Align CIS baseline with CIS macOS 26 Tahoe v1.1.0 (draft)

[tonyyo11]

This PR brings the mSCP Tahoe Branch up to date in preparation for The Center for Internet Security Benchmark for macOS Tahoe v1.1.0 pending release. https://workbench.cisecurity.org/benchmarks/24637

CHANGES:

• system_settings_hot_corners_secure: CIS 2.7.1 moved Level 2 -> Level 1; update benchmark ref and add cis_lvl1 tag; add rule to cis_lvl1 baseline
• audit_retention_configure: CIS 3.4 lower retention ODV from '60d OR 5G' to '30d'
• supplemental_cis_manual: track 5.3.1, 5.3.2, 5.3.3 as manual (CIS marks them Automated but provides no automatable remediation)
• system_settings_guest_access_smb_disable: CIS 2.13.2 update check to 'sysadminctl -smbGuestAccess status' matching 'SMB guest access disabled'; fix unchanged
• mscp-data: bump cis_lvl1/cis_lvl2 titles from v1.0.0 to v1.1.0