The Level 1 profile is considered a base recommendation that can be implemented fairly promptly and is designed to not have an extensive performance impact. The intent of the Level 1 profile benchmark is to lower the attack surface of your organization while keeping machines usable and not hindering business functionality.
The Level 2 profile is considered to be “defense in depth” and is intended for environments where security is paramount. The recommendations associated with the Level 2 profile can have an adverse effect on your organization if not implemented appropriately or without due care.
Tenable Security Center: What do BL and NG mean that?
BL is for BitLocker audit
NG is for Microsoft Next Generation Windows Security audit
For example:
CIS Level 1 (L1) + BitLocker (BL)
CIS Level 1 (L1) + BitLocker (BL) + Next Generation Windows Security (NG)
Reference:
https://www.cisecurity.org/cis-benchmarks/cis-benchmarks-faq
