        "ShortTitle":  "Ensure that Managed Service Identity (MSI) is enabled for Api Apps",
                                                        "ServiceName":  "ApiAppService",
                                                        "ComplianceNumber":  "1200.13",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "AppServiceWebSocket",
                                                        "ShortTitle":  "Ensure Web Sockets are disabled for App Services",
                                                        "ServiceName":  "AppService",
                                                        "ComplianceNumber":  "1200.14",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "MobileAppWebSocket",
                                                        "ShortTitle":  "Ensure Web Sockets are disabled for Mobile Apps",
                                                        "ServiceName":  "MobileAppService",
                                                        "ComplianceNumber":  "1200.15",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "APIAppWebSocket",
                                                        "ShortTitle":  "Ensure Web Sockets are disabled for API Apps",
                                                        "ServiceName":  "ApiAppService",
                                                        "ComplianceNumber":  "1200.16",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "FuncAppWebSocket",
                                                        "ShortTitle":  "Ensure Web Sockets are disabled for Function Apps",
                                                        "ServiceName":  "FunctionAppService",
                                                        "ComplianceNumber":  "1200.17",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "WebsiteLoadCertificatesWebApp",
                                                        "ShortTitle":  "Ensure that WEBSITE_LOAD_CERTIFICATES parameter is not set to \u0027\u0027 for Web Apps",
                                                        "ServiceName":  "AppService",
                                                        "ComplianceNumber":  "1200.18",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "WebsiteLoadCertificatesMobApp",
                                                        "ShortTitle":  "Ensure that WEBSITE_LOAD_CERTIFICATES parameter is not set to \u0027\u0027 for Mobile Apps",
                                                        "ServiceName":  "MobileAppService",
                                                        "ComplianceNumber":  "1200.19",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "WebsiteLoadCertificatesAPIApp",
                                                        "ShortTitle":  "Ensure that WEBSITE_LOAD_CERTIFICATES parameter is not set to \u0027\u0027 for API Apps",
                                                        "ServiceName":  "ApiAppService",
                                                        "ComplianceNumber":  "1200.20",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "FuncAppRemoteDebugRule",
                                                        "ShortTitle":  "Ensure that remote debugging is turned off for Function App",
                                                        "ServiceName":  "FunctionAppService",
                                                        "ComplianceNumber":  "1200.21",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "FunctionAppIPConfig",
                                                        "ShortTitle":  "Ensure that IP restrictions rules are configured for Function Apps",
                                                        "ServiceName":  "FunctionAppService",
                                                        "ComplianceNumber":  "1200.22",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "AppServiceIPConfig",
                                                        "ShortTitle":  "Ensure that IP restrictions rules are configured for App Service",
                                                        "ServiceName":  "AppService",
                                                        "ComplianceNumber":  "1200.23",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "AppServiceCustomDomain",
                                                        "ShortTitle":  "Ensure that Custom Domains are configured in App Service",
                                                        "ServiceName":  "AppService",
                                                        "ComplianceNumber":  "1200.24",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "FunctionAppCustomDomain",
                                                        "ShortTitle":  "Ensure that Custom Domains are configured in Function App",
                                                        "ServiceName":  "FunctionAppService",
                                                        "ComplianceNumber":  "1200.25",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "MobileAppCORS",
                                                        "ShortTitle":  "Ensure that CORS should not allow every resource to access Mobile Apps",
                                                        "ServiceName":  "MobileAppService",
                                                        "ComplianceNumber":  "1200.26",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "MobileAppCustomDomain",
                                                        "ShortTitle":  "Ensure that Custom Domains are configured in Mobile App",
                                                        "ServiceName":  "MobileAppService",
                                                        "ComplianceNumber":  "1200.30",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "APIAppCustomDomain",
                                                        "ShortTitle":  "Ensure that Custom Domains are configured in API App",
                                                        "ServiceName":  "ApiAppService",
                                                        "ComplianceNumber":  "1200.31",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "MobileAppIPConfig",
                                                        "ShortTitle":  "Ensure that IP restrictions rules are configured for Mobile Apps",
                                                        "ServiceName":  "MobileAppService",
                                                        "ComplianceNumber":  "1200.32",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "APIAppIPConfig",
                                                        "ShortTitle":  "Ensure that IP restrictions rules are configured for API Apps",
                                                        "ServiceName":  "ApiAppService",
                                                        "ComplianceNumber":  "1200.33",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "WebsiteLoadCertificatesFuncApp",
                                                        "ShortTitle":  "Ensure that WEBSITE_LOAD_CERTIFICATES parameter is not set to \u0027\u0027 for Function Apps",
                                                        "ServiceName":  "FunctionAppService",
                                                        "ComplianceNumber":  "1200.39",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "FunctionAppCORS",
                                                        "ShortTitle":  "Ensure that CORS should not allow every resource to access Function Apps",
                                                        "ServiceName":  "FunctionAppService",
                                                        "ComplianceNumber":  "1200.40",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "AppServiceCORS",
                                                        "ShortTitle":  "Ensure that CORS should not allow every resource to access Web Apps",
                                                        "ServiceName":  "AppService",
                                                        "ComplianceNumber":  "1200.41",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "APIAppCORS",
                                                        "ShortTitle":  "Ensure that CORS should not allow every resource to access API Apps",
                                                        "ServiceName":  "ApiAppService",
                                                        "ComplianceNumber":  "1200.42",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "AppServiceOverHttps",
                                                        "ShortTitle":  "Ensure web app redirects all HTTP traffic to HTTPS in Azure App Service",
                                                        "ServiceName":  "AppService",
                                                        "ComplianceNumber":  "1200.43",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "FuncAppHttpsEnabled",
                                                        "ShortTitle":  "Ensure that HTTPS Only is enabled for Function Apps",
                                                        "ServiceName":  "FunctionAppService",
                                                        "ComplianceNumber":  "1200.44",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "APIAppHttpsEnabled",
                                                        "ShortTitle":  "Ensure that HTTPS Only is enabled for API App Services",
                                                        "ServiceName":  "ApiAppService",
                                                        "ComplianceNumber":  "1200.45",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "MobileAppHttpsEnabled",
                                                        "ShortTitle":  "Ensure that HTTPS Only is enabled for Mobile App Services",
                                                        "ServiceName":  "MobileAppService",
                                                        "ComplianceNumber":  "1200.46",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "AppServiceRemoteDebugging",
                                                        "ShortTitle":  "Ensure that remote debugging is turned off for App Service",
                                                        "ServiceName":  "AppService",
                                                        "ComplianceNumber":  "1200.47",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "FunctionAppServiceAuth",
                                                        "ShortTitle":  "Ensure that \u0027App Service Authentication\u0027 is enabled for Function Apps",
                                                        "ServiceName":  "FunctionAppService",
                                                        "ComplianceNumber":  "1200.48",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "APIAppServiceAuth",
                                                        "ShortTitle":  "Ensure that \u0027App Service Authentication\u0027 is enabled for API Apps",
                                                        "ServiceName":  "ApiAppService",
                                                        "ComplianceNumber":  "1200.49",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "MobileAppServiceAuth",
                                                        "ShortTitle":  "Ensure that \u0027App Service Authentication\u0027 is enabled for Mobile Apps",
                                                        "ServiceName":  "MobileAppService",
                                                        "ComplianceNumber":  "1200.50",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "AppServiceAuth",
                                                        "ShortTitle":  "Ensure that \u0027App Service Authentication\u0027 is enabled for Web apps",
                                                        "ServiceName":  "AppService",
                                                        "ComplianceNumber":  "1200.51",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "MobileAppRemoteDebugging",
                                                        "ShortTitle":  "Ensure that remote debugging is turned off for Mobile App",
                                                        "ServiceName":  "MobileAppService",
                                                        "ComplianceNumber":  "1200.52",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "APIAppRemoteDebugging",
                                                        "ShortTitle":  "Ensure that remote debugging is turned off for API App",
                                                        "ServiceName":  "ApiAppService",
                                                        "ComplianceNumber":  "1200.53",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "APIAppAvailabilityWebTest",
                                                        "ShortTitle":  "Ensure that \u0027Availability Web Tests\u0027 are configured for API Apps",
                                                        "ServiceName":  "ApiAppService",
                                                        "ComplianceNumber":  "1200.57",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "MobileAppAvailabilityWebTest",
                                                        "ShortTitle":  "Ensure that \u0027Availability Web Tests\u0027 are configured for Mobile Apps",
                                                        "ServiceName":  "MobileAppService",
                                                        "ComplianceNumber":  "1200.58",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "FuncAppAvailabilityWebTest",
                                                        "ShortTitle":  "Ensure that \u0027Availability Web Tests\u0027 are configured for Function Apps",
                                                        "ServiceName":  "FunctionAppService",
                                                        "ComplianceNumber":  "1200.59",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "MobileAppInsights",
                                                        "ShortTitle":  "Ensure that \u0027App Insights\u0027 are configured for Azure Mobile Apps",
                                                        "ServiceName":  "MobileAppService",
                                                        "ComplianceNumber":  "1200.60",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "FuncAppInsights",
                                                        "ShortTitle":  "Ensure that \u0027App Insights\u0027 are configured for Azure Function Apps",
                                                        "ServiceName":  "FunctionAppService",
                                                        "ComplianceNumber":  "1200.61",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "APIAppInsights",
                                                        "ShortTitle":  "Ensure that \u0027App Insights\u0027 are configured for Azure API Apps",
                                                        "ServiceName":  "ApiAppService",
                                                        "ComplianceNumber":  "1200.62",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "AppServiceClientCertificate",
                                                        "ShortTitle":  "Ensure web app has \u0027Client Certificates (Incoming client certificates)\u0027 set to \u0027On\u0027",
                                                        "ServiceName":  "AppService",
                                                        "ComplianceNumber":  "1200.64",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "HTTP20Enabled",
                                                        "ShortTitle":  "Ensure that \u0027HTTP Version\u0027 is the latest, if used to run the web app",
                                                        "ServiceName":  "AppService",
                                                        "ComplianceNumber":  "1200.67",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "Http20EnabledFunctionApp",
                                                        "ShortTitle":  "Ensure HTTP/2 is enabled for an App Service Function Apps",
                                                        "ServiceName":  "FunctionAppService",
                                                        "ComplianceNumber":  "1200.68",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "Http20EnabledAPIApp",
                                                        "ShortTitle":  "Ensure HTTP/2 is enabled for an App Service API Apps",
                                                        "ServiceName":  "ApiAppService",
                                                        "ComplianceNumber":  "1200.69",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Azure - Data Analytics",
                                   "ControlCategoryOrder":  4,
                                   "CategoryId":  "AZ_CSBP_Azure_Data_Analytics",
                                   "Total":  6,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  6,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "HDInsightADDomainJoinedId",
                                                        "ShortTitle":  "Ensure that HDInsight Cluster is AD Domain joined",
                                                        "ServiceName":  "HDInsightADDomainJoinedService",
                                                        "ComplianceNumber":  "1300.1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "HDInsightNSGAllowInboundTrafficId",
                                                        "ShortTitle":  "Ensure that NSG always allows traffic from the specific IP addresses for HDInsight Cluster",
                                                        "ServiceName":  "HDInsightADDomainJoinedService",
                                                        "ComplianceNumber":  "1300.3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "HDNSGAllowInboundTrafficRegionsId",
                                                        "ShortTitle":  "Ensure that NSG always allows traffic from the specific region for HDInsight Cluster",
                                                        "ServiceName":  "HDInsightADDomainJoinedService",
                                                        "ComplianceNumber":  "1300.4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "HDInsightClusterTierPremiumId",
                                                        "ShortTitle":  "Ensure that Enterprise Security Package is enabled for HDInsight cluster",
                                                        "ServiceName":  "HDInsightADDomainJoinedService",
                                                        "ComplianceNumber":  "1300.5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "DataFactoryServiceidentity",
                                                        "ShortTitle":  "Ensure that Service Identity is enabled for Azure Data Factory",
                                                        "ServiceName":  "DataFactoryService",
                                                        "ComplianceNumber":  "1300.6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "DataFactoryKeyVaultConnectionCred",
                                                        "ShortTitle":  "Ensure that Azure Data Factory connection credentials are stored in Azure Key Vault",
                                                        "ServiceName":  "DataFactoryService",
                                                        "ComplianceNumber":  "1300.7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Azure - Data in Transit",
                                   "ControlCategoryOrder":  5,
                                   "CategoryId":  "AZ_CSBP_Azure_Data_Transit",
                                   "Total":  11,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  11,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "AppGatewayDisableTLSId",
                                                        "ShortTitle":  "Ensure that TLS 1.0 and 1.1 protocols are disabled for Application Gateway",
                                                        "ServiceName":  "AppGatewayDisableTLSService",
                                                        "ComplianceNumber":  "1400.1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "AppGatewayEnforceSSLTrafficId",
                                                        "ShortTitle":  "Ensure only SSL traffic is enabled for Application Gateway",
                                                        "ServiceName":  "AppGatewayDisableTLSService",
                                                        "ComplianceNumber":  "1400.2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "AppGateway_TLS_1_2_orHigher",
                                                        "ShortTitle":  "Ensure that minimum protocol version of TLS1.2 or higher is enabled for Application Gateway",
                                                        "ServiceName":  "AppGatewayDisableTLSService",
                                                        "ComplianceNumber":  "1400.4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "AppServiceTLS",
                                                        "ShortTitle":  "Ensure web app is using the latest version of TLS encryption",
                                                        "ServiceName":  "AppService",
                                                        "ComplianceNumber":  "1400.5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "FunctionAppTLS",
                                                        "ShortTitle":  "Ensure that TLS is configured for Function Apps",
                                                        "ServiceName":  "FunctionAppService",
                                                        "ComplianceNumber":  "1400.6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "APIAppTLS",
                                                        "ShortTitle":  "Ensure that TLS is configured for API Apps",
                                                        "ServiceName":  "ApiAppService",
                                                        "ComplianceNumber":  "1400.7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "MobileAppTLS",
                                                        "ShortTitle":  "Ensure that TLS is configured for Mobile Apps",
                                                        "ServiceName":  "MobileAppService",
                                                        "ComplianceNumber":  "1400.8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "AppGatewayOWASPVersionId",
                                                        "ShortTitle":  "Ensure that latest version of OWASP ruleset is used for Application Gateway",
                                                        "ServiceName":  "AppGatewayDisableTLSService",
                                                        "ComplianceNumber":  "1400.9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "AppGatewayWAFEnabledId",
                                                        "ShortTitle":  "Ensure that WAF is enabled for Application Gateway",
                                                        "ServiceName":  "AppGatewayDisableTLSService",
                                                        "ComplianceNumber":  "1400.10",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "AppGatewaySLAId",
                                                        "ShortTitle":  "Ensure that your deployment architecture is protected by Azure SLA for Application Gateway",
                                                        "ServiceName":  "AppGatewayDisableTLSService",
                                                        "ComplianceNumber":  "1400.11",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "AppGatewayWAFPreventionId",
                                                        "ShortTitle":  "Ensure that WAF is set to \u0027Prevention mode\u0027 for Application Gateway",
                                                        "ServiceName":  "AppGatewayDisableTLSService",
                                                        "ComplianceNumber":  "1400.12",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Azure - Fundamentals",
                                   "ControlCategoryOrder":  6,
                                   "CategoryId":  "AZ_CSBP_Azure_Fundamentals",
                                   "Total":  8,
                                   "Green":  0,
                                   "Red":  6,
                                   "Amber":  2,
                                   "Gray":  0,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "TagsComplianceDepartment",
                                                        "ShortTitle":  "Ensure that Department tag has been applied for individual Azure resources",
                                                        "ServiceName":  "ConfiguredAppInsightId",
                                                        "ComplianceNumber":  "1500.1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  4,
                                                        "Compliance":  "Red",
                                                        "Severity":  "VeryLow",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "TagsComplianceEnvironment",
                                                        "ShortTitle":  "Ensure that Environment tag has been applied for individual Azure resources",
                                                        "ServiceName":  "ConfiguredAppInsightId",
                                                        "ComplianceNumber":  "1500.2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  4,
                                                        "Compliance":  "Red",
                                                        "Severity":  "VeryLow",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "TagsComplianceProjectName",
                                                        "ShortTitle":  "Ensure that ProjectName tag has been applied for individual Azure resources",
                                                        "ServiceName":  "ConfiguredAppInsightId",
                                                        "ComplianceNumber":  "1500.3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  4,
                                                        "Compliance":  "Red",
                                                        "Severity":  "VeryLow",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "TagsComplianceApplicationOwner",
                                                        "ShortTitle":  "Ensure that ApplicationOwner tag has been applied for individual Azure resources",
                                                        "ServiceName":  "ConfiguredAppInsightId",
                                                        "ComplianceNumber":  "1500.4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  4,
                                                        "Compliance":  "Red",
                                                        "Severity":  "VeryLow",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "TagsComplianceBusinessUnit",
                                                        "ShortTitle":  "Ensure that BusinessUnit tag has been applied for individual Azure resources",
                                                        "ServiceName":  "ConfiguredAppInsightId",
                                                        "ComplianceNumber":  "1500.5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  4,
                                                        "Compliance":  "Red",
                                                        "Severity":  "VeryLow",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "TagsComplianceCostCenter",
                                                        "ShortTitle":  "Ensure that CostCenter tag has been applied for individual Azure resources",
                                                        "ServiceName":  "ConfiguredAppInsightId",
                                                        "ComplianceNumber":  "1500.6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  4,
                                                        "Compliance":  "Red",
                                                        "Severity":  "VeryLow",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "TagsComplianceDataProfile",
                                                        "ShortTitle":  "Ensure that DataProfile tag has been applied for individual Azure resources",
                                                        "ServiceName":  "ConfiguredAppInsightId",
                                                        "ComplianceNumber":  "1500.7",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  4,
                                                        "Compliance":  "Amber",
                                                        "Severity":  "VeryLow",
                                                        "RiskProbability":  "High",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "ResourceGroupLockId",
                                                        "ShortTitle":  "Ensure that Resource Locks are set for mission critical Azure resources",
                                                        "ServiceName":  "ResourceGroup",
                                                        "ComplianceNumber":  "1500.8",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  12,
                                                        "Compliance":  "Amber",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Azure - Identity and Access",
                                   "ControlCategoryOrder":  7,
                                   "CategoryId":  "AZ_CSBP_Azure_Identity_Access",
                                   "Total":  5,
                                   "Green":  2,
                                   "Red":  0,
                                   "Amber":  3,
                                   "Gray":  0,
                                   "CompliancePercent":  40.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "RBAC",
                                                        "ShortTitle":  "Ensure that no custom subscription owner roles are created",
                                                        "ServiceName":  "RBACCustomRoleService",
                                                        "ComplianceNumber":  "1600.1",
                                                        "PassedResourceCount":  2,
                                                        "TotalResourceCount":  2,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "UserPasswordExpirationEnabled",
                                                        "ShortTitle":  "Enforce the policy to set Password to ???always\u0027 expire in Azure Active Directory for all Organization Users",
                                                        "ServiceName":  "RBACService",
                                                        "ComplianceNumber":  "1600.4",
                                                        "PassedResourceCount":  51,
                                                        "TotalResourceCount":  51,
                                                        "Compliance":  "Green",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "UserUsingOrganizationAccountId",
                                                        "ShortTitle":  "Ensure that Azure resources are accessible only through Organization Account",
                                                        "ServiceName":  "RBACService",
                                                        "ComplianceNumber":  "1600.8",
                                                        "PassedResourceCount":  36,
                                                        "TotalResourceCount":  51,
                                                        "Compliance":  "Amber",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "Moderate",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "ExpiryorNearExpiryServicePrincipalId",
                                                        "ShortTitle":  "Ensure that Service Principal Certificate are renewed before it expires",
                                                        "ServiceName":  "AzureADApplicationsService",
                                                        "ComplianceNumber":  "1600.11",
                                                        "PassedResourceCount":  4,
                                                        "TotalResourceCount":  191,
                                                        "Compliance":  "Amber",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "GuestUserId",
                                                        "ShortTitle":  "Ensure that there are no guest users",
                                                        "ServiceName":  "RBACService",
                                                        "ComplianceNumber":  "1600.12",
                                                        "PassedResourceCount":  16,
                                                        "TotalResourceCount":  51,
