diff --git a/cfg/cis-1.24/master.yaml b/cfg/cis-1.24/master.yaml
index a13333d..bd11d8b 100644
--- a/cfg/cis-1.24/master.yaml
+++ b/cfg/cis-1.24/master.yaml
@@ -9,18 +9,18 @@ groups:
     text: "Control Plane Node Configuration Files"
     checks:
       - id: 1.1.1
-        text: "Ensure that the API server pod specification file permissions are set to 644 or more restrictive (Automated)"
+        text: "Ensure that the API server pod specification file permissions are set to 600 or more restrictive (Automated)"
         audit: "/bin/sh -c 'if test -e $apiserverconf; then stat -c permissions=%a $apiserverconf; fi'"
         tests:
           test_items:
             - flag: "permissions"
               compare:
                 op: bitmask
-                value: "644"
+                value: "600"
         remediation: |
           Run the below command (based on the file location on your system) on the
           control plane node.
-          For example, chmod 644 $apiserverconf
+          For example, chmod 600 $apiserverconf
         scored: true
 
       - id: 1.1.2
diff --git a/cfg/cis-1.24/node.yaml b/cfg/cis-1.24/node.yaml
index f14817e..8acf653 100644
--- a/cfg/cis-1.24/node.yaml
+++ b/cfg/cis-1.24/node.yaml
@@ -350,8 +350,12 @@ groups:
             - flag: --event-qps
               path: '{.eventRecordQPS}'
               compare:
-                op: eq
+                op: gte
                 value: 0
+            - flag: --event-qps
+              path: '{.eventRecordQPS}'
+              set: false
+          bin_op: or
         remediation: |
           If using a Kubelet config file, edit the file to set `eventRecordQPS` to an appropriate level.
           If using command line arguments, edit the kubelet service file