                                                        "Compliance":  "Amber",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "High",
                                                        "RiskLevel":  "Red"
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Azure - Key Management",
                                   "ControlCategoryOrder":  8,
                                   "CategoryId":  "AZ_CSBP_Azure_Key_Management",
                                   "Total":  6,
                                   "Green":  0,
                                   "Red":  3,
                                   "Amber":  1,
                                   "Gray":  2,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "ExpiryorNearExpiryAzureADId",
                                                        "ShortTitle":  "Ensure that AD Application keys are rotated before they expires",
                                                        "ServiceName":  "AzureADApplicationsService",
                                                        "ComplianceNumber":  "1700.1",
                                                        "PassedResourceCount":  132,
                                                        "TotalResourceCount":  191,
                                                        "Compliance":  "Amber",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "Moderate",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "KeyVaultDiagnosticLogRetaintionDays",
                                                        "ShortTitle":  "Ensure that Diagnostics logs are set with a retention period of at least 365 days for Azure Key Vaults",
                                                        "ServiceName":  "KeyVaultDiagnosticService",
                                                        "ComplianceNumber":  "1700.3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "KeyVaultSoftDelete",
                                                        "ShortTitle":  "Ensure that Soft Delete is enabled for Key Vault",
                                                        "ServiceName":  "KeyVaultDiagnosticService",
                                                        "ComplianceNumber":  "1700.4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "KeyVaultVirtualNetworks",
                                                        "ShortTitle":  "Ensure mission critical Azure KeyVaults are not open to the Internet",
                                                        "ServiceName":  "KeyVaultDiagnosticService",
                                                        "ComplianceNumber":  "1700.5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "KeyVaultSecretsKeyId",
                                                        "ShortTitle":  "Ensure that the expiry date is set on all Secrets in a Key Vault",
                                                        "ServiceName":  "KeyVaultService",
                                                        "ComplianceNumber":  "1700.2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "KeyVaultKeysExpId",
                                                        "ShortTitle":  "Ensure that the expiration date is set on all keys",
                                                        "ServiceName":  "KeyVaultService",
                                                        "ComplianceNumber":  "1700.6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Azure - Kubernetes \u0026 Containers",
                                   "ControlCategoryOrder":  9,
                                   "CategoryId":  "AZ_CSBP_Azure_Kubernetes_Containers",
                                   "Total":  6,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  6,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "KubernetesClustersRBAC",
                                                        "ShortTitle":  "Ensure Azure Active Directory RBAC is enabled for Azure Kubernetes Services (AKS)",
                                                        "ServiceName":  "KubernetesClustersService",
                                                        "ComplianceNumber":  "1800.1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "KubernetesClustersAADProfile",
                                                        "ShortTitle":  "Ensure that AAD is enabled in Kubernetes Service",
                                                        "ServiceName":  "KubernetesClustersService",
                                                        "ComplianceNumber":  "1800.2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "KubernetesClustersOmsAgent",
                                                        "ShortTitle":  "Ensure that Monitoring is enabled for Azure Kubernetes Service",
                                                        "ServiceName":  "KubernetesClustersService",
                                                        "ComplianceNumber":  "1800.3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "KubernetesClustersLatestVersion",
                                                        "ShortTitle":  "Ensure Azure Kubernetes Service clusters are always running with latest Kubernetes versions",
                                                        "ServiceName":  "KubernetesClustersService",
                                                        "ComplianceNumber":  "1800.4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "KubernetesClustersSystemUpdate",
                                                        "ShortTitle":  "Ensure that latest system updates are applied to all Azure Kubernetes Cluster nodes",
                                                        "ServiceName":  "KubernetesClustersNodeService",
                                                        "ComplianceNumber":  "1800.5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "KubernetesClustersDiagnosticSettings",
                                                        "ShortTitle":  "Ensure that Diagnostics logs must be enabled with a retention period of at least 365 days for Azure Kubernetes Service",
                                                        "ServiceName":  "KubernetesClustersService",
                                                        "ComplianceNumber":  "1800.6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Azure - Logging and Auditing",
                                   "ControlCategoryOrder":  10,
                                   "CategoryId":  "AZ_CSBP_Azure_Logging_Auditing",
                                   "Total":  24,
                                   "Green":  3,
                                   "Red":  15,
                                   "Amber":  1,
                                   "Gray":  5,
                                   "CompliancePercent":  15.7894726,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "LogProfileExistsId",
                                                        "ShortTitle":  "Ensure that a Log Profile exists for Azure Monitor",
                                                        "ServiceName":  "ActivityLogProfileService",
                                                        "ComplianceNumber":  "1900.3",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Green"
                                                    },
                                                    {
                                                        "PolicyId":  "ActivityLogRetentionId",
                                                        "ShortTitle":  "Ensure that retention period is set to 365 days or greater for Activity Logs",
                                                        "ServiceName":  "ActivityLogProfileService",
                                                        "ComplianceNumber":  "1900.4",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Green"
                                                    },
                                                    {
                                                        "PolicyId":  "ActivityLogAlertExistsId",
                                                        "ShortTitle":  "Ensure that Activity Log Alert exists for Create Policy Assignment",
                                                        "ServiceName":  "ActivityLogProfileService",
                                                        "ComplianceNumber":  "1900.5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGActivityLogAlertCreateId",
                                                        "ShortTitle":  "Ensure Activity Log Alert exists for Create or Update Network Security Group",
                                                        "ServiceName":  "ActivityLogProfileService",
                                                        "ComplianceNumber":  "1900.6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGActivityLogAlertDeleteId",
                                                        "ShortTitle":  "Ensure Activity Log Alert exists for Delete Network Security Group",
                                                        "ServiceName":  "ActivityLogProfileService",
                                                        "ComplianceNumber":  "1900.7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGRuleActivityLogAlertCreateId",
                                                        "ShortTitle":  "Ensure Activity Log Alert exists for Create or Update Network Security Group Rule",
                                                        "ServiceName":  "ActivityLogProfileService",
                                                        "ComplianceNumber":  "1900.8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGRuleActivityLogAlertDeleteId",
                                                        "ShortTitle":  "Ensure Activity Log Alert exists for Delete Network Security Group Rule",
                                                        "ServiceName":  "ActivityLogProfileService",
                                                        "ComplianceNumber":  "1900.9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "SecuritySolutionActivityLogAlertCreateId",
                                                        "ShortTitle":  "Ensure Activity Log Alert exists for Create or Update Security Solution",
                                                        "ServiceName":  "ActivityLogProfileService",
                                                        "ComplianceNumber":  "1900.10",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "SecuritySolutionActivityLogAlertDeleteId",
                                                        "ShortTitle":  "Ensure Activity Log Alert exists for Delete Security Solution",
                                                        "ServiceName":  "ActivityLogProfileService",
                                                        "ComplianceNumber":  "1900.11",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "SQLFirewallActivityLogAlertCreateId",
                                                        "ShortTitle":  "Ensure Activity Log Alert(s) have configured for Create or Update SQL Server Firewall Rule",
                                                        "ServiceName":  "ActivityLogProfileService",
                                                        "ComplianceNumber":  "1900.12",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "SQLFirewallActivityLogAlertDeleteId",
                                                        "ShortTitle":  "Ensure Activity Log Alert exists for Delete SQL Server Firewall Rule",
                                                        "ServiceName":  "ActivityLogProfileService",
                                                        "ComplianceNumber":  "1900.13",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "SecurityPolicyActivityLogAlertCreateId",
                                                        "ShortTitle":  "Ensure Activity Log Alert exists for Update Security Policy",
                                                        "ServiceName":  "ActivityLogProfileService",
                                                        "ComplianceNumber":  "1900.14",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "KeyVaultLogRetaintionDaysKeyId",
                                                        "ShortTitle":  "Ensure that Logging is enabled for Azure Key Vault",
                                                        "ServiceName":  "KeyVaultDiagnosticService",
                                                        "ComplianceNumber":  "1900.15",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "LogAnalyticsRetention",
                                                        "ShortTitle":  "Ensure that data retention period is set to 365 days or longer for Log Analytics",
                                                        "ServiceName":  "LogAnalyticsService",
                                                        "ComplianceNumber":  "1900.20",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "AuditProfileCapturesAllActivitiesId",
                                                        "ShortTitle":  "Ensure Audit Profile captures all the Activities",
                                                        "ServiceName":  "ActivityLogProfileService",
                                                        "ComplianceNumber":  "1900.21",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Green"
                                                    },
                                                    {
                                                        "PolicyId":  "AuditProfileCapturesActivityLogsForAllRegionId",
                                                        "ShortTitle":  "Ensure Log Profile captures activity logs for all Regions including global",
                                                        "ServiceName":  "ActivityLogProfileServiceRegion",
                                                        "ComplianceNumber":  "1900.22",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  41,
                                                        "Compliance":  "Amber",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "StorageAccountContainerPrivateAccessId",
                                                        "ShortTitle":  "Ensure Storage Container storing activity logs is not Publicly accessible",
                                                        "ServiceName":  "ActivityLogProfileService",
                                                        "ComplianceNumber":  "1900.23",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "StorageAccountEncryptionBYOKId",
                                                        "ShortTitle":  "Ensure the storage account containing the container with activity logs is encrypted with BYOK",
                                                        "ServiceName":  "ActivityLogProfileService",
                                                        "ComplianceNumber":  "1900.24",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "CosmosDbGDREnabledRule",
                                                        "ShortTitle":  "Ensure that \u0027Geo replication\u0027 is enabled for Cosmos DB",
                                                        "ServiceName":  "CosmosDBService",
                                                        "ComplianceNumber":  "1900.25",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  2,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "AvailabilityWebTest",
                                                        "ShortTitle":  "Ensure that \u0027Availability Web Tests\u0027 are configured for Azure Web Apps",
                                                        "ServiceName":  "AppService",
                                                        "ComplianceNumber":  "1900.1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "AppServiceAuditAndMonitor",
                                                        "ShortTitle":  "Ensure that Auditing and Monitoring is enabled for App Service",
                                                        "ServiceName":  "AppService",
                                                        "ComplianceNumber":  "1900.16",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "MobileAppAuditAndMonitor",
                                                        "ShortTitle":  "Ensure that Auditing and Monitoring is enabled for Mobile App",
                                                        "ServiceName":  "MobileAppService",
                                                        "ComplianceNumber":  "1900.17",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "APIAppAuditAndMonitor",
                                                        "ShortTitle":  "Ensure that Auditing and Monitoring is enabled for API App",
                                                        "ServiceName":  "ApiAppService",
                                                        "ComplianceNumber":  "1900.18",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "FuncAppAuditAndMonitor",
                                                        "ShortTitle":  "Ensure that Auditing and Monitoring is enabled for Function App",
                                                        "ServiceName":  "FunctionAppService",
                                                        "ComplianceNumber":  "1900.19",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Azure - Networking",
                                   "ControlCategoryOrder":  11,
                                   "CategoryId":  "AZ_CSBP_Azure_Networking",
                                   "Total":  44,
                                   "Green":  36,
                                   "Red":  5,
                                   "Amber":  0,
                                   "Gray":  3,
                                   "CompliancePercent":  87.80488,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "NSGRulesForSubnetsId",
                                                        "ShortTitle":  "Ensure that inbound and outbound traffic rules are configured for Subnets by associating NSGs to Subnets",
                                                        "ServiceName":  "NSGRulesForSubnetsService",
                                                        "ComplianceNumber":  "2000.1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGDenyAllRuleId",
                                                        "ShortTitle":  "Ensure that DenyAll rule is configured for all NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.3",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGRulesForRDPId",
                                                        "ShortTitle":  "Ensure that RDP access is restricted from the internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGRulesForSSHId",
                                                        "ShortTitle":  "Ensure that SSH access is restricted from the internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.7",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NetworkWatcherId",
                                                        "ShortTitle":  "Ensure that Network Watcher is \u0027Enabled\u0027",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2000.8",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Green"
                                                    },
                                                    {
                                                        "PolicyId":  "VNETDdosProtectionId",
                                                        "ShortTitle":  "Ensure that DDOS protection is enabled for Virtual Network",
                                                        "ServiceName":  "NetworkService",
                                                        "ComplianceNumber":  "2000.10",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGRuleForFlowLogId",
                                                        "ShortTitle":  "Ensure that Flow Log Status is set to On for Network Security Groups",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.11",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP8000RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to \u0027Known internal web port\u0027 (TCP:8000) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.12",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP8080RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to \u0027Known internal web port\u0027 (TCP:8080) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.13",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressUDP137RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to \u0027NetBIOS Name Service\u0027 (UDP:137) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.14",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressUDP138RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to \u0027NetBios Datagram Service\u0027 (UDP:138) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.15",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressUDP139RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to \u0027NetBios Datagram Service\u0027 (UDP:139) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.16",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressUDP161RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to \u0027SNMP\u0027 (UDP:161) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.17",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP9090RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to CiscoSecure,websm (TCP:9090) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.18",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP7001RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to  \u0027Cassandra\u0027 (TCP:7001) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.19",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP1433RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to \u0027MSSQL Server\u0027 (TCP:1433) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.20",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP3306RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to \u0027MySQL\u0027 (TCP:3306) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.21",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP5432RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to \u0027Postgres SQL\u0027 (TCP:5432) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.22",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP2383RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to \u0027SQL Server Analysis Services\u0027 (TCP:2383) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.23",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP9042RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to Cassandra Client (TCP:9042) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.24",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP7000RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to Cassandra Internode Communication (TCP:7000) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.25",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP7199RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to  Cassandra Monitoring (TCP:7199) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.26",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP61620RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to Cassandra OpsCenter Monitoring (TCP:61620) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.27",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP8888RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to Cassandra OpsCenter Website (TCP:8888) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.28",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP9160RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to Cassandra Thrift (TCP:9160) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.29",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP9200RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to Elastic search (TCP:9200) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.30",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP9300RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to Elastic search (TCP:9300) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.31",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressUDP389RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to LDAP (UDP:389) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.32",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP11211RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to Memcached (TCP:11211) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.33",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressUDP11211RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to Memcached (UDP:11211) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.34",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP27017RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to Mongo (TCP:27017) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.35",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP1521RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to Oracle DB (TCP:1521) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.36",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP2483RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to Oracle DB (TCP:2483) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.37",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressUDP2483RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to Oracle DB (UDP:2483) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.38",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP6379RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to Redis (TCP:6379) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.39",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP3389RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to Remote Desktop (TCP:3389) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.40",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP22RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to SSH (TCP:22) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.41",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressBitcoinPortRuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to bitcoin ports (TCP 8332 and 8333) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.47",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressEtheriumPortRuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to Ethereum port (TCP 8545) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.48",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP110RuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to \u0027POP3\u0027 (TCP:110) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.49",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressTCP25PortRuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to SMTP (TCP:25) is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.50",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "SQLDBServerDenyIngressEgressId",
                                                        "ShortTitle":  "Ensure no SQL Databases allow ingress 0.0.0.0/0 (ANY IP)",
                                                        "ServiceName":  "SQLDBServerAuditingService",
                                                        "ComplianceNumber":  "2000.9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VNETPublicIpAddressRestrictedTo3",
                                                        "ShortTitle":  "Ensure that less than 3 Public IP\u0027s (i.e. NIC\u0027s with Public IP) are used for Virtual Network",
                                                        "ServiceName":  "NicService",
                                                        "ComplianceNumber":  "2000.43",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "NSGIngressManagementPortRuleId",
                                                        "ShortTitle":  "Ensure that ingress traffic to management ports is restricted from the public internet on NSG\u0027s",
                                                        "ServiceName":  "VirtualNetworkService",
                                                        "ComplianceNumber":  "2000.46",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Azure - Security Center",
                                   "ControlCategoryOrder":  12,
                                   "CategoryId":  "AZ_CSBP_Azure_Security_Center",
                                   "Total":  121,
                                   "Green":  6,
                                   "Red":  115,
                                   "Amber":  0,
                                   "Gray":  0,
                                   "CompliancePercent":  4.958678,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "AADAuthenticationInServiceFabricId",
                                                        "ShortTitle":  "Ensure that AAD authentication in Service Fabric is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "AADAuthenticationInSqlServerId",
                                                        "ShortTitle":  "Ensure that AAD authentication in SQL server is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "AdaptiveAppControl",
                                                        "ShortTitle":  "Ensure that monitor of Adaptive Application whitelisting is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "BasicsEnableDataCollectionId",
                                                        "ShortTitle":  "Ensure that Automatic Provisioning of monitoring agent is set to On in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.4",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Green"
                                                    },
                                                    {
                                                        "PolicyId":  "ClusterProtectionLevelInServiceFabricId",
                                                        "ShortTitle":  "Ensure that Cluster Protection level in Service Fabric is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInBatchAccountId",
                                                        "ShortTitle":  "Ensure that diagnostics logs in Batch Account is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInDataLakeAnalyticsId",
                                                        "ShortTitle":  "Ensure that diagnostics logs in Data Lake Analytics is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInDataLakeStoreId",
                                                        "ShortTitle":  "Ensure that diagnostics logs in Data Lake Store is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInEventHubId",
                                                        "ShortTitle":  "Ensure that diagnostics logs in Event Hub is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInKeyVaultId",
                                                        "ShortTitle":  "Ensure that diagnostics logs in Key Vault is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.10",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInLogicAppsId",
                                                        "ShortTitle":  "Ensure that diagnostics logs in Logic Apps is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.11",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInRedisCacheId",
                                                        "ShortTitle":  "Ensure that diagnostics logs in Redis Cache is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.12",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInSearchServiceId",
                                                        "ShortTitle":  "Ensure that diagnostics logs in Search Service is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.13",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInServiceBusId",
                                                        "ShortTitle":  "Ensure that diagnostics logs in Service Bus is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.14",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInServiceFabricId",
                                                        "ShortTitle":  "Ensure that diagnostics logs in Virtual Machine Scale Sets is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.15",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInStreamAnalyticsId",
                                                        "ShortTitle":  "Ensure that diagnostics logs in Stream Analytics is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.16",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "DisableUnrestrictedNetworkToStorageAccountId",
                                                        "ShortTitle":  "Ensure that disable unrestricted network to storage account is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.17",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "DiskEncryptionRecommendationId",
                                                        "ShortTitle":  "Ensure that monitor disk encryption is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.18",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "IdentityDesignateLessThanOwnersId",
                                                        "ShortTitle":  "Designate up to 3 subscription owners is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.20",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "IdentityDesignateMoreThanOneOwnerId",
                                                        "ShortTitle":  "Designate more than one subscription owner is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.21",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "IdentityEnableMFAForOwnerPermissionsId",
                                                        "ShortTitle":  "Ensure that MFA is enabled for all subscription accounts with owner permissions in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.22",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "IdentityEnableMFAForReadPermissionsId",
                                                        "ShortTitle":  "Ensure that MFA is enabled for all subscription accounts with read permissions in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.23",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "IdentityEnableMFAForWritePermissionsId",
                                                        "ShortTitle":  "Ensure that MFA is enabled for all subscription accounts with write permissions in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.24",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "IdentityRemoveDeprecatedAccountId",
                                                        "ShortTitle":  "Ensure that deprecated accounts is removed on subscription are set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.25",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "IdentityRemoveDeprecatedAccountWithOwnerPermissionsId",
                                                        "ShortTitle":  "Ensure that deprecated accounts with owner permissions are removed from subscription is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.26",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "IdentityRemoveExternalAccountWithOwnerPermissionsId",
                                                        "ShortTitle":  "Ensure that external accounts with owner permissions are removed from subscription is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.27",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "IdentityRemoveExternalAccountWithReadPermissionsId",
                                                        "ShortTitle":  "Ensure that external accounts with read permissions are removed from subscription is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.28",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "IdentityRemoveExternalAccountWithWritePermissionsId",
                                                        "ShortTitle":  "Ensure that external accounts with write permissions are removed from subscription is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.29",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "JITNetworkAccessRecommendationId",
                                                        "ShortTitle":  "Ensure that JIT network access policy is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.30",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "MetricAlertsInBatchAccountId",
                                                        "ShortTitle":  "Ensure that metric alerts in Batch account is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.31",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "NamespaceAuthorizationRulesInServiceBusId",
                                                        "ShortTitle":  "Ensure that namespace authorization rules in service bus is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.32",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "NetworkSecurityGroupsRecommendationId",
                                                        "ShortTitle":  "Ensure that monitoring of network security groups is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.33",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "NextGenerationFirewallRecommendationId",
                                                        "ShortTitle":  "Ensure that next generation firewall is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.34",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "OSVulnerabilitiesRecommendationId",
                                                        "ShortTitle":  "Ensure that monitoring of OS vulnerabilities is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.35",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "SecureTransferToStorageAccountId",
                                                        "ShortTitle":  "Ensure that secure transfer to storage account is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.36",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "SecurityContactEmailsId",
                                                        "ShortTitle":  "Ensure that security contact email is provided in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.37",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Green"
                                                    },
                                                    {
                                                        "PolicyId":  "securityContactPhoneNumberId",
                                                        "ShortTitle":  "Ensure that phone number is provided in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.38",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "SendAlertsEmailsId",
                                                        "ShortTitle":  "Ensure that alert notification is set to On in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.39",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "SendEmailToSubscriptionOwnersId",
                                                        "ShortTitle":  "Ensure that email notification is set to On to subscription owners in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.40",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Green"
                                                    },
                                                    {
                                                        "PolicyId":  "SQLAuditingThreatDetectionRecommendationId",
                                                        "ShortTitle":  "Ensure that monitoring of SQL auditing is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.41",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "SqlDbVulnerabilityAssesmentId",
                                                        "ShortTitle":  "Ensure that SqlDb Vulnerability Assessment is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.42",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "SQLEncryptionRecommendationId",
                                                        "ShortTitle":  "Ensure that monitor SQL encryption is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.43",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "StorageEncryptionRecommendationId",
                                                        "ShortTitle":  "Ensure that monitor storage blob encryption is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.44",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "SystemUpdatesRecommendationId",
                                                        "ShortTitle":  "Ensure that monitor system updates is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.45",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "VMStandardPricingtierId",
                                                        "ShortTitle":  "Ensure that in ASC standard tier is selected",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.46",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Green",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Green"
                                                    },
                                                    {
                                                        "PolicyId":  "VulnerabilityAssessmentRecommendationId",
                                                        "ShortTitle":  "Ensure that vulnerability assessment is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.47",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "WebApplFirewallRecommendationId",
                                                        "ShortTitle":  "Ensure that web application firewall is set to enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.48",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "RestrictAccessToAppServicesMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of permissive network access to app-services is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.49",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "SqlManagedInstanceAdvancedDataSecurityId",
                                                        "ShortTitle":  "Ensure that monitoring of SQL managed instances without Advanced Data Security is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.50",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "SqlServerAdvancedDataSecurityMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of SQL managed server without Advanced Data Security is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.51",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "ThreatDetectionOnManagedInstanceId",
                                                        "ShortTitle":  "Ensure that all Advanced Threat Protection types on SQL managed instance is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.52",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "ThreatDetectionTypesOnServerMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that all Advanced Threat Protection types on SQL server is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.53",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "AccessRulesInEventHubNamespaceMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of access rules in Event Hub namespaces is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.54",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "ApiAppEnforceHttpsMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of the use of HTTPS in API app is enable in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.55",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "SqlServerAuditingActionsAndGroupsMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of auditing policy Action-Groups and Actions setting is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.56",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "SqlServerAuditingMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that the Audit monitoring of SQL Servers is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.57",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "UseRbacRulesMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of using built-in RBAC rules is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.58",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "AccessRulesInEventHubMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of access rules in Event Hubs is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.59",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "KubernetesServiceAuthorizedIPRangesEnabledId",
                                                        "ShortTitle":  "Ensure that monitoring of Kubernetes Services without authorized IP ranges is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.60",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "EncryptionOfAutomationAccountMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of Automation Account Encryption is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.61",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "ApiAppRestrictCORSAccessMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of CORS restrictions for API App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.62",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "FunctionAppRestrictCORSAccessId",
                                                        "ShortTitle":  "Ensure that monitoring of CORS restrictions for Function App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.63",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "WebAppRestrictCORSAccessMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of CORS restrictions for Web App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.64",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "vnetEnableDDoSProtectionMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of DDoS protection for virtual network is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.65",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInSelectiveAppServicesMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of diagnostics logs in selective app services is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.66",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInIoTHubMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of diagnostic logs in IoT Hubs is enabled in ASC ",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.67",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "SecurityCentreEndpointprotectionOnVMscalesetId",
                                                        "ShortTitle":  "Ensure that endpoint protection monitoring for virtual machine scale sets is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.68",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "SqlServerAdvancedDataSecurityEmailId",
                                                        "ShortTitle":  "Ensure that \u0027Send alerts to\u0027 is set in SQL server Advanced Data Security settings is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.69",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "FunctionAppEnforceHttpsMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of the use of HTTPS in function app is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.70",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "DisableIPForwardingMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that IP Forwarding monitoring on virtual machines is disabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.71",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "EnabledJITNetworkAccessControlId",
                                                        "ShortTitle":  "Ensure that monitoring of network just In time access is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.72",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "RestrictAccessToManagementPortsId",
                                                        "ShortTitle":  "Ensure that monitoring of Open Management Ports on virtual machines is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.73",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "ApiAppConfigureIPRestrictionsMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of IP restrictions for API App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.74",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "FunctionAppConfigureIPRestrictionsId",
                                                        "ShortTitle":  "Ensure that monitoring of IP restrictions for Function App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.75",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "WebAppConfigureIPRestrictionsMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of IP restrictions for Web App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.76",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInAppServiceMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of diagnostics logs in App Services is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.77",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "ApiAppDisableWebSocketsMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of web sockets for API App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.78",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "FunctionAppDisableWebSocketsMonitorinId",
                                                        "ShortTitle":  "Ensure that monitoring of web sockets for Function App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.79",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "WebAppDisableWebSocketsMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of web sockets for Web App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.80",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "EndpointProtectionMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of Endpoint Protection is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.81",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "ApiAppUsedCustomDomainsMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of custom domain use in API App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.82",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "FunctionAppUsedCustomDomainsMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of custom domain use in Function App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.83",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "WebAppUsedCustomDomainsMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of custom domain use in Web App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.84",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "ApiAppUsedLatestDotNetMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of .Net version in API App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.85",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "WebAppUsedLatestDotNetMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of .Net version in Web App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.86",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "ApiAppUsedLatestJavaMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of Java version in API App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.87",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "WebAppUsedLatestJavaMonitoringEffect",
                                                        "ShortTitle":  "Ensure that monitoring of Java version in web app is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.88",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "WebAppUsedLatestNodeJsMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of Node.js version in Web App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.89",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "ApiAppUsedLatestPHPMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of PHP version in the API App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.90",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "WebAppUsedLatestPHPMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of PHP version in Web App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.91",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "ApiAppUsedLatestPythonMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of Python version in API App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.92",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "WebAppUsedLatestPythonMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of Python version in Web App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.93",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "AdaptiveNetworkHardeningsId",
                                                        "ShortTitle":  "Ensure that monitoring of Internet-facing VM for NSG traffic hardening is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.94",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "NetworkSecurityGroupsOnVirtualMachinesMonitoringEffect",
                                                        "ShortTitle":  "Ensure that monitoring of NSG for virtual machines is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.95",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "networkSecurityGroupsOnSubnetsMonitoringEffect",
                                                        "ShortTitle":  "Ensure that monitoring of NSG for Subnet is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.96",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "KubernetesServicePspEnabledMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of Kubernetes Services without pod security policy is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.97",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "ApiAppDisableRemoteDebuggingId",
                                                        "ShortTitle":  "Ensure that monitoring of remote debugging for API App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.98",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "FunctionAppDisableRemoteDebuggingId",
                                                        "ShortTitle":  "Ensure that monitoring of remote debugging for Function App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.99",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "WebAppDisableRemoteDebuggingMonitoringId",
                                                        "ShortTitle":  "Ensure that monitoring of remote debugging for Web App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.100",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "LogsInBatchAccountRetentionDaysId",
                                                        "ShortTitle":  "Ensure that required diagnostic logs retention period in days for Batch accounts is set in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.101",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInSearchServiceRetentionDaysId",
                                                        "ShortTitle":  "Ensure that required diagnostic logs retention period in days in Azure Search service is set in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.102",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInDataLakeAnalyticsRetentionDaysId",
                                                        "ShortTitle":  "Ensure that required diagnostic logs retention period in days in Data Lake Analytics is set in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.103",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInDataLakeStoreRetentionDaysId",
                                                        "ShortTitle":  "Ensure that required diagnostic logs retention period in days in Data Lake Store accounts is set in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.104",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInEventHubRetentionDaysId",
                                                        "ShortTitle":  "Ensure that required diagnostic logs retention period in days in Event Hub accounts is set in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.105",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInIoTHubRetentionDaysId",
                                                        "ShortTitle":  "Ensure that required diagnostic logs retention period in days in IoT Hub accounts is set in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.106",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInKeyVaultRetentionDaysId",
                                                        "ShortTitle":  "Ensure that required diagnostic logs retention period in days in Key Vault vaults is set in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.107",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInLogicAppsRetentionDaysId",
                                                        "ShortTitle":  "Ensure that required diagnostic logs retention period in days in Logic Apps workflows is set in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.108",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInServiceBusRetentionDaysId",
                                                        "ShortTitle":  "Ensure that required diagnostic logs retention period in days in Service Bus is set in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.109",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "DiagnosticsLogsInStreamAnalyticsRetentionDaysId",
                                                        "ShortTitle":  "Ensure that required diagnostic logs retention period in days in Stream Analytics is set in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.110",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "kubernetesServiceRbacEnabledMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of Kubernetes Services without RBAC is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.111",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "SqlDbDataClassificationMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of sensitive data is classified on SQL database is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.112",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "SqlInstanceDataSecurityEmailAdminsId",
                                                        "ShortTitle":  "Ensure that monitoring of SQL managed instances alerts being sent to admins and subscription owners is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.113",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "ClassicStorageAccountsMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of classic storage accounts migration to ARM is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.114",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "VMssSystemUpdatesMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that reporting of system updates in virtual machine scale sets is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.115",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "SqlDbEncryptionMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of unencrypted SQL databases is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.116",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "ClassicComputeVMsMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of classic virtual machines is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.117",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "VMssOsVulnerabilitiesMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that OS vulnerabilities monitoring for virtual machine scale sets is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.118",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "VulnerabilityAssesmentMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that the detection of VM vulnerabilities by a Vulnerability Assessment solution is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.119",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "VulnerabilityAssessmentOnManagedInstanceId",
                                                        "ShortTitle":  "Ensure that Vulnerability Assessment on your SQL managed instances is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.120",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "vulnerabilityAssessmentOnServerMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that Vulnerability Assessment on your SQL servers is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.121",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "WebAppEnforceHttpsMonitoringEffectId",
                                                        "ShortTitle":  "Ensure that monitoring of the use of HTTPS in Web App is enabled in ASC",
                                                        "ServiceName":  "BasicsEnableDataCollectionService",
                                                        "ComplianceNumber":  "2100.122",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  1,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Azure - Storage and Databases",
                                   "ControlCategoryOrder":  13,
                                   "CategoryId":  "AZ_CSBP_Azure_Storage_Databases",
                                   "Total":  50,
                                   "Green":  7,
                                   "Red":  1,
                                   "Amber":  4,
                                   "Gray":  38,
                                   "CompliancePercent":  58.3333321,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "DataAtRestStorageAccountsId",
                                                        "ShortTitle":  "Ensure that encryption is enabled for Azure Storage Service",
                                                        "ServiceName":  "DataAtRestStorageAccountsService",
                                                        "ComplianceNumber":  "2200.1",
                                                        "PassedResourceCount":  3,
                                                        "TotalResourceCount":  3,
                                                        "Compliance":  "Green",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "StorageSecureTransferRequiredId",
                                                        "ShortTitle":  "Ensure that \u0027Secure transfer required\u0027 is \u0027Enabled\u0027 for Storage Account",
                                                        "ServiceName":  "DataAtRestStorageAccountsService",
                                                        "ComplianceNumber":  "2200.10",
                                                        "PassedResourceCount":  3,
                                                        "TotalResourceCount":  3,
                                                        "Compliance":  "Green",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "StorageBlobServiceEncryptionId",
                                                        "ShortTitle":  "Ensure that \u0027Storage service encryption\u0027 is set to Enabled for Blob Service",
                                                        "ServiceName":  "DataAtRestStorageAccountsService",
                                                        "ComplianceNumber":  "2200.11",
                                                        "PassedResourceCount":  3,
                                                        "TotalResourceCount":  3,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "StorageFileServiceEncryptionId",
                                                        "ShortTitle":  "Ensure that \u0027Storage service encryption\u0027 is set to Enabled for File Service",
                                                        "ServiceName":  "DataAtRestStorageAccountsService",
                                                        "ComplianceNumber":  "2200.12",
                                                        "PassedResourceCount":  3,
                                                        "TotalResourceCount":  3,
                                                        "Compliance":  "Green",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "StorageGeoRedundantId",
                                                        "ShortTitle":  "Ensure that \u0027Geo-redundant\u0027 is enabled for Azure Storage",
                                                        "ServiceName":  "DataAtRestStorageAccountsService",
                                                        "ComplianceNumber":  "2200.14",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  3,
                                                        "Compliance":  "Amber",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "High",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "TagsComplianceStorageAccountsDataProfileId",
                                                        "ShortTitle":  "Ensure that DataProfile tag has been applied for Azure Storage",
                                                        "ServiceName":  "DataAtRestStorageAccountsService",
                                                        "ComplianceNumber":  "2200.29",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  3,
                                                        "Compliance":  "Amber",
                                                        "Severity":  "VeryLow",
                                                        "RiskProbability":  "High",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "CosmosDbFirewallEnabledRule",
                                                        "ShortTitle":  "Ensure that firewall is enabled for Cosmos DB",
                                                        "ServiceName":  "CosmosDBService",
                                                        "ComplianceNumber":  "2200.34",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  2,
                                                        "Compliance":  "Amber",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  "Moderate",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "CosmosDbFailoverEnabledRule",
                                                        "ShortTitle":  "Ensure that failover is enabled for Cosmos DB",
                                                        "ServiceName":  "CosmosDBService",
                                                        "ComplianceNumber":  "2200.35",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  2,
                                                        "Compliance":  "Red",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "Certain",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "StorageNetworkAccessSelectAllRule",
                                                        "ShortTitle":  "Ensure default network access rule for Storage Accounts is set to deny",
                                                        "ServiceName":  "DataAtRestStorageAccountsService",
                                                        "ComplianceNumber":  "2200.36",
                                                        "PassedResourceCount":  1,
                                                        "TotalResourceCount":  3,
                                                        "Compliance":  "Amber",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "High",
                                                        "RiskLevel":  "Red"
                                                    },
                                                    {
                                                        "PolicyId":  "StorageTrustedNetworkServiceId",
                                                        "ShortTitle":  "Ensure \u0027Trusted Microsoft Services\u0027 is enabled for Storage Account access",
                                                        "ServiceName":  "DataAtRestStorageAccountsService",
                                                        "ComplianceNumber":  "2200.44",
                                                        "PassedResourceCount":  3,
                                                        "TotalResourceCount":  3,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "CosmosDbConsistencyLevelOtherThanEventual",
                                                        "ShortTitle":  "Ensure that \u0027Eventual\u0027 consistency is disabled for Cosmos DB",
                                                        "ServiceName":  "CosmosDBService",
                                                        "ComplianceNumber":  "2200.50",
                                                        "PassedResourceCount":  2,
                                                        "TotalResourceCount":  2,
                                                        "Compliance":  "Green",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Green"
                                                    },
                                                    {
                                                        "PolicyId":  "StorageAccountATPId",
                                                        "ShortTitle":  "Ensure Advanced Threat Protection is enabled for Storage Accounts",
                                                        "ServiceName":  "DataAtRestStorageAccountsService",
                                                        "ComplianceNumber":  "2200.51",
                                                        "PassedResourceCount":  3,
                                                        "TotalResourceCount":  3,
                                                        "Compliance":  "Green",
                                                        "Severity":  "High",
                                                        "RiskProbability":  "NotLikely",
                                                        "RiskLevel":  "Amber"
                                                    },
                                                    {
                                                        "PolicyId":  "SQLDBTransparentDataEncryptionId",
                                                        "ShortTitle":  "Ensure that \u0027Data encryption\u0027 is set to \u0027On\u0027 for SQL Databases",
                                                        "ServiceName":  "SQLDBAuditingService",
                                                        "ComplianceNumber":  "2200.2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SQLDBAuditingId",
                                                        "ShortTitle":  "Ensure that \u0027Auditing\u0027 is set to \u0027On\u0027 for SQL Databases",
                                                        "ServiceName":  "SQLDBAuditingService",
                                                        "ComplianceNumber":  "2200.3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SQLDBServerAuditingId",
                                                        "ShortTitle":  "Ensure that \u0027Auditing\u0027 is set to \u0027On\u0027 for SQL Server",
                                                        "ServiceName":  "SQLDBServerAuditingService",
                                                        "ComplianceNumber":  "2200.4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SqlDbSetSendAlertsToRule",
                                                        "ShortTitle":  "Ensure that \u0027Send alerts to\u0027 is set for SQL Databases",
                                                        "ServiceName":  "SQLDBAuditingService",
                                                        "ComplianceNumber":  "2200.5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SQLServerThreadDetectionTypeAll",
                                                        "ShortTitle":  "Ensure that \u0027Threat Detection types\u0027 is set to \u0027All\u0027 for SQL Server",
                                                        "ServiceName":  "SQLDBServerAuditingService",
                                                        "ComplianceNumber":  "2200.6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SqlServerSetSendAlertsToRule",
                                                        "ShortTitle":  "Ensure that \u0027Send alerts to\u0027 is set for SQL Server",
                                                        "ServiceName":  "SQLDBServerAuditingService",
                                                        "ComplianceNumber":  "2200.7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SqlServerEnableCoAdminRule",
                                                        "ShortTitle":  "Ensure that \u0027Email service and co-administrators\u0027 is \u0027Enabled\u0027 for SQL Server",
                                                        "ServiceName":  "SQLDBServerAuditingService",
                                                        "ComplianceNumber":  "2200.8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SqlDbEnableCoAdminRule",
                                                        "ShortTitle":  "Ensure that \u0027Email service and co-administrators\u0027 is \u0027Enabled\u0027 for SQL Databases",
                                                        "ServiceName":  "SQLDBAuditingService",
                                                        "ComplianceNumber":  "2200.9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "StoragePublicAccessLevelId",
                                                        "ShortTitle":  "Ensure that \u0027Public access level\u0027 is set to Private for Blob Containers",
                                                        "ServiceName":  "StorageBlobService",
                                                        "ComplianceNumber":  "2200.13",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SQLDBThreatDetectionPolicyId",
                                                        "ShortTitle":  "Ensure that \u0027Threat Detection\u0027 is set to \u0027On\u0027 for SQL Databases",
                                                        "ServiceName":  "SQLDBAuditingService",
                                                        "ComplianceNumber":  "2200.15",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SQLDBThreatDetectionTypeAllId",
                                                        "ShortTitle":  "Ensure that \u0027Threat Detection types\u0027 is set to \u0027All\u0027 for SQL Databases",
                                                        "ServiceName":  "SQLDBAuditingService",
                                                        "ComplianceNumber":  "2200.16",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SQLServerFirewallRuleAppropriateId",
                                                        "ShortTitle":  "Ensure that firewall rules are set as appropriate for SQL Servers",
                                                        "ServiceName":  "SQLDBServerAuditingService",
                                                        "ComplianceNumber":  "2200.17",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SQLServerAuditingRetentionId",
                                                        "ShortTitle":  "Ensure that \u0027Auditing\u0027 Retention is \u0027greater than 90 days\u0027 for SQL Servers",
                                                        "ServiceName":  "SQLDBServerAuditingService",
                                                        "ComplianceNumber":  "2200.18",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SQLServerThreadRetentionId",
                                                        "ShortTitle":  "Ensure that \u0027Threat Detection\u0027 Retention is \u0027greater than 90 days\u0027 for SQL Server",
                                                        "ServiceName":  "SQLDBServerAuditingService",
                                                        "ComplianceNumber":  "2200.19",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SQLServerAdminSetId",
                                                        "ShortTitle":  "Ensure that Azure Active Directory Admin is configured for SQL Server",
                                                        "ServiceName":  "SQLDBServerAuditingService",
                                                        "ComplianceNumber":  "2200.21",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SQLDBThreatretention",
                                                        "ShortTitle":  "Ensure that \u0027Threat\u0027 Retention is \u0027greater than 90 days\u0027 for SQL Databases",
                                                        "ServiceName":  "SQLDBAuditingService",
                                                        "ComplianceNumber":  "2200.22",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SQLDBServerThreatDetectionPolicyId",
                                                        "ShortTitle":  "Ensure that \u0027Advanced Data Security\u0027 on a SQL server is set to \u0027On\u0027",
                                                        "ServiceName":  "SQLDBServerAuditingService",
                                                        "ComplianceNumber":  "2200.23",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SQLDBDataMaskingId",
                                                        "ShortTitle":  "Ensure that \u0027Data Masking\u0027 is enabled for SQL Databases",
                                                        "ServiceName":  "SQLDBAuditingService",
                                                        "ComplianceNumber":  "2200.24",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SQLDBGeoReplicationId",
                                                        "ShortTitle":  "Ensure that \u0027Geo replication\u0027 is enabled for SQL Databases",
                                                        "ServiceName":  "SQLDBAuditingService",
                                                        "ComplianceNumber":  "2200.25",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SQLDBDiagnosticsId",
                                                        "ShortTitle":  "Ensure that Diagnostics is enabled for SQL Databases",
                                                        "ServiceName":  "SQLDBAuditingService",
                                                        "ComplianceNumber":  "2200.26",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "TagsComplianceDBDataProfileId",
                                                        "ShortTitle":  "Ensure that DataProfile tag has been applied for SQL Databases",
                                                        "ServiceName":  "SQLDBAuditingService",
                                                        "ComplianceNumber":  "2200.27",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "VeryLow",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "TagsComplianceDBServerDataProfileId",
                                                        "ShortTitle":  "Ensure that DataProfile tag has been applied for SQL DB Servers",
                                                        "ServiceName":  "SQLDBServerAuditingService",
                                                        "ComplianceNumber":  "2200.28",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "VeryLow",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SqlDwFirewallEnabledRule",
                                                        "ShortTitle":  "Ensure that firewall is enabled for SQL Data Warehouse",
                                                        "ServiceName":  "SqlDataWarehouseService",
                                                        "ComplianceNumber":  "2200.30",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SqlDwThreatDetEnabledRule",
                                                        "ShortTitle":  "Ensure that threat detection is enabled for SQL Data Warehouse",
                                                        "ServiceName":  "SqlDataWarehouseService",
                                                        "ComplianceNumber":  "2200.31",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SqlDwAuditingEnabledRule",
                                                        "ShortTitle":  "Ensure that auditing is enabled for SQL Data Warehouse",
                                                        "ServiceName":  "SqlDataWarehouseService",
                                                        "ComplianceNumber":  "2200.32",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SqlDwEncryptionEnabledRule",
                                                        "ShortTitle":  "Ensure that encryption is enabled for SQL Data Warehouse",
                                                        "ServiceName":  "SqlDataWarehouseService",
                                                        "ComplianceNumber":  "2200.33",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "PostgreSQLLogRetention",
                                                        "ShortTitle":  "Ensure server parameter \u0027log_retention_days\u0027 is greater than 3 days for PostgreSQL Database Server",
                                                        "ServiceName":  "PostgreSQLService",
                                                        "ComplianceNumber":  "2200.37",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "PostgreSQLConnectionThrottling",
                                                        "ShortTitle":  "Ensure server parameter \u0027connection_throttling\u0027 is set to \u0027ON\u0027 for PostgreSQL Database Server",
                                                        "ServiceName":  "PostgreSQLService",
                                                        "ComplianceNumber":  "2200.38",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "PostgreSQLLogDuration",
                                                        "ShortTitle":  "Ensure server parameter \u0027log_duration\u0027 is set to \u0027ON\u0027 for PostgreSQL Database Server",
                                                        "ServiceName":  "PostgreSQLService",
                                                        "ComplianceNumber":  "2200.39",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "PostgreSQLLogDisconnetion",
                                                        "ShortTitle":  "Ensure server parameter \u0027log_disconnections\u0027 is set to \u0027ON\u0027 for PostgreSQL Database Server",
                                                        "ServiceName":  "PostgreSQLService",
                                                        "ComplianceNumber":  "2200.40",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "PostgreSQLLogConnection",
                                                        "ShortTitle":  "Ensure server parameter \u0027log_connections\u0027 is set to \u0027ON\u0027 for PostgreSQL Database Server",
                                                        "ServiceName":  "PostgreSQLService",
                                                        "ComplianceNumber":  "2200.41",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "PostgreSQLSSLConnection",
                                                        "ShortTitle":  "Ensure \u0027Enforce SSL connection\u0027 is set to \u0027ENABLED\u0027 for PostgreSQL Database Server",
                                                        "ServiceName":  "PostgreSQLService",
                                                        "ComplianceNumber":  "2200.42",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "PostgreSQLLogCheckpoints",
                                                        "ShortTitle":  "Ensure server parameter \u0027log_checkpoints\u0027 is set to \u0027ON\u0027 for PostgreSQL Database Server",
                                                        "ServiceName":  "PostgreSQLService",
                                                        "ComplianceNumber":  "2200.43",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SQLServerTDEEncryptionId",
                                                        "ShortTitle":  "Ensure SQL server\u0027s TDE protector is encrypted with BYOK",
                                                        "ServiceName":  "SQLDBServerAuditingService",
                                                        "ComplianceNumber":  "2200.45",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Critical",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SQLServerAuditActionGroupsId",
                                                        "ShortTitle":  "Ensure that \u0027AuditActionGroups\u0027 in \u0027auditing\u0027 policy for a SQL server is set properly",
                                                        "ServiceName":  "SQLDBServerAuditingService",
                                                        "ComplianceNumber":  "2200.46",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "MySQLDatabaseServerSSLId",
                                                        "ShortTitle":  "Ensure \u0027Enforce SSL connection\u0027 is set to \u0027ENABLED\u0027 for MySQL Database Server",
                                                        "ServiceName":  "MySQLDatabaseServerService",
                                                        "ComplianceNumber":  "2200.47",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SQLDatabaseAuditingRetentionId",
                                                        "ShortTitle":  "Ensure that \u0027Auditing\u0027 Retention is \u0027greater than 90 days\u0027 for SQL Database",
                                                        "ServiceName":  "SQLDBAuditingService",
                                                        "ComplianceNumber":  "2200.48",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "SQLServerAzureServiceAccessId",
                                                        "ShortTitle":  "Ensure the \u0027Allow access to Azure services\u0027 flag is disabled for SQL Server",
                                                        "ServiceName":  "SQLDBServerAuditingService",
                                                        "ComplianceNumber":  "2200.49",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Win OS-12R2 - Audit Policy",
                                   "ControlCategoryOrder":  14,
                                   "CategoryId":  "AZ_CSBP_12R2_Audit_Policy",
                                   "Total":  49,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  49,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "VBa41cbeed_d66b_4020_8a10_9a78a135b523",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Policy: Account Logon: Credential Validation",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37741-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB97BB0A80_31F3_4B71_A08D_D71C49D586E3",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Audit Application Group Management\u0027 is set",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38329-9-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBbfbcf6a4_5918_43d6_b227_3eb743c42fc6",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Policy: Account Management: Other Account Management Events",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37855-4-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBd6bca841_8cbc_4e0b_a7cc_0d267033cf46",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Policy: Account Management: Security Group Management",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38034-5-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBd07a36dc_de05_4842_9a11_22d2b3411127",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Policy: Account Management: User Account Management",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37856-2-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBb566ed34_277a_420f_9070_1a004fceea77",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Policy: Detailed Tracking: Process Creation",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36059-4-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBebad0dce_6521_48a5_b940_e83a03f237f6",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Policy: Logon-Logoff: Account Lockout",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37133-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB41f6a2e9_03b1_4d32_a026_91ef6899024f",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Policy: Logon-Logoff: Logoff",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38237-4-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB213b1b6e_523a_4a42_bc8f_1f4276ef59c7",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Policy: Logon-Logoff: Logon",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38036-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB054AB833_273A_498B_87E9_7ED68B8E964A",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Audit Other Logon/Logoff Events\u0027 is set to \u0027Success and Failure\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36322-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB3872d203_c556_4001_b2f6_b6ee0bd926c4",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Policy: Logon-Logoff: Special Logon",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36266-5-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB719B8F52_C6B3_4EB5_8789_C073EC439547",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Audit Removable Storage\u0027 is set to \u0027Success and Failure\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37617-8-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB101eaf81_3dd3_4867_8871_f649131a06a9",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Policy: Policy Change: Audit Policy Change\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38028-7-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBaa0ca1a0_d22f_4f98_9084_7de0dc6e05da",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Policy: Policy Change: Authentication Policy Change",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38327-3-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB389F58D6_916E_4F26_B01D_51B627FA34F6",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Audit Authorization Policy Change\u0027 is set to \u0027Success\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36320-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB8d0d6832_fdb5_46f1_b225_cf224ff8d3c9",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Policy: Privilege Use: Sensitive Privilege Use",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36267-3-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB107b8424_7ee8_4b6a_a859_b5256aa6596e",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Policy: System: IPsec Driver",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37853-9-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB632ec8bb_afbc_4b95_ae0c_4c47955e25fb",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Policy: System: Other System Events",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38030-3-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB9381b3b7_5bde_4ecd_af97_a944766690db",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Policy: System: Security State Change",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38114-5-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBbda94d3b_0526_494c_9e33_c6bd0d9a0ac8",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Policy: System: Security System Extension",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36144-4-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB2a94b2d5_fd25_45de_a576_8e5b7497262f",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Policy: System: System Integrity",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37132-8-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBB7267107_B915_4F01_BF24_3008A2FB2BD2",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Central Access Policy Staging",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00001-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB96C2C43D_BA94_453B_8A0D_4AD776467F3C",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Handle Manipulation",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00107-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBE1C6815E_F5D7_4B02_808B_E7B4CD723B1F",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Kernel Object",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00110-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB0FEE6FFF_0DA6_491F_A519_257212769E70",
                                                        "ShortTitle":  "Windows 2012R2 - Audit File System",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00103-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBDA149640_B820_4860_AE07_C1683AE4219D",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Detailed File Share",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00100-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB8DA95FED_FC32_4B5A_A0A1_111EE5CEF329",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Filtering Platform Packet Drop",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00105-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCF8C2303_D2F4_42CB_931A_579A1B213ED7",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Non Sensitive Privilege Use",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00112-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB2F507EF7_F0AB_4D2B_94A4_3D453A057FC2",
                                                        "ShortTitle":  "Windows 2012R2 - Audit MPSSVC Rule-Level Policy Change",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00111-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBEB73227F_324A_4403_9B28_F735A41C2F88",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Network Policy Server",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00096-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB9FA48200_782B_4A59_AAF9_25432C87D880",
                                                        "ShortTitle":  "Windows 2012R2 - Audit File Share",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00102-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB35477D08_1D88_47D1_A58E_E3169A3D1571",
                                                        "ShortTitle":  "Windows 2012R2 - Audit IPsec Main Mode",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00003-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB9AB39A13_A1EA_44BC_A621_2319CEB7A7D5",
                                                        "ShortTitle":  "Windows 2012R2 - Audit IPsec Quick Mode",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00109-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB3DEB8042_FC14_4A18_8C89_8C6D26DE36EB",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Filtering Platform Policy Change",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00106-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB63C32FB7_AEF3_47F6_8650_3EFBAAB97241",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Filtering Platform Connection",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00104-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB42BD39CF_414B_4BAD_BB5F_9E19CB087B05",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Application Generated",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00099-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB6290C84F_E8E2_4054_8B67_FB7C4EDDD031",
                                                        "ShortTitle":  "Windows 2012R2 - Audit IPsec Extended Mode",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00108-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB8BB5CF59_8E3A_4AC0_8CA5_74D210189825",
                                                        "ShortTitle":  "Windows 2012R2 - Audit DPAPI Activity",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00101-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB44B2851D_735B_4778_8B50_C55ED20EB6C6",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Other Privilege Use Events",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00097-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB7E4C3D9E_4CE8_4A97_A183_FB251B9D4E82",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Other Object Access Events",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00113-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB0A787A28_6D42_4E52_9A2E_AE643E8E1952",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Other Account Logon Events",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00006-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB31DE200C_E409_465A_B3BB_93FCCE236632",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Policy: Detailed Tracking: Process Termination",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00007-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBA4CBB6FB_6DE5_45F9_B93B_561A3BE113E6",
                                                        "ShortTitle":  "Windows 2012R2 - Audit RPC Events",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00116-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBC0F8CBD5_C6B0_4B8E_8CE7_E3EA94048E17",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Registry",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00115-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBA2E20646_0111_45DF_B2C7_C7CD6379DCDF",
                                                        "ShortTitle":  "Windows 2012R2 - Audit User/Device Claims",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00118-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB12F6D2F1_6700_468D_A9DD_F05E40A60C5B",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Policy: Logon-Logoff: IPsec Main Mode",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00008-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB5B6CBC07_2F6B_4862_8173_B66946DB344A",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Other Policy Change Events",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00114-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBFA7E954B_F276_49FB_A617_A37D665ACEA1",
                                                        "ShortTitle":  "Windows 2012R2 - Audit Process Termination",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00009-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB606CFE32_3DC8_48BF_996C_63A6414E7171",
                                                        "ShortTitle":  "Windows 2012R2 - Audit SAM",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00117-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Win OS-12R2 - Registry Policy",
                                   "ControlCategoryOrder":  15,
                                   "CategoryId":  "AZ_CSBP_12R2_Registry_Policy",
                                   "Total":  120,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  120,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "VB6AA4E469_FD45_481D_A3AF_00A4B9A536A4",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Allow Basic authentication\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36254-1-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBF88E03AB_05B5_4C71_8FBC_1864FD71BD9C",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Do not allow passwords to be saved\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36223-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB5983527c_f84a_4a69_bdaf_21cdceff37d9",
                                                        "ShortTitle":  "Windows 2012R2 - Network access: Do not allow anonymous enumeration of SAM accounts",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36316-8-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB63006b09_c981_434c_b77d_07191efe3c87",
                                                        "ShortTitle":  "Windows 2012R2 - Network access: Do not allow anonymous enumeration of SAM accounts and shares",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36077-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB04D1AF14_F0C2_4DA7_9455_974C475BFF25",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Enable RPC Endpoint Mapper Client Authentication\u0027 is set to \u0027Enabled\u0027 (MS only)",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37346-4-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB75FF3178_FF44_448A_8DEC_A6FC1AA730AD",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027System: Specify the maximum log file size (KB)\u0027 is set to \u0027Enabled: 32,768 or greater\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36092-5-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB6925A41B_589B_4C4D_B80F_E1381BB9C802",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Turn off app notifications on the lock screen\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-35893-7-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB385cc232_e49c_4ce1_bd8c_4c835968c46a",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Accounts: Limit local account use of blank passwords to console logon only\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37615-2-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB2F1FA455_5810_42F2_8C5E_3DCB2B1ADB33",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37850-5-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBdbab07cc_682a_40c1_9c18_7706c068f45d",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Audit: Shut down system immediately if unable to log security audits\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-35907-5-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB93CC91F1_404E_4E0A_8AA5_E9ABB63E06E5",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Devices: Allowed to format and eject removable media\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37701-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB53f493fb_f11a_44e9_9adb_3069d66a9844",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Devices: Prevent users from installing printer drivers\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37942-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB1c449a3c_20c5_40e6_9742_d90052f1f60c",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Interactive logon: Do not display last user name\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36056-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB8d93d233_07e3_4ab5_881f_388844069274",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Interactive logon: Do not require CTRL+ALT+DEL\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37637-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB0d4ab9c2_cbb8_491a_848f_75692b5c4054",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Microsoft network client: Digitally sign communications (always)\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36325-9-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB95ba349a_7f09_4f12_8b9b_1f92d85594ff",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Microsoft network client: Send unencrypted password to third-party SMB servers\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37863-8-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB8C97FB2D_D5B0_4B11_81ED_ABC4F37C806B",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Microsoft network server: Idle time required before suspending session\u0027 is set to \u002715 or fewer minute(s), but not 0\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38046-9-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBbef8c442_25ca_4a30_8762_19e992c7a996",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Microsoft network server: Digitally sign communications (always)\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37864-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB8094f554_990c_4422_8086_a5eaf8fa7073",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Microsoft network server: Digitally sign communications (if client agrees)\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-35988-5-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB92355bf7_0d7f_4263_99d3_333183dd22e5",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Microsoft network server: Disconnect clients when logon hours expire\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37972-7-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB307d7a86_7830_48da_81b4_455f77a76294",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Microsoft network client: Digitally sign communications (if server agrees)\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36269-9-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB2C1BE313_1A3C_457E_B209_29B65A5C17D8",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Prevent enabling lock screen camera\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38347-1-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB35D6115D_2CD4_4C13_971D_842C6AC3EF9C",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Prevent enabling lock screen slide show\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38348-9-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB4BCB111A_3464_4D65_B4EB_0EBC8D5BF17E",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Prohibit installation and configuration of Network Bridge on your DNS domain network\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38002-2-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB2384C0CC_D299_4D78_BD3F_08795230C501",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Minimize the number of simultaneous connections to the Internet or a Windows Domain\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38338-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBF51852E5_CAA3_4E57_A0F3_02329F4562B9",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Boot-Start Driver Initialization Policy\u0027 is set to \u0027Enabled: Good, unknown and bad but critical\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37912-3-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBADC4B1FB_F348_4FC0_89E5_A80D353A723A",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Turn off downloading of print drivers over HTTP\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36625-2-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB753FAFEF_6E1C_4DBA_B1CC_7408C62D5604",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Do not display network selection UI\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38353-9-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB091E89CD_0809_4A41_BCB8_2C4174E6F45B",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Allow Microsoft accounts to be optional\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38354-7-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBC1222666_B924_4A01_8AA5_8C364ED926FC",
                                                        "ShortTitle":  "Windows 2012R2 - Configure \u0027Network access: Remotely accessible registry paths\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37194-8-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBB9659B7B_7335_4204_BAC9_94F7C6FE5481",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Always install with elevated privileges\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37490-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB8DFCFA4C_CCDB_4DF9_95DC_2AF50201284E",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Allow unencrypted traffic\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38223-4-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB7225EA00_0A1C_4BB1_90D5_1FACB155DE2F",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Allow user control over installs\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36400-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCDC51AA9_D320_47A0_9C8C_2569829BD3DC",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Always prompt for password upon connection\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37929-7-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB42639FCB_24FA_474D_B16B_B92F5FA9A21C",
                                                        "ShortTitle":  "Windows 2012R2 - Configure \u0027Network access: Remotely accessible registry paths and sub-paths\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36347-3-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBBD49BAEA_9235_475A_BB3A_9700995659E0",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Configure Solicited Remote Assistance\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37281-3-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB44494BC4_9176_409C_B703_FFA47E98A361",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Windows Firewall: Public: Settings: Apply local connection security rules\u0027 is set to \u0027No\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36268-1-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBFFB6D954_0C98_49A4_9928_26F6EBCABE3F",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Disallow Digest authentication\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38318-2-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB7CA8541B_845F_4156_A64B_FEA831D74A39",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Security: Control Event Log behavior when the log file reaches its maximum size\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37145-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBEE1AB503_0876_47E0_B143_B0321546B2CF",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Windows Firewall: Private: Settings: Apply local firewall rules\u0027 is set to \u0027Yes (default)\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37438-9-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB13F658ED_2CC8_464E_96C1_31670212510B",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Turn off heap termination on corruption\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36660-9-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB8278ACCD_D921_4D51_B8A4_807EAAF5A17C",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Turn off Autoplay\u0027 is set to \u0027Enabled: All drives\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36875-3-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB2CBCF585_BD00_4342_BAEC_121B23B78EA7",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Network Security: Allow PKU2U authentication requests to this computer to use online identities\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38047-7-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBAE99EA26_04BF_48C0_A2E2_7CA10B957351",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Turn off shell protocol protected mode\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36809-2-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBB0010A88_673A_457F_829E_9238624211E9",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Network access: Shares that can be accessed anonymously\u0027 is set to \u0027None\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38095-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBDD652094_F2B5_4C0F_A2FE_D5428088A03E",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Do not display the password reveal button\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37534-5-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB65D86649_6346_4134_857B_D5A27A62A45F",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Network security: Allow Local System to use computer identity for NTLM\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38341-4-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBFEA4BF93_A49F_4B88_B645_5F0623EFB0AB",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Automatically send memory dumps for OS-generated error reports\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36978-5-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBC22F696E_C858_42F5_8478_931349FD42F6",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Windows Firewall: Private: Firewall state\u0027 is set to \u0027On (recommended)\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38239-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB793B7BDC_011F_479B_B211_3867A18395C0",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Configure Default consent\u0027 is set to \u0027Enabled: Send all data\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37112-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBFB12F9E4_403F_40E0_9696_5267FCA650A8",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027System: Control Event Log behavior when the log file reaches its maximum size\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36160-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB93BA9592_D603_43F1_BA00_72A74A60EE55",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Include command line in process creation events\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36925-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB31861944_1919_4A15_8530_07218335BA58",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Network Security: Configure encryption types allowed for Kerberos\u0027 is set to \u0027RC4_HMAC_MD5, AES128_HMAC_SHA1, AES256_HMAC_SHA1, Future encryption types\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37755-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB5F832EBB_1B91_488F_B9A0_DB21131B1F6E",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Sign-in last interactive user automatically after a system-initiated restart\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36977-7-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBC445E171_A6AF_45E2_BA3B_26542648C0A4",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Prevent downloading of enclosures\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37126-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB1E6C5D3D_4FC3_49AF_9DAA_F851CE7CDDF5",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Set the default behavior for AutoRun\u0027 is set to \u0027Enabled: Do not execute any autorun commands\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38217-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB5E007D8A_8DFA_4D0D_BD16_C1B41259E0B9",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Security: Specify the maximum log file size (KB)\u0027 is set to \u0027Enabled: 196,608 or greater\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37695-4-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBD1874B4C_FCAC_4DC7_B1E8_B5610D405117",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Turn on convenience PIN sign-in\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37528-7-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB2CC098C4_ECC9_48C9_8F9D_FEF7C5FD4950",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Setup: Specify the maximum log file size (KB)\u0027 is set to \u0027Enabled: 32,768 or greater\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37526-1-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB91C161C0_E0A1_47DF_81B1_868801BF6701",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Set client connection encryption level\u0027 is set to \u0027Enabled: High Level\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36627-8-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBDB3FA38F_2B83_4AD0_BEDE_AEE716A7EB6C",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Setup: Control Event Log behavior when the log file reaches its maximum size\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38276-2-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBC94DB68B_FA89_4D42_A99A_368AFF05D305",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Application: Control Event Log behavior when the log file reaches its maximum size\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37775-4-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB45DF82E2_57EE_4E98_B866_AC8D10401D73",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Enumerate administrator accounts on elevation\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36512-2-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB43D2D412_90CA_4274_BFD3_43FD3BF58EBD",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Application: Specify the maximum log file size (KB)\u0027 is set to \u0027Enabled: 32,768 or greater\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37948-7-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB1F9A1EDC_FE2D_4152_8AD5_B66D857DBDDF",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Windows Firewall: Domain: Firewall state\u0027 is set to \u0027On (recommended)\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36062-8-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB79D47849_0E5D_4380_B87C_FD78D79A6024",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Network security: LAN Manager authentication level\u0027 is set to \u0027Send NTLMv2 response only. Refuse LM \u0026 NTLM\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36173-3-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB67EA94A7_CA15_4BFB_BDF6_C571F3857344",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Require secure RPC communication\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37567-5-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB53C61C29_2BD8_44BC_AEEC_D86BCB2B6915",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Turn off Data Execution Prevention for Explorer\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37809-1-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB2F45AA34_B5DB_4ADA_91DA_5FA5036D83B8",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Do not delete temp folders upon exit\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37946-1-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB57911EE5_3A92_427C_BA11_093489155140",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Disallow Autoplay for non-volume devices\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37636-8-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBBC9325AF_1F5F_4A2C_ABC3_CAA081F6AABC",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Windows Firewall: Public: Settings: Apply local firewall rules\u0027 is set to \u0027No\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37861-2-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB6B54C203_88A6_47CE_84B5_D3FE5789258B",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Configure Offer Remote Assistance\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36388-7-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBBACD67F6_5508_4C8A_B1F6_B1FF2FAD7C81",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Windows Firewall: Public: Firewall state\u0027 is set to \u0027On (recommended)\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37862-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB26D034D6_7B54_4393_89A2_DD55B00C605D",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Disallow WinRM from storing RunAs credentials\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36000-8-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBFA2D4CD2_719B_4FB7_9E00_628A33BA4608",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Do not use temporary folders per session\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38180-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBd168a0da_385c_42ef_841a_4b2bdb347746",
                                                        "ShortTitle":  "Windows 2012R2 - Network access: Sharing and security model for local accounts",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37623-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBed1c0841_b58b_4179_8573_e5748aae66fa",
                                                        "ShortTitle":  "Windows 2012R2 - Network security: Minimum session security for NTLM SSP based (including secure RPC) clients",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37553-5-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBa6b659e0_a942_408b_b72e_34900002ae49",
                                                        "ShortTitle":  "Windows 2012R2 - System objects: Require case insensitivity for non-Windows subsystems",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37885-1-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBda87147e_54c1_4fa4_8a88_8e48fbaf4e47",
                                                        "ShortTitle":  "Windows 2012R2 - Network access: Let Everyone permissions apply to anonymous users",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36148-5-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBee5328da_98d4_4ea6_8832_7827d5623334",
                                                        "ShortTitle":  "Windows 2012R2 - Network security: LDAP client signing requirements",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36858-9-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB72dd6b79_12f7_4255_bdf6_79a2095563c9",
                                                        "ShortTitle":  "Windows 2012R2 - Network access: Restrict anonymous access to Named Pipes and Shares",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36021-4-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB050cca7d_3bd4_4e04_a700_11e8a9787602",
                                                        "ShortTitle":  "Windows 2012R2 - User Account Control: Admin Approval Mode for the Built-in Administrator account",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36494-3-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB8a92a3c6_30e1_46c3_9af0_d359f2d9811c",
                                                        "ShortTitle":  "Windows 2012R2 - \u0027Shutdown: Allow system to be shut down without having to log on\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36788-8-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB3eb53013_936e_405d_9a95_401dd026ab0b",
                                                        "ShortTitle":  "Windows 2012R2 - Network security: Minimum session security for NTLM SSP based (including secure RPC) servers",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37835-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBc09401f6_00f2_488d_ab5b_936c1b19206a",
                                                        "ShortTitle":  "Windows 2012R2 - Network security: Do not store LAN Manager hash value on next password change",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36326-7-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBcd4a65f0_735a_491e_91f1_992eac63b2e3",
                                                        "ShortTitle":  "Windows 2012R2 - System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37644-2-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB97ca378a_4ba3_4e4a_9dd7_fa3777102a1a",
                                                        "ShortTitle":  "Windows 2012R2 - Network security: Allow LocalSystem NULL session fallback",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37035-3-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBc3ead565_6501_43c6_a8b6_f721d8a2bc30",
                                                        "ShortTitle":  "Windows 2012R2 - Windows Firewall: Public: Display a notification",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38043-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBe95dcf65_a945_4dea_a264_70f9111d2c63",
                                                        "ShortTitle":  "Windows 2012R2 - Windows Firewall: Public: Outbound connections",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37434-8-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBc2c67b6f_5b67_4ad2_81a9_40ef68ed1f29",
                                                        "ShortTitle":  "Windows 2012R2 - User Account Control: Run all administrators in Admin Approval Mode",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36869-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB39a665ad_cde0_4e47_b9a1_6aab4b3bb8ae",
                                                        "ShortTitle":  "Windows 2012R2 - Windows Firewall: Domain: Display a notification",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38041-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBf4b16962_1063_4dad_ad43_815005345072",
                                                        "ShortTitle":  "Windows 2012R2 - User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37029-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBc6128934_d4ff_4437_ad3b_ef56c40585b1",
                                                        "ShortTitle":  "Windows 2012R2 - Windows Firewall: Private: Display a notification",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37621-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB6ea3a26d_9b8d_4fcc_b96a_f8e0379b2f35",
                                                        "ShortTitle":  "Windows 2012R2 - User Account Control: Behavior of the elevation prompt for standard users",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36864-7-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBf10e52c4_b6cb_478a_a0c2_4ab238e8be43",
                                                        "ShortTitle":  "Windows 2012R2 - User Account Control: Only elevate UIAccess applications that are installed in secure locations",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37057-7-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBaec71019_bad6_48e5_a371_c8b92fcf3f51",
                                                        "ShortTitle":  "Windows 2012R2 - User Account Control: Detect application installations and prompt for elevation",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36533-8-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB10213290_9da5_4802_a9ed_019b0e1aee6b",
                                                        "ShortTitle":  "Windows 2012R2 - User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36863-9-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB1a433676_2364_48e2_81f5_c962ef31c7e2",
                                                        "ShortTitle":  "Windows 2012R2 - User Account Control: Virtualize file and registry write failures to per-user locations",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37064-3-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBd8f63848_f2a4_43e3_9588_82121871536d",
                                                        "ShortTitle":  "Windows 2012R2 - User Account Control: Switch to the secure desktop when prompting for elevation",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36866-2-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB052284a8_7e89_4814_879c_7cfe253054ba",
                                                        "ShortTitle":  "Windows 2012R2 - Windows Firewall: Domain: Outbound connections",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36146-9-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBb48391da_4d8e_4ade_8649_6623f2ee2a8c",
                                                        "ShortTitle":  "Windows 2012R2 - Windows Firewall: Private: Outbound connections",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38332-3-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBE3BC8800_A9DD_4572_BF07_A85785AABB44",
                                                        "ShortTitle":  "Windows 2012R2 - Devices: Allow undock without having to log on",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00120-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB0B731B81_6399_4095_8787_ED00EFF38765",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Enable Windows NTP Client\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37843-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBd237466d_5be7_4c58_9ad6_3f5df639cadd",
                                                        "ShortTitle":  "Windows 2012R2 - Disable SMB v1 server",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00167-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB57FE7043_2D8D_4832_9706_0B4D9905E9CA",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Always use classic logon\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37348-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBD6B7D2F7_7C0B_4C79_963E_FA4D32801CB6",
                                                        "ShortTitle":  "Windows 2012R2 - Detect change from default RDP port",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00156-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB19904747_19DA_47A3_9968_FE36ADC01CE7",
                                                        "ShortTitle":  "Windows 2012R2 - Disable Windows Search Service",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00124-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB7E174C9E_301F_41E3_AA5B_4320A565186E",
                                                        "ShortTitle":  "Windows 2012R2 - Require user authentication for remote connections by using Network Level Authentication",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00149-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBB8210276_03A5_41E9_AF7D_609EC19EDD84",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Windows Firewall: Private: Settings: Apply local connection security rules\u0027 is set to \u0027Yes (default)\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36063-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBF0C1628B_B04C_40BA_9C67_9BCB15D84DA4",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37163-3-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBE65E3BA3_113E_4C0B_8C43_FBA9365753C9",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Windows Firewall: Domain: Settings: Apply local firewall rules\u0027 is set to \u0027Yes (default)\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37860-4-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBC40A4A49_F503_46F5_BBAD_1A2503FB3094",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Windows Firewall: Domain: Settings: Apply local connection security rules\u0027 is set to \u0027Yes (default)\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38040-2-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB9be3e136_3b43_4a91_8277_c854efb80327",
                                                        "ShortTitle":  "Windows 2012R2 - System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37172-4-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBf447923e_f8fb_4116_8aea_7caa4b911175",
                                                        "ShortTitle":  "Windows 2012R2 - Recovery console: Allow floppy copy and access to all drives and all folders",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37307-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBB499A574_FE40_44C0_B9B6_46B401A461AE",
                                                        "ShortTitle":  "Windows 2012R2 - Specify the interval to check for definition updates",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00152-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB97A53C67_2A26_4D19_9B6A_33121B6A4524",
                                                        "ShortTitle":  "Windows 2012R2 - Windows Firewall: Private: Allow unicast response",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00089-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCF440C8C_62D7_467F_BEDC_4718B62840BF",
                                                        "ShortTitle":  "Windows 2012R2 - Windows Firewall: Domain: Allow unicast response",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00088-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB8053B0F4_EB16_4349_86A7_172A600B13FB",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Prohibit use of Internet Connection Sharing on your DNS domain network\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00143-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBcd8e0aad_d3c3_4c71_a1aa_5726f6307b8e",
                                                        "ShortTitle":  "Windows 2012R2 - Shutdown: Clear virtual memory pagefile",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38335-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBA96CD574_9827_4742_BDD5_D91DED452896",
                                                        "ShortTitle":  "Windows 2012R2 - Windows Firewall: Public: Allow unicast response",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00090-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Win OS-12R2 - Security Policy",
                                   "ControlCategoryOrder":  16,
                                   "CategoryId":  "AZ_CSBP_12R2_Security_Policy",
                                   "Total":  43,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  43,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "VB74283E76_1186_4DB5_AD12_3FCAA2AD0483",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Enforce password history\u0027 is set to \u002724 or more password(s)\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37166-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBA899B7A1_455B_4051_A42A_41412628E2F4",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Maximum password age\u0027 is set to \u002770 or fewer days, but not 0\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37167-4-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB5E6D9643_2CE4_4B01_9B09_1941C48D01B3",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Minimum password age\u0027 is set to \u00271 or more day(s)\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37073-4-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB0B1418B5_9EA6_4CEA_8D23_3DF8102AD040",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Minimum password length\u0027 is set to \u002714 or more character(s)\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36534-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBC1151297_CF5F_4E1B_B9FC_23DB6791A0DD",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Password must meet complexity requirements\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37063-5-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBBDA6C3DE_4869_4203_8AE2_FD0F64D6166A",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Store passwords using reversible encryption\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36286-3-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBa723aa73_7a8e_46b6_8624_d086b27772fc",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Access Credential Manager as a trusted caller\u0027 is set to \u0027No One\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37056-9-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB33f6db2d_3816_47e5_af11_f3e014bdaad6",
                                                        "ShortTitle":  "Windows 2012R2 - Configure \u0027Access this computer from the network\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-35818-4-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB1eb18791_2d15_4e6a_9280_6cb868fc0162",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Act as part of the operating system\u0027 is set to \u0027No One\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36876-1-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBdd2d1504_9d49_4d16_8937_eb9e7d5f4a40",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Allow log on locally\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37659-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB31a81fcc_b81f_4c87_afe5_a6f422da365f",
                                                        "ShortTitle":  "Windows 2012R2 - Configure \u0027Allow log on through Remote Desktop Services\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37072-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB32b97116_c800_4107_a1b7_8e15253508a8",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Back up files and directories\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-35912-5-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB79ccc4e0_2306_4ac8_a492_7d36287c9adb",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Change the system time\u0027 is set to \u0027Administrators, LOCAL SERVICE\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37452-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB6fb65585_1b82_40dd_8449_32f91ac7ef21",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Change the time zone\u0027 is set to \u0027Administrators, LOCAL SERVICE\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37700-2-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBb02be7bd_d30f_4d9e_8df4_7a5b01a1364d",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Create a pagefile\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-35821-8-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBec508621_1384_40f9_8cee_defd90934808",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Create a token object\u0027 is set to \u0027No One\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36861-3-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBa01142fd_5529_4f95_b55b_73d04adb9919",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Create global objects\u0027 is set to \u0027Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37453-8-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB15caeba9_6294_4223_8145_c57e523bbe3d",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Create permanent shared objects\u0027 is set to \u0027No One\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36532-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBa7ff021c_f476_48af_82fc_9173919b6720",
                                                        "ShortTitle":  "Windows 2012R2 - Configure \u0027Create symbolic links\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-35823-4-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB4c940ec2_5e0e_431b_906b_5c1b4a82c326",
                                                        "ShortTitle":  "Windows 2012R2 - Configure \u0027Deny access to this computer from the network\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37954-5-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB406f0e13_8709_4ac1_87aa_779f2a3e554b",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Deny log on as a batch job\u0027 to include \u0027Guests\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36923-1-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB6c2c0627_54b0_4dc0_8077_be7f3ea838e8",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Deny log on as a service\u0027 to include \u0027Guests\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36877-9-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBb179628e_7260_461e_9c1d_5638a78dac97",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Deny log on locally\u0027 to include \u0027Guests\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37146-8-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB49b31ab3_ba8d_44f7_92b1_850c105752d5",
                                                        "ShortTitle":  "Windows 2012R2 - Configure \u0027Deny log on through Remote Desktop Services\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36867-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB3edf66ca_eef2_4a11_9b5f_0e9f66d0c485",
                                                        "ShortTitle":  "Windows 2012R2 - Configure \u0027Enable computer and user accounts to be trusted for delegation\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36860-5-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBcc36c1ba_77d8_4317_9a52_c57862f9bee1",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Force shutdown from a remote system\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37877-8-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBc0178641_dfd3_4937_b32a_a661f4b3b36a",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Generate security audits\u0027 is set to \u0027LOCAL SERVICE, NETWORK SERVICE\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37639-2-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB22e60f42_b881_41a9_a773_1dd57677d07c",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Increase scheduling priority\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38326-5-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBf1bd228c_0d50_4f76_9b3e_a18536d56a29",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Load and unload device drivers\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36318-4-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBc7282bdc_e040_4e22_bb4a_f5977d8f59f8",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Lock pages in memory\u0027 is set to \u0027No One\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36495-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB0f5f6960_8122_47cb_a1f5_b1d174d4b8d7",
                                                        "ShortTitle":  "Windows 2012R2 - Configure \u0027Manage auditing and security log\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-35906-7-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB1dc534a7_f6c1_4977_bd74_037e6b5159bf",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Modify an object label\u0027 is set to \u0027No One\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36054-5-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB49a2d248_907e_41dc_9f09_e91f60069c12",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Modify firmware environment values\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38113-7-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBdadaf9fd_114b_47b1_abc4_b95a8fc62426",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Perform volume maintenance tasks\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36143-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBb239649c_499c_479a_b1a1_29ca9dc66fb1",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Profile single process\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37131-0-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBfcfd01ef_29c0_470c_8669_131f6f3347f6",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Replace a process level token\u0027 is set to \u0027LOCAL SERVICE, NETWORK SERVICE\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37430-6-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB048dd516_4793_44e1_8e5d_444a54113628",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Restore files and directories\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37613-7-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB2c6609e1_4393_43b1_a77c_7a6dd15ccf94",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Shut down the system\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38328-1-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBa0c45b19_b0e3_4a8a_801e_f0c0ee992d12",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Take ownership of files or other objects\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-38325-7-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB08F85AEB_EB3F_406B_8940_4A4452C1F611",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Accounts: Guest account status\u0027 is set to \u0027Disabled\u0027 (MS only)",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-37432-2-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBB3EF11E5_DAD3_4458_8FC7_981E0248D0BA",
                                                        "ShortTitle":  "Windows 2012R2 - Ensure \u0027Profile system performance\u0027 is set to \u0027Administrators, NT SERVICE-WdiServiceHost\u0027",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "CCE-36052-9-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBA2E4ED9D_57C4_4442_8BBA_CAFC24BC9AED",
                                                        "ShortTitle":  "Windows 2012R2 - Increase a process working set",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00147-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB946EFF01_C30B_44CB_A379_861F2700A644",
                                                        "ShortTitle":  "Windows 2012R2 - Bypass traverse checking",
                                                        "ServiceName":  "VMBaseline12",
                                                        "ComplianceNumber":  "AZ-WIN-00119-12R2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Win OS-16 - Audit Policy",
                                   "ControlCategoryOrder":  17,
                                   "CategoryId":  "AZ_CSBP_Win_OS_16_Audit_Policy",
                                   "Total":  50,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  50,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "VBcdad2863_96de_407f_8f8c_6e0c6dd8b86c",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit Application Group Management\u0027 is set",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38329-9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB42DB0BEC_E47F_49F6_A0AF_59798F0FEEFE",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit Authentication Policy Change\u0027 is set to \u0027Success\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38327-3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBe1174067_f117_4d7f_9584_fd93eedd566f",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit Logoff\u0027 is set to \u0027Success\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38237-4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB761F9127_3D19_44AF_87A2_09B10B21ECF2",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit Security State Change\u0027 is set to \u0027Success\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38114-5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB5b5ac074_b108_4acf_aeca_5baabc276538",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit Logon\u0027 is set to \u0027Success and Failure\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38036-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB515db7da_c244_445b_b093_cf3c09ad8970",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit Security Group Management\u0027 is set to \u0027Success\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38034-5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBD5DB6E13_EEF5_45AC_A8F3_18A0B1FCD8F9",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit Policy Change\u0027 is set to \u0027Success\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38028-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB7e4d9fe1_eb3f_49ac_bb5b_d417df7e6d6c",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit User Account Management\u0027 is set to \u0027Success and Failure\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37856-2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBABCD36E4_F842_47E5_B35F_317BB5D1B7D2",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit IPsec Driver\u0027 is set to \u0027Success and Failure\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37853-9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBE0E08E42_ACB2_4E80_9EE8_31A98BC4CC4B",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit Other System Events\u0027 is set to \u0027Success and Failure\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38030-3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBFA518C7B_96BC_45E6_8FEE_2C99186A010D",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit Other Logon/Logoff Events\u0027 is set to \u0027Success and Failure\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36322-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBb88b1d85_5f3c_4235_91ab_6d8b5e767311",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit Removable Storage\u0027 is set to \u0027Success and Failure\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37617-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB4f8fd732_facf_4184_a29c_61fdd40db89d",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit Credential Validation\u0027 is set to \u0027Success and Failure\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37741-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB8042F614_F21E_4DCA_BA3F_C8B25523B6B2",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit Security System Extension\u0027 is set to \u0027Success\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36144-4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB103DE8E8_643E_4B0E_B4A4_A85830239A53",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit Account Lockout\u0027 is set to \u0027Success and Failure\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37133-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB7654F822_F345_4FD2_B03F_74F21140C125",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit Authorization Policy Change\u0027 is set to \u0027Success\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36320-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBD5056B06_4651_4698_B5D2_83E6B092E471",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit System Integrity\u0027 is set to \u0027Success\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37132-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB8ee0776b_3b84_47bf_9594_e14e29fcc8ff",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit Special Logon\u0027 is set to \u0027Success\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36266-5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBAA426F30_E6FF_4C6A_9D59_2EF82A504157",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit Sensitive Privilege Use\u0027 is set to \u0027Success and Failure\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36267-3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB6b3dc518_61f4_4a47_920c_0411674596a0",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit Process Creation\u0027 is set to \u0027Success and Failure\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36059-4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBB8ACDBFB_5274_4FBF_BA5C_B4F3EE94F715",
                                                        "ShortTitle":  "Windows 2016 - Audit IPsec Extended Mode",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00108",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB3B5A2BDD_3648_4D82_8718_145C114A7F6D",
                                                        "ShortTitle":  "Windows 2016 - Audit Detailed File Share",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00100",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBE171AD63_4865_4317_BD6A_6CF45369AF2C",
                                                        "ShortTitle":  "Windows 2016 - Audit Filtering Platform Packet Drop",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00105",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBF6C7CDD1_B504_4E9E_A272_1AA2F441DAA3",
                                                        "ShortTitle":  "Windows 2016 - Audit MPSSVC Rule-Level Policy Change",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00111",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB9A6359AC_183C_473E_A127_D1B55194216E",
                                                        "ShortTitle":  "Windows 2016 - Audit Kernel Object",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00110",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB420FAE23_D36A_4DD4_8890_9F9F3F02A9F4",
                                                        "ShortTitle":  "Windows 2016 - Audit IPsec Main Mode",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00003",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB9F0A2473_FB1D_4817_8DC6_7630A4558258",
                                                        "ShortTitle":  "Windows 2016 - Audit File Share",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00102",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBACD96120_83A4_44A9_9E62_127012287E49",
                                                        "ShortTitle":  "Windows 2016 - Audit Other Object Access Events",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00113",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB1564E1B7_BE0B_47A3_A2C3_45B08256698F",
                                                        "ShortTitle":  "Windows 2016 - Audit IPsec Quick Mode",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00109",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBBE7635AC_BA24_4881_88B5_64DDD80A7B09",
                                                        "ShortTitle":  "Windows 2016 - Audit Filtering Platform Policy Change",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00106",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBB2D63305_7449_4CA0_886F_F977677418FC",
                                                        "ShortTitle":  "Windows 2016 - Audit Handle Manipulation",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00107",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB2D45B131_0F0C_4832_A7CF_410054D60461",
                                                        "ShortTitle":  "Windows 2016 - Audit Network Policy Server",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00096",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB7C994DE3_FDAF_4F1D_AF2F_FDAD9F80A944",
                                                        "ShortTitle":  "Windows 2016 - Audit Central Access Policy Staging",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00001",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB5C361060_C1FF_4ED7_8AFC_1D5E758DC04C",
                                                        "ShortTitle":  "Windows 2016 - Audit Other Account Logon Events",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00006",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB32308a39_87da_4a19_a068_43e94912b0be",
                                                        "ShortTitle":  "Windows 2016 - Audit Non Sensitive Privilege Use",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00183",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB6CE310E7_E9EA_4928_B61F_B923C3206BC7",
                                                        "ShortTitle":  "Windows 2016 - Audit Filtering Platform Connection",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00104",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB4353700B_E941_4969_A4A4_1EFA44FDAADE",
                                                        "ShortTitle":  "Windows 2016 - Audit Application Generated",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00099",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBBA932C89_C75F_4564_A374_FC0ACBCD4BA2",
                                                        "ShortTitle":  "Windows 2016 - Audit DPAPI Activity",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00101",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBC446B61C_A62D_4940_8F42_349D2C211B0C",
                                                        "ShortTitle":  "Windows 2016 - Audit File System",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00103",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBD91D3873_B440_448F_9FDA_48B481A391CB",
                                                        "ShortTitle":  "Windows 2016 - Audit User/Device Claims",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00118",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB9B211C19_050A_493B_80FD_404B126DF7EC",
                                                        "ShortTitle":  "Windows 2016 - Audit Policy: Detailed Tracking: Process Termination",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00007",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBA18E3A0D_1BF7_44DF_BC5D_BC03EAAC1107",
                                                        "ShortTitle":  "Windows 2016 - Audit Policy: Logon-Logoff: IPsec Main Mode",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00008",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBED806704_A9DA_4146_8E81_F019B0297175",
                                                        "ShortTitle":  "Windows 2016 - Audit Process Termination",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00009",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB5046d960_670d_4fef_973a_cf242a97147e",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit PNP Activity\u0027 is set to \u0027Success\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00182",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB9B38AC97_C556_479B_9E31_666830F91DB8",
                                                        "ShortTitle":  "Windows 2016 - Audit SAM",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00117",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB472FFD54_66E0_4859_9BDE_8E75613B1311",
                                                        "ShortTitle":  "Windows 2016 - Audit Registry",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00115",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBBABDA20B_1BC0_4204_9745_0CD584DCBB2B",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit Group Membership\u0027 is set to \u0027Success\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00026",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB1E59C922_0A33_4532_94C6_539C4A2F1716",
                                                        "ShortTitle":  "Windows 2016 - Audit Other Policy Change Events",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00114",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBA92F655F_8961_4FEB_98AB_366084806DBB",
                                                        "ShortTitle":  "Windows 2016 - Audit Other Privilege Use Events",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00097",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB19ADA446_DD6B_435E_9BC4_5C7A1102D458",
                                                        "ShortTitle":  "Windows 2016 - Audit RPC Events",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00116",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Win OS-16 - Registry Policy",
                                   "ControlCategoryOrder":  18,
                                   "CategoryId":  "AZ_CSBP_Win_OS_16_Registry_Policy",
                                   "Total":  134,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  134,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "VBDE7AF76F_E469_4A4E_94FD_99F0CCCD54B6",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Allow Microsoft accounts to be optional\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38354-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB1CE9D867_2A1F_4E0D_8EE9_BC3606F9302C",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Do not display network selection UI\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38353-9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB7AC80D3D_B488_4191_9BDC_6709B072CBE6",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Prevent enabling lock screen slide show\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38348-9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBE7D5034F_5652_4180_90C8_C49130ACB3C6",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Network security: Allow Local System to use computer identity for NTLM\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38341-4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB8191B0F8_0855_491F_9DED_7260DC79AF3E",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Minimize the number of simultaneous connections to the Internet or a Windows Domain\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38338-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBC98CFB4E_113F_4A25_A080_AB1F7D0F8F38",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Windows Firewall: Private: Outbound connections\u0027 is set to \u0027Allow (default)\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38332-3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB63F01650_F1CD_4996_A151_7A36BC2FEDF8",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Prevent enabling lock screen camera\u0027 is set to \u0027Enabled\u0027 ",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38347-1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBef0eefbb_e845_47f3_af9a_3409296d3264",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Shut down the system\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38328-1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB34edb7eb_697c_4be9_8830_5aa5b031372e",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Disallow Digest authentication\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38318-2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB484c747f_1418_4c27_a944_c3b1e1690b33",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Allow indexing of encrypted files\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38277-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB31F0541C_879F_473D_BF6B_E0AEF89F0B45",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Setup: Control Event Log behavior when the log file reaches its maximum size\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38276-2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBC8E1851A_FB32_4197_A1C0_D9DA262D37F1",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Windows Firewall: Private: Firewall state\u0027 is set to \u0027On (recommended)\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38239-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB2785f384_9901_4c9d_8dca_8ff2b5068fde",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Allow unencrypted traffic\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38223-4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB7869DDEF_04AB_4CC5_90F2_5E6FD1540CBA",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Set the default behavior for AutoRun\u0027 is set to \u0027Enabled: Do not execute any autorun commands\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38217-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB832730A2_CC1F_4F77_BB8C_6315D210666F",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Do not use temporary folders per session\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38180-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBEE6B9D20_8C62_4F14_8719_A425E09244ED",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Network access: Shares that can be accessed anonymously\u0027 is set to \u0027None\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38095-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB4383c5e5_ea15_4e94_a170_fd61b3fda9f1",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Microsoft network server: Idle time required before suspending session\u0027 is set to \u002715 or fewer minute(s), but not 0\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38046-9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBF34E3441_5977_432B_899B_119FC66E1B08",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Windows Firewall: Public: Settings: Display a notification\u0027 is set to \u0027Yes\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38043-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBD4CB5E92_F237_4F83_95FB_1DDE6BE6DB1B",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Windows Firewall: Domain: Settings: Display a notification\u0027 is set to \u0027No\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38041-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB357272d2_2018_455e_935c_8777473661dd",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Prohibit installation and configuration of Network Bridge on your DNS domain network\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38002-2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB32899900_6b73_4cdd_906d_702e00bae698",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Microsoft network server: Disconnect clients when logon hours expire\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37972-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB28B43132_0B7F_4839_9116_8C33AC9EE424",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Do not delete temp folders upon exit\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37946-1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB5502808d_7049_4378_b9f7_038b70777483",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Devices: Prevent users from installing printer drivers\u0027is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37942-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBD9794F70_E03C_40E5_A812_D2878C0EB6D5",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Always prompt for password upon connection\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37929-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB3C336CEE_A852_4673_82E9_C7E130AF7BC7",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Boot-Start Driver Initialization Policy\u0027 is set to \u0027Enabled: Good, unknown and bad but critical\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37912-3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB0be33574_5e6c_4cfe_8b84_18819338eb6e",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027System objects: Require case insensitivity for non-Windows subsystems\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37885-1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB032b5976_1c4b_4c68_bc5d_0c65e35306b2",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Microsoft network server: Digitally sign communications (always)\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37864-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBa14a2808_588b_4233_b342_9dc1cecf2b0a",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Microsoft network client: Send unencrypted password to third-party SMB servers",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37863-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB5E33A15A_7DB0_4A1D_B771_DB3764F3A625",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Windows Firewall: Public: Firewall state\u0027 is set to \u0027On (recommended)\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37862-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBE82B54B4_EF4D_474C_B06E_036DD076CBEC",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Windows Firewall: Public: Settings: Apply local firewall rules\u0027 is set to \u0027No\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37861-2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB8ad78d25_6140_4899_9565_e053ce7d9a66",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Network Security: Allow PKU2U authentication requests to this computer to use online identities\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38047-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB0179CC92_EF40_40B9_9AAA_41AAF3F9F355",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37850-5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBb17eabc0_5d73_4861_acc8_d5b97bc53f12",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Configure Solicited Remote Assistance\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37281-3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB979AE5A3_DBA6_47B1_9644_7E74ED6D7EAE",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Network Security: Configure encryption types allowed for Kerberos\u0027 is set to \u0027RC4_HMAC_MD5, AES128_HMAC_SHA1, AES256_HMAC_SHA1, Future encryption types\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37755-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB0b2803c7_33ac_4407_80f0_f09940bbe940",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Network security: Allow LocalSystem NULL session fallback\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37035-3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBDEC8589F_4E06_4A11_9C6C_2B1464F07075",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Application: Control Event Log behavior when the log file reaches its maximum size\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37775-4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB4ff2ed85_48d7_4e38_bdb8_6c7df3286882",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Network security: LDAP client signing requirements\u0027 is set to \u0027Negotiate signing\u0027 or higher",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36858-9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB41a8be7d_69bd_48f4_ae77_9568cf7b15d1",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Microsoft network client: Digitally sign communications (always)\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36325-9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB9e11215f_9b0b_4ca6_ad5b_d1a0c989af36",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Interactive logon: Do not display last user name\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36056-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB1648F727_644B_4454_A472_B1A803342E8A",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Include command line in process creation events\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36925-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB420CF8AF_038E_4D06_89A4_AA8BFAEC0191",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Disallow Autoplay for non-volume devices\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37636-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBe6eab28a_1dc8_4fb5_b88b_4e10f239e67c",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Enumerate administrator accounts on elevation\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36512-2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB5FC2DC21_A630_45EE_A62D_5E3D87A45A84",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Disallow WinRM from storing RunAs credentials\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36000-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB2a074d39_eee4_4bfe_b1e7_4132c033a762",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Network security: Minimum session security for NTLM SSP based (including secure RPC) clients\u0027 is set to \u0027Require NTLMv2 session security, Require 128-bit encryption\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37553-5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBc2e85522_5e4f_4295_8111_5b2ab815af32",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Interactive logon: Do not require CTRL+ALT+DEL\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37637-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB3715ec67_6cd4_49c0_8c82_27001a0e332b",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Accounts: Limit local account use of blank passwords to console logon only\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37615-2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB3e42b5fc_08b2_4a9a_ad80_dafe9033cbc3",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Network access: Sharing and security model for local accounts\u0027 is set to \u0027Classic - local users authenticate as themselves\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37623-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB342046f5_c7d3_46b7_96db_7e4be82542d3",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Microsoft network client: Digitally sign communications (if server agrees)\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36269-9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB116B0718_B9FB_4B6F_855D_05C6CA97369E",
                                                        "ShortTitle":  "Windows 2016 - Configure \u0027Network access: Remotely accessible registry paths\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37194-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB1E3AE441_8BD6_4736_94AA_AC56A430131C",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Configure Windows SmartScreen\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-35859-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB6ed9ad58_c9de_4a8b_9512_8fe5421ac8a7",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Network security: Minimum session security for NTLM SSP based (including secure RPC) servers\u0027 is set to \u0027Require NTLMv2 session security, Require 128-bit encryption\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37835-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB6907b165_e70a_4b88_b624_3e32a15c93b1",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Audit: Shut down system immediately if unable to log security audits\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-35907-5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBabb1bcab_f4da_4a9c_be63_7564a0bca7b8",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Allow Basic authentication\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36254-1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB21C5BCB7_432E_4EAA_A01A_0CDA8DB73E62",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Prevent downloading of enclosures\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37126-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB315CC7E3_7252_47CE_AF2F_9ABF243FAC16",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Network security: LAN Manager authentication level\u0027 is set to \u0027Send NTLMv2 response only. Refuse LM \u0026 NTLM\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36173-3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB5d42c180_4350_49ec_9bb6_e51e1258022c",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Allow user control over installs\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36400-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBf55109a7_2248_4c55_a7b0_bebdcb9530d5",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Network access: Restrict anonymous access to Named Pipes and Shares\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36021-4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBBE3A95AF_EDC4_4252_A1C0_6C74F3B5B8A7",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Do not display the password reveal button\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37534-5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB7450d70c_391d_4932_be4a_3f3bfecc0eb5",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Configure Offer Remote Assistance\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36388-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB01F87552_0D92_477A_91F6_1BEB5B0C8B0E",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Devices: Allowed to format and eject removable media\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37701-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBE261CE65_922A_4573_B2F4_EAF7633CD97C",
                                                        "ShortTitle":  "Windows 2016 - Configure \u0027Network access: Remotely accessible registry paths and sub-paths\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36347-3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB0979B47F_FBBF_46AD_8DEF_768256FA012A",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Do not allow passwords to be saved\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36223-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB2eda113a_0fb7_446c_856a_83e010d36671",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Always install with elevated privileges\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37490-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB9170cd13_5ab9_4c68_8904_a88756b36c6e",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Network security: Do not store LAN Manager hash value on next password change\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36326-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBb625a003_d015_436e_89fb_fb2dfe71ae0f",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Microsoft network server: Digitally sign communications (if client agrees)\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-35988-5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB01D9A108_3379_4C5A_8236_1A724BCCCFF1",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Require secure RPC communication\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37567-5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB7B2C4A66_7E3A_421E_9E2B_CCB11762B20E",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Turn off downloading of print drivers over HTTP\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36625-2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB8656ED1C_72E2_4D49_811B_AAEC42521AE0",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027System: Control Event Log behavior when the log file reaches its maximum size\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36160-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB61f7469c_c76a_4265_b84f_d838adb06436",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027User Account Control: Virtualize file and registry write failures to per-user locations\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37064-3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB93C677E7_E7C8_49C4_BB46_D40DAD88F17B",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Set client connection encryption level\u0027 is set to \u0027Enabled: High Level\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36627-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB4A459B04_79C8_4FB3_9EA0_CF4B77EE58D7",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Windows Firewall: Domain: Firewall state\u0027 is set to \u0027On (recommended)\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36062-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBC139DB2E_8DEA_418E_BF7C_372EC0278E31",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Security: Specify the maximum log file size (KB)\u0027 is set to \u0027Enabled: 196,608 or greater\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37695-4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBD177F27B_8D9B_4BB1_A45C_5F3A11384D1F",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Windows Firewall: Private: Settings: Display a notification\u0027 is set to \u0027No\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37621-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBb784a87e_4aa2_4f61_8b3f_38abff6dac22",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Sign-in last interactive user automatically after a system-initiated restart\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36977-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBa76d6552_cd22_4a2c_adc1_50f8705cad17",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Turn off heap termination on corruption\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36660-9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB8db231ff_6c9a_46f8_84de_ebea4507ffe9",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37644-2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB3E20B64C_0356_4E95_BA4E_2EBD51E10BB9",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027System: Specify the maximum log file size (KB)\u0027 is set to \u0027Enabled: 32,768 or greater\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36092-5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBBEA7AFF2_DB2D_4DB7_BF47_0E475DB398A3",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Turn off app notifications on the lock screen\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-35893-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBb2538b69_4020_4d50_9f63_581b673a014c",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Turn off Data Execution Prevention for Explorer\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37809-1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB5BFB71C2_897F_4CCB_B7D5_7181B1F2527A",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Setup: Specify the maximum log file size (KB)\u0027 is set to \u0027Enabled: 32,768 or greater\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37526-1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB68757CAC_7589_4ED9_A162_27E5926F2DEB",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Windows Firewall: Domain: Outbound connections\u0027 is set to \u0027Allow (default)\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36146-9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBfc8a4401_ff7a_4a6d_add4_758acce6b76c",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027UAC: Elevation prompt for administrators in Admin Approval Mode\u0027 is set to \u0027Prompt for consent on the secure desktop\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37029-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB1B1DCDBF_D949_44DA_B942_0FC2EB225985",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Security: Control Event Log behavior when the log file reaches its maximum size\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37145-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB467c29d0_b1be_4113_937c_65583cedf2f0",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027UAC: Allow UIAccess applications to prompt for elevation without using the secure desktop\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36863-9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBea132d56_9c29_4d2a_bc92_fc81f616e540",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027UAC: Behavior of the elevation prompt for standard users\u0027 is set to \u0027Automatically deny elevation requests\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36864-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB1d099cbe_a327_42cd_9562_9896389c4263",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027User Account Control: Run all administrators in Admin Approval Mode\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36869-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB967531f7_69cd_4a38_a517_3ebf4e5284cd",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027User Account Control: Admin Approval Mode for the Built-in Administrator account\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36494-3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB37e5e1d9_b9d2_454b_bf3f_124682309155",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Turn on convenience PIN sign-in\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37528-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB19a185ff_1009_4079_937a_dace5e3c2f50",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027User Account Control: Detect application installations and prompt for elevation\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36533-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBfa4d7c0b_987e_47f6_bf8b_f38f49e7c00b",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Shutdown: Allow system to be shut down without having to log on\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36788-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB21a9a771_ef63_419c_bee4_8619f19a77ff",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027User Account Control: Switch to the secure desktop when prompting for elevation\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36866-2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB600ea254_773b_43b5_be89_ca8221e96279",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027User Account Control: Only elevate UIAccess applications that are installed in secure locations\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37057-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBD0F025AF_B24B_49AB_9B75_60F485ED5407",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Turn off Autoplay\u0027 is set to \u0027Enabled: All drives\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36875-3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB94cc076f_0e88_4398_ac29_d0dc7170303f",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Turn off shell protocol protected mode\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36809-2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB10A43735_527C_46F0_A95C_954A8F9594DC",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Windows Firewall: Public: Settings: Apply local connection security rules\u0027 is set to \u0027No\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36268-1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB753E721C_BE46_47F4_9571_8509CA5C1E61",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Windows Firewall: Public: Outbound connections\u0027 is set to \u0027Allow (default)\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37434-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBE7E377D1_D6E0_4ACC_A073_75B3243A646E",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Application: Specify the maximum log file size(KB)\u0027 is set to \u0027Enabled: 32,768 or greater\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37948-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB7983C8B6_CECA_4475_B58C_5B1D7745CDE3",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Enable RPC Endpoint Mapper Client Authentication\u0027 is set to \u0027Enabled\u0027 (MS only)",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37346-4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB9503a7be_372f_4591_9dcd_f7de48b7f7e8",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Network access: Do not allow anonymous enumeration of SAM accounts\u0027 is set to \u0027Enabled\u0027 (MS only)",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36316-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB87822480_3af9_4cf1_b0d2_93ceb957b129",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Network access: Do not allow anonymous enumeration of SAM accounts and shares\u0027 is set to \u0027Enabled\u0027 (MS only)",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36077-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCA4B8071_AE1B_4620_B3B0_3130A00C515C",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Allow search and Cortana to use location\u0027 is set to \u0027Disabled",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00133",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBf3117bf3_e54a_496a_9976_74b1caca3105",
                                                        "ShortTitle":  "Windows 2016 - Disable \u0027Configure local setting override for reporting to Microsoft MAPS\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00173",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBa002b800_92a4_45cb_bbee_76c91739ddff",
                                                        "ShortTitle":  "Windows 2016 - Disable SMB v1 server",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00175",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB9D979AFA_A676_4077_9C6A_A84D87ABA850",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Allow Cortana above lock screen\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00130",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBE4C0C45F_6A72_4E66_B792_32A4EBF36F1C",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Network access: Restrict clients allowed to make remote calls to SAM\u0027 is set to \u0027Administrators: Remote Access: Allow\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00142",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB747E5DA4_09C3_4F52_A484_AAA9081A55F3",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Allow Cortana\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00131",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB11ca2201_2673_4f04_bad3_3265e1a53a5b",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Allow Input Personalization\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00168",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB596D3922_71A7_49CE_B34B_1F5E63FF03DA",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Do not show feedback notifications\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00140",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB4b2ea54f_7c16_4490_8687_cc52c3135b7e",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Prohibit use of Internet Connection Sharing on your DNS domain network\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00172",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB3270E2D2_C01D_49FE_BAF7_950FB5BBE642",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Enable Windows NTP Client\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37843-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB14afe28a_6199_49ff_9789_dabb89ed714e",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Allow Telemetry\u0027 is set to \u0027Enabled: 0 - Security [Enterprise Only]\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00169",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB09ed81b2_8dba_4009_84f9_dcfd6009ed0d",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Enable insecure guest logons\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00171",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB081da702_ce92_480f_aa68_af49bf5b94db",
                                                        "ShortTitle":  "Windows 2016 - Enable \u0027Scan removable drives\u0027 by setting DisableRemovableDriveScanning (REG_DWORD) to 0",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00177",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBe588914e_fbb8_4926_9ccf_8ea781b07610",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Continue experiences on this device\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00170",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB31F2F70A_685F_4E0A_96BA_CB0C0E83768B",
                                                        "ShortTitle":  "Windows 2016 - Enable \u0027Send file samples when further analysis is required\u0027 for \u0027Send Safe Samples\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00126",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBa917e66c_e3e4_4a7b_8f72_e8163994aabc",
                                                        "ShortTitle":  "Windows 2016 - Enable \u0027Turn on behavior monitoring\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00178",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB843079e3_4803_4b52_8b36_c554c4623204",
                                                        "ShortTitle":  "Windows 2016 - Disable Windows Search Service",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00176",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCAC31D47_C8EA_440F_AF85_7697F483B21E",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Block user from showing account details on sign-in\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00138",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBF9C16B7A_4F7C_4947_A2BE_F47483DD2AC7",
                                                        "ShortTitle":  "Windows 2016 - Devices: Allow undock without having to log on",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00120",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBEA1BBC42_7C24_4CED_8EA7_7B16FF4763B5",
                                                        "ShortTitle":  "Windows 2016 - Detect change from default RDP port",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00156",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBB75811FE_AC22_4171_9511_27FEC5177351",
                                                        "ShortTitle":  "Windows 2016 - Windows Firewall: Domain: Allow unicast response",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00088",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB7470f80e_a3d3_4ca9_84e8_7a97a317b2e1",
                                                        "ShortTitle":  "Windows 2016 - Shutdown: Clear virtual memory pagefile",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00181",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB5F2D95D3_8744_4029_85C9_0BA7EA191531",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Windows Firewall: Domain: Settings: Apply local firewall rules\u0027 is set to \u0027Yes (default)\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37860-4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBA636E099_8E2B_4653_A2BB_3689C151F9CC",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Windows Firewall: Private: Settings: Apply local firewall rules\u0027 is set to \u0027Yes (default)\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37438-9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBB72CC850_F180_4479_ABCE_2B72815AFEAD",
                                                        "ShortTitle":  "Windows 2016 - Windows Firewall: Public: Allow unicast response",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00090",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB94276972_D64D_43BC_AE92_8B609F2D114B",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Turn off multicast name resolution\u0027 is set to \u0027Enabled\u0027 (MS Only)",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00145",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB4E4D02FA_8F06_4DD3_A443_CCE86DD8FB19",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Turn off Microsoft consumer experiences\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00144",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB28B5CFB6_7548_44F9_9F43_A542644FA1FD",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Windows Firewall: Private: Settings: Apply local connection security rules\u0027 is set to \u0027Yes (default)\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36063-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBf930f193_62e5_42f8_95b7_3bcda57a2d77",
                                                        "ShortTitle":  "Windows 2016 - Recovery console: Allow floppy copy and access to all drives and all folders",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00180",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB3DCF28A5_E199_4B78_8933_7828DFDE4B9D",
                                                        "ShortTitle":  "Windows 2016 - Windows Firewall: Private: Allow unicast response",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00089",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB88338D83_A4E2_421B_B3F3_DB6BD2C694A0",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Windows Firewall: Domain: Settings: Apply local connection security rules\u0027 is set to \u0027Yes (default)\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38040-2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB0571E435_5C84_48BB_B1C9_6E7EAE13715A",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37163-3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBA5A0D2D3_909D_4954_A083_4FB40FCDC181",
                                                        "ShortTitle":  "Windows 2016 - Require user authentication for remote connections by using Network Level Authentication",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00149",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB2B36F636_E882_4B90_92C1_1F55F325053B",
                                                        "ShortTitle":  "Windows 2016 - System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00155",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Win OS-16 - Security Policy",
                                   "ControlCategoryOrder":  19,
                                   "CategoryId":  "AZ_CSBP_Win_OS_16_Security_Policy",
                                   "Total":  43,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  43,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "VB98372fa4_c0dc_499a_a218_abc96fc04684",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Increase scheduling priority\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38326-5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBb8841a6a_97b1_485b_9f3c_e5ccef30d2e6",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Take ownership of files or other objects\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38325-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB910405d5_3ee9_427c_baf1_77c69c7c209d",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Modify firmware environment values\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-38113-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBfbe348fd_0402_4e31_8482_66ae9ae82ea2",
                                                        "ShortTitle":  "Windows 2016 - Configure \u0027Deny access to this computer from the network\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37954-5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB3531261f_1644_4d10_9242_8e35ef386a83",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Force shutdown from a remote system\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37877-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB051545A4_179E_4C04_9E9B_8F33821EF36F",
                                                        "ShortTitle":  "Windows 2016 - Configure \u0027Allow log on locally\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37659-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBb7432fc2_51ba_4ddf_83dd_ca7f92e670c1",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Deny log on locally\u0027 is configured",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37146-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB8ed0c2c5_af57_4434_9ae8_fe93bc39bfd0",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Change the time zone\u0027 is set to \u0027Administrators, LOCAL SERVICE\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37700-2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB045634b9_61c9_414f_ad91_74dcfee9c076",
                                                        "ShortTitle":  "Windows 2016 - Configure \u0027Enable computer and user accounts to be trusted for delegation\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36860-5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB50f4447d_0bdd_4e8c_ba06_2e0b22ec5d04",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Load and unload device drivers\u0027 is configured",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36318-4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBc0a4a0ed_1585_4857_8e2b_30b1bb48c6ea",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Create global objects\u0027 is set to \u0027Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37453-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB3b993f8f_245d_4f4e_9e8b_f94cbc71c3f6",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Deny log on as a service\u0027 is configured",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36877-9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB3f2d92c2_5850_4f2d_b245_f5089aa975dd",
                                                        "ShortTitle":  "Windows 2016 - Configure \u0027Access this computer from the network\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-35818-4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBbc9d4fef_9e33_48fc_bcbd_b53e60caf4a2",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Minimum password length\u0027 is set to \u002714 or more character(s)\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36534-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBe97bdde4_ccec_42e6_a17f_7993cb03a0d6",
                                                        "ShortTitle":  "Windows 2016 - Configure \u0027Create symbolic links\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-35823-4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB60e0c2c9_0b14_44fe_83d6_2b7095e06674",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Deny log on through Remote Desktop Services\u0027 is configured",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36867-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB6e635d8c_3496_4c66_b734_c46ebccc5d38",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Lock pages in memory\u0027 is set to \u0027No One\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36495-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB1baa8699_ca1c_466b_b17c_f8eab728b0ee",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Restore files and directories\u0027 is set to \u0027Administrators, Backup Operators\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37613-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBd3f866fb_8adf_4ec6_adc7_93bb9ebcccdd",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Create a token object\u0027 is set to \u0027No One\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36861-3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB04251e82_4442_4923_ac77_992891a5042b",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Create a pagefile\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-35821-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBadb052b7_c17e_4b8c_86b8_d81b6a89af20",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Store passwords using reversible encryption\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36286-3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB46e66c68_266e_4bdc_9ebe_4c5164c0acfe",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Generate security audits\u0027 is set to \u0027LOCAL SERVICE, NETWORK SERVICE\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37639-2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB299d1595_5ab2_4ef5_b287_6477c0df5178",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Password must meet complexity requirements\u0027 is set to \u0027Enabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37063-5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB8b6f479f_13a9_40d1_a2d6_bd9c27d2b7dc",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Change the system time\u0027 is configured",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37452-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB506fa45a_f043_46b0_bca9_da87e2f2618b",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Perform volume maintenance tasks\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36143-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB49258884_b2f0_4a4e_b66a_6954bb8473bf",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Deny log on as a batch job\u0027 is configured",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36923-1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB877cfb8a_1504_4641_9caf_405768ff91f4",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Back up files and directories\u0027 is configured",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-35912-5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB574f0e8d_83ca_4a46_a6cd_8dd062ab32dd",
                                                        "ShortTitle":  "Windows 2016 - Configure \u0027Allow log on through Remote Desktop Services\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37072-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB45bdfbf8_155f_41f8_b9cf_72f1ba26c5be",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Minimum password age\u0027 is set to \u00271 or more day(s)\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37073-4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBaec3dc3b_3625_47ea_8e11_fef4b1be8adb",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Profile single process\u0027 is set to \u0027Administrators\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37131-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBd43b43ec_abd0_4420_ba8c_d4e53b057205",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Maximum password age\u0027 is set to \u002770 or fewer days, but not 0\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37167-4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB03766d3c_81c2_438e_8192_91787f2ae69a",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Create permanent shared objects\u0027 is set to \u0027No One\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36532-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBe61c2d81_389a_4e59_bf19_2a6db7a0dc0b",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Profile system performance\u0027 is set to \u0027Administrators, NT SERVICE\WdiServiceHost\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36052-9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB08a4b141_c737_404e_8617_9830268e8bfa",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Replace a process level token\u0027 is set to \u0027LOCAL SERVICE, NETWORK SERVICE\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37430-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBc7f8ee96_6b8e_47e8_80b1_2e0985edeafd",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Act as part of the operating system\u0027 is set to \u0027No One\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36876-1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB131ecdaf_4a45_44ef_8d8e_eb7f4acf2fa6",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Access Credential Manager as a trusted caller\u0027 is set to \u0027No One\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37056-9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB5d72b92f_e6b0_4898_b24a_49241c3a70a4",
                                                        "ShortTitle":  "Windows 2016 - Configure \u0027Manage auditing and security log\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-35906-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBdad8097d_db46_4df3_9839_a8504e60c878",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Enforce password history\u0027 is set to \u002724 or more password(s)\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37166-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB25c07385_c03d_4f61_b4d2_13852635abb7",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Modify an object label\u0027 is set to \u0027No One\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-36054-5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBd3d9ac7b_8bcc_42e8_8752_29902eda04dd",
                                                        "ShortTitle":  "Windows 2016 - Ensure \u0027Accounts: Guest account status\u0027 is set to \u0027Disabled\u0027",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "CCE-37432-2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB3007D6C4_A091_4449_9D05_409319E65883",
                                                        "ShortTitle":  "Windows 2016 - Specify the interval to check for definition updates",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00152",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBa30f6d7d_f3dc_442c_8a1f_921123c6250c",
                                                        "ShortTitle":  "Windows 2016 - Bypass traverse checking",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00184",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB23d0f843_e7bf_40e9_82cb_6299b35e52ab",
                                                        "ShortTitle":  "Windows 2016 - Increase a process working set",
                                                        "ServiceName":  "VMBaseline16",
                                                        "ComplianceNumber":  "AZ-WIN-00185",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Ubuntu 18.04 - Initial Setup",
                                   "ControlCategoryOrder":  20,
                                   "CategoryId":  "AZ_CSBP_UbuntuLinux18_Initial_Setup",
                                   "Total":  5,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  5,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "VB5c7537f2_b90b_44a4_89c9_4fca5fd79ef7",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure nodev option set on removable media partitions",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-3522-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBcdc390c9_fb4a_47f6_90a7_4e1bd6d0e9e6",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure nosuid option set on removable media partitions",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4042-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB7976cc38_fddb_4913_9295_4fcac2e641c3",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure noexec option set on removable media partitions ",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4275-4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB49c89437_d116_4d84_a91d_0dd59daafa0d",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure XD/NX support is enabled ",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4172-3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBd790e942_efd3_42e6_a3a5_9eb1d651a588",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure address space layout randomization (ASLR) is enabled ",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4146-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Ubuntu 18.04 - Services",
                                   "ControlCategoryOrder":  21,
                                   "CategoryId":  "AZ_CSBP_UbuntuLinux18_Services",
                                   "Total":  13,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  13,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "VB1d9557b2_b58f_4f81_bde9_4f9b08a3b2f1",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure xinetd is not enabled ",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4252-3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBf57ef648_bdaa_45a3_9e3a_f4649c48896f",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure rsh server is not enabled",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-3537-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB0617b91c_2a28_42bd_b5b3_7562555b41ed",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure telnet server is not enabled",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-3390-2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBcb086aef_fec2_467f_a03b_627c00020926",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure tftp server is not enabled ",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4273-9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBb0b6cf96_bd8a_40c5_b051_4615078a0bf0",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure IMAP and POP3 server is not enabled ",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-3847-1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBc3bf78d8_43a0_4768_b790_c940621057b6",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure Avahi Server is not enabled",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4365-3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB4854666c_061b_4945_8a25_19133b8d5c7d",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure CUPS is not enabled",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4425-5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBd56a6c3f_3ad9_4263_a38a_24b7ae4ea918",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure DHCP Server is not enabled",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4336-4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBb577b358_6ec9_4ed7_b0df_259e44713b16",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure LDAP server is not enabled",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-3501-4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB361a6cb4_f761_426f_a9d0_9e82ec0b3285",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure DNS Server is not enabled",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-3578-2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB7da0b32e_ced5_42eb_aa1e_6df90281e59c",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure NIS Client is not installed",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4348-9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBb256491f_f804_4c44_bfa4_057dd2f44c30",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure rsh client is not installed ",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4308-3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB6c716f88_a252_4fe9_9c5c_ba9236a80beb",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure telnet client is not installed",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4330-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Ubuntu 18.04 - Network Configuration",
                                   "ControlCategoryOrder":  22,
                                   "CategoryId":  "AZ_CSBP_UbuntuLinux18_Network_Configuration",
                                   "Total":  8,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  8,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "VB5971bbd2_1977_4652_bd85_a38a8f780052",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure IP forwarding is disabled",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-3561-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBb659c9f6_a076_4886_9048_db10c349b9fe",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure source routed packets are not accepted ",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4236-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBf5a5926d_9c64_41fa_8220_5bc0f8213550",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure broadcast ICMP requests are ignored",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-3644-2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB88acc143_2f76_4418_9aa9_d0d5f244ab5f",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure bogus ICMP responses are ignored",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4133-5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBc28d5519_6e3a_466f_8d8c_b351851dfc78",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure Reverse Path Filtering is enabled ",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-3840-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBdb6ca14e_26c5_48cd_a6b7_fc953861043c",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure TCP SYN Cookies is enabled ",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4265-5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBd9ed5e76_2348_4409_94dd_c76352407fe8",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure RDS is disabled",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-14027-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB8def2d0c_303a_4c0b_858c_319f80f7c814",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure wireless interfaces are disabled ",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4276-2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Ubuntu 18.04 - Logging and Auditing",
                                   "ControlCategoryOrder":  23,
                                   "CategoryId":  "AZ_CSBP_UbuntuLinux18_Logging_and_Auditing",
                                   "Total":  5,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  5,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "VB27a8547e_ba91_4593_9360_d8e048e3c84e",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure rsyslog Service is enabled",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-17698-2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBfcc86485_487a_4644_87a0_f29f1b1cd28b",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure rsyslog default file permissions configured",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-18095-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "VeryLow",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB1e9567e1_d96d_4f90_be1a_0809947e789c",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure remote rsyslog messages are only accepted on designated log hosts",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-17639-6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB8720959b_c356_4eaa_bb4f_720fb8006183",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure rsyslog or syslog-ng is installed",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-17742-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB2d2355e7_7b07_4c0e_a395_16499c27ae94",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure logrotate is configured ",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4182-2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Ubuntu 18.04 - Access, Authentication and Authorization",
                                   "ControlCategoryOrder":  24,
                                   "CategoryId":  "AZ_CSBP_UbuntuLinux18_Access_Authentication_and_Authorization",
                                   "Total":  6,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  6,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "VB80302f61_d760_4165_a92b_a789e579380f",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure cron daemon is enabled ",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4324-0",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB0e665978_91f4_45af_bb7b_e4090b600c8d",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure SSH PermitUserEnvironment is disabled",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-14716-5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB35868e8c_97eb_4981_ab79_99b25101cc86",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure SSH Protocol is set to 2 ",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4325-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB43945588_1bdc_495c_bac8_6a71a62d30aa",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure SSH IgnoreRhosts is enabled",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4030-3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB66511f6b_f690_43df_9654_642260699eec",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure SSH HostbasedAuthentication is disabled",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4370-3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBd50c3f39_264c_4cdc_b0ba_89de8a0f6828",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure SSH PermitEmptyPasswords is disabled",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-3660-8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "Ubuntu 18.04 - System Maintenance",
                                   "ControlCategoryOrder":  25,
                                   "CategoryId":  "AZ_CSBP_UbuntuLinux18_System_Maintenance",
                                   "Total":  3,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  3,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "VBad534c97_1070_415c_9fc7_c92366d3fc30",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure permissions on /etc/passwd are configured",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-3566-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBc41a47e9_1ba0_4e72_9f43_4659a4bfed63",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure permissions on /etc/group are configured",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-3967-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VB7de0f0e6_f97b_4e12_8f9e_c6538ca5a85b",
                                                        "ShortTitle":  "Ubuntu 18.04 - Ensure root is the only UID 0 account",
                                                        "ServiceName":  "VMBaselineUbuntuLinux18",
                                                        "ComplianceNumber":  "CCE-4009-7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "CentOS 7 - Network Configuration",
                                   "ControlCategoryOrder":  26,
                                   "CategoryId":  "AZ_CSBP_CentOS_Network_Configuration",
                                   "Total":  8,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  8,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "VBCentOS8def2d0c_303a_4c0b_858c_319f80f7c814",
                                                        "ShortTitle":  "CentOS 7 - Ensure wireless interfaces are disabled",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "3.7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOS5971bbd2_1977_4652_bd85_a38a8f780052",
                                                        "ShortTitle":  "CentOS 7 - Ensure IP forwarding is disabled",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "3.1.1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOSb659c9f6_a076_4886_9048_db10c349b9fe",
                                                        "ShortTitle":  "CentOS 7 - Ensure source routed packets are not accepted",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "3.2.1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOSf5a5926d_9c64_41fa_8220_5bc0f8213550",
                                                        "ShortTitle":  "CentOS 7 - Ensure broadcast ICMP requests are ignored",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "3.2.5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOS88acc143_2f76_4418_9aa9_d0d5f244ab5f",
                                                        "ShortTitle":  "CentOS 7 - Ensure bogus ICMP responses are ignored",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "3.2.6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOSc28d5519_6e3a_466f_8d8c_b351851dfc78",
                                                        "ShortTitle":  "CentOS 7 - Ensure Reverse Path Filtering is enabled",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "3.2.7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOSdb6ca14e_26c5_48cd_a6b7_fc953861043c",
                                                        "ShortTitle":  "CentOS 7 - Ensure TCP SYN Cookies is enabled",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "3.2.8",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOSd9ed5e76_2348_4409_94dd_c76352407fe8",
                                                        "ShortTitle":  "CentOS 7 - Ensure RDS is disabled",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "3.5.3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "CentOS 7 - Logging and Auditing",
                                   "ControlCategoryOrder":  27,
                                   "CategoryId":  "AZ_CSBP_CentOS_Logging_and_Auditing",
                                   "Total":  5,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  5,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "VBCentOS2d2355e7_7b07_4c0e_a395_16499c27ae94",
                                                        "ShortTitle":  "CentOS 7 - Ensure logrotate is configured",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "4.3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "VeryLow",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOS27a8547e_ba91_4593_9360_d8e048e3c84e",
                                                        "ShortTitle":  "CentOS 7 - Ensure rsyslog Service is enabled",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "4.2.1.1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "VeryLow",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOSfcc86485_487a_4644_87a0_f29f1b1cd28b",
                                                        "ShortTitle":  "CentOS 7 - Ensure rsyslog default file permissions configured",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "4.2.1.3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "VeryLow",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOS1e9567e1_d96d_4f90_be1a_0809947e789c",
                                                        "ShortTitle":  "CentOS 7 - Ensure remote rsyslog messages are only accepted on designated log hosts.",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "4.2.1.5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "VeryLow",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOS8720959b_c356_4eaa_bb4f_720fb8006183",
                                                        "ShortTitle":  "CentOS 7 - Ensure rsyslog or syslog-ng is installed",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "4.2.3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "VeryLow",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "CentOS 7 - Initial Setup",
                                   "ControlCategoryOrder":  28,
                                   "CategoryId":  "AZ_CSBP_CentOS_Initial_Setup",
                                   "Total":  5,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  5,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "VBCentOS5c7537f2_b90b_44a4_89c9_4fca5fd79ef7",
                                                        "ShortTitle":  "CentOS 7 - Ensure nodev option set on removable media partitions",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "1.1.18",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOScdc390c9_fb4a_47f6_90a7_4e1bd6d0e9e6",
                                                        "ShortTitle":  "CentOS 7 - Ensure nosuid option set on removable media partitions ",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "1.1.19",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOS7976cc38_fddb_4913_9295_4fcac2e641c3",
                                                        "ShortTitle":  "CentOS 7 - Ensure noexec option set on removable media partitions",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "1.1.20",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOS49c89437_d116_4d84_a91d_0dd59daafa0d",
                                                        "ShortTitle":  "CentOS 7 - Ensure XD/NX support is enabled",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "1.5.2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOSd790e942_efd3_42e6_a3a5_9eb1d651a588",
                                                        "ShortTitle":  "CentOS 7 - Ensure address space layout randomization (ASLR) is enabled",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "1.5.3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Low",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "CentOS 7 - Services",
                                   "ControlCategoryOrder":  29,
                                   "CategoryId":  "AZ_CSBP_CentOS_Services",
                                   "Total":  7,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  7,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "VBCentOSf57ef648_bdaa_45a3_9e3a_f4649c48896f",
                                                        "ShortTitle":  "CentOS 7 - Ensure rsh server is not enabled",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "2.2.17",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOS0617b91c_2a28_42bd_b5b3_7562555b41ed",
                                                        "ShortTitle":  "CentOS 7 - Ensure telnet server is not enabled",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "2.2.18",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOSc3bf78d8_43a0_4768_b790_c940621057b6",
                                                        "ShortTitle":  "CentOS 7 - Ensure Avahi Server is not enabled",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "2.2.3",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOS4854666c_061b_4945_8a25_19133b8d5c7d",
                                                        "ShortTitle":  "CentOS 7 - Ensure CUPS is not enabled",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "2.2.4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOSd56a6c3f_3ad9_4263_a38a_24b7ae4ea918",
                                                        "ShortTitle":  "CentOS 7 - Ensure DHCP Server is not enabled",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "2.2.5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOSb256491f_f804_4c44_bfa4_057dd2f44c30",
                                                        "ShortTitle":  "CentOS 7 - Ensure rsh client is not installed",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "2.3.2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOS6c716f88_a252_4fe9_9c5c_ba9236a80beb",
                                                        "ShortTitle":  "CentOS 7 - Ensure telnet client is not installed",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "2.3.4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "CentOS 7 - Access, Authentication and Authorization",
                                   "ControlCategoryOrder":  30,
                                   "CategoryId":  "AZ_CSBP_CentOS_Access_Authentication_and_Authorization",
                                   "Total":  6,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  6,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "VBCentOS80302f61_d760_4165_a92b_a789e579380f",
                                                        "ShortTitle":  "CentOS 7 - Ensure cron daemon is enabled",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "5.1.1",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "High",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOS0e665978_91f4_45af_bb7b_e4090b600c8d",
                                                        "ShortTitle":  "CentOS 7 - Ensure SSH PermitUserEnvironment is disabled",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "5.2.10",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOS35868e8c_97eb_4981_ab79_99b25101cc86",
                                                        "ShortTitle":  "CentOS 7 - Ensure SSH Protocol is set to 2",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "5.2.2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOS43945588_1bdc_495c_bac8_6a71a62d30aa",
                                                        "ShortTitle":  "CentOS 7 - Ensure SSH IgnoreRhosts is enabled",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "5.2.6",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOS66511f6b_f690_43df_9654_642260699eec",
                                                        "ShortTitle":  "CentOS 7 - Ensure SSH HostbasedAuthentication is disabled",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "5.2.7",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOSd50c3f39_264c_4cdc_b0ba_89de8a0f6828",
                                                        "ShortTitle":  "CentOS 7 - Ensure SSH PermitEmptyPasswords is disabled",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "5.2.9",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               },
                               {
                                   "CategoryName":  "CentOS 7 - System Maintenance",
                                   "ControlCategoryOrder":  31,
                                   "CategoryId":  "AZ_CSBP_CentOS_System_Maintenance",
                                   "Total":  3,
                                   "Green":  0,
                                   "Red":  0,
                                   "Amber":  0,
                                   "Gray":  3,
                                   "CompliancePercent":  0.0,
                                   "Policies":  [
                                                    {
                                                        "PolicyId":  "VBCentOSad534c97_1070_415c_9fc7_c92366d3fc30",
                                                        "ShortTitle":  "CentOS 7 - Ensure permissions on /etc/passwd are configured",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "6.1.2",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOSc41a47e9_1ba0_4e72_9f43_4659a4bfed63",
                                                        "ShortTitle":  "CentOS 7 - Ensure permissions on /etc/group are configured",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "6.1.4",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    },
                                                    {
                                                        "PolicyId":  "VBCentOS7de0f0e6_f97b_4e12_8f9e_c6538ca5a85b",
                                                        "ShortTitle":  "CentOS 7 - Ensure root is the only UID 0 account",
                                                        "ServiceName":  "VMBaselineLinuxCentOS",
                                                        "ComplianceNumber":  "6.2.5",
                                                        "PassedResourceCount":  0,
                                                        "TotalResourceCount":  0,
                                                        "Compliance":  "Gray",
                                                        "Severity":  "Moderate",
                                                        "RiskProbability":  " ",
                                                        "RiskLevel":  ""
                                                    }
                                                ]
                               }
                           ],
    "Posture":  {
                    "Total":  879,
                    "Green":  56,
                    "Red":  158,
                    "Amber":  11,
                    "Gray":  654,
                    "CompliancePercent":  24.88889
                },
    "LastScannedDateEpochTime":  1577786114.0,
    "Title":  "Cloud Security Best Practices",
    "LastScannedDate":  "2019-12-31T09:55:14.0315058Z",
    "LongName":  null,
    "TimeToLive":  null
}

]

Appendix

Cloudneeti license and account details

Login to Cloudneeti portal as a License Admin.

LICENSE ID
  1. Navigate to Features and Quota​s under Configurations

  2. Copy License id and paste to notepad.

    License id

ACCOUNT ID
  1. Navigate to Cloud Accounts in Configurations

  2. Copy Cloud Account id and paste to notepad.

    Manage Accounts

Cloudneeti supported benchmarks

API is availabel to get supported benchmark, refer page Get supported benchmarks API

Cloud Account Type Cloudneeti supported benchmark
Azure AZFDCIS1_0_0, AZFDCIS1_1_0, PCI3_2, GDPR2016_679, HIPAA, FFIEC, NISTCSF1_1, NIST800_53Rev4, CSACCM3_0_1, ISO27001_2013, CSBP, UKNCSC, RBI2015_16_418, SOC2_AICPA_TSC_2017, GxP_Life_Science_21_CFR_PART_11, U_NNPI, AZMSWIN12R2CIS1_0_0, AZMSWIN16CIS1_0_0, AZMSWIN19, CIS1_0_0, AZLinux18CIS1_1_0, AZCentOSCIS2_2_0, AZKUBERNETES1_5_0, AZAKSEngineKUBERNETES1_5_0, AZAKSKUBERNETES1_5_0, CMMC
AWS AWSFDCIS1_2_0, CSBP, HIPAA, PCI3_2, GDPR2016_679, NIST800_53Rev4, ISO27001_2013, SOC2_AICPA_TSC_2017, NISTCSF1_1, FFIEC, GxP_Life_Science_21_CFR_PART_11, CSACCM3_0_1, RBI2015_16_418, U_NNPI, AWSRHEL7CIS1_1_0, AWSMSWIN16CIS1_0_0, AWSKUBERNETES1_5_0,AWSEKSKUBERNETES1_5_0
Office 365 CSBP, CSACCM3_0_1, M365CIS1_0_0, M365CIS1_1_0, PCI3_2, GDPR2016_679, HIPAA, FFIEC, NISTCSF1_1, NIST800_53Rev4, ISO27001_2013, UKNCSC, RBI2015_16_418, GxP_Life_Science_21_CFR_PART_11, U_NNPI