| 1.1.6 Set 'aaa accounting' to log all privileged use commands using 'commands 15' | AUDIT AND ACCOUNTABILITY |
| 1.1.7 Set 'aaa accounting connection' | ACCESS CONTROL |
| 1.1.8 Set 'aaa accounting exec' | AUDIT AND ACCOUNTABILITY |
| 1.1.9 Set 'aaa accounting network' | AUDIT AND ACCOUNTABILITY |
| 1.1.10 Set 'aaa accounting system' | AUDIT AND ACCOUNTABILITY |
| 1.5.9 Set 'priv' for each 'snmp-server group' using SNMPv3 | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.5.10 Require 'aes 128' as minimum for 'snmp-server user' when using SNMPv3 | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.8 Set 'login success/failure logging' | AUDIT AND ACCOUNTABILITY |
| 2.3.1.1 Set 'ntp authenticate' | AUDIT AND ACCOUNTABILITY |
| 2.3.1.2 Set 'ntp authentication-key' | AUDIT AND ACCOUNTABILITY |
| 2.3.1.3 Set the 'ntp trusted-key' | AUDIT AND ACCOUNTABILITY |
| 2.3.1.4 Set 'key' for each 'ntp server' | AUDIT AND ACCOUNTABILITY |
| 2.4.1 Create a single 'interface loopback' | SYSTEM AND INFORMATION INTEGRITY |
| 2.4.2 Set AAA 'source-interface' | ACCESS CONTROL |
| 2.4.3 Set 'ntp source' to Loopback Interface | AUDIT AND ACCOUNTABILITY |
| 2.4.4 Set 'ip tftp source-interface' to the Loopback Interface | SYSTEM AND INFORMATION INTEGRITY |
| 3.1.2 Set 'no ip proxy-arp' | SYSTEM AND INFORMATION INTEGRITY |
| 3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks | SYSTEM AND INFORMATION INTEGRITY |
| 3.2.2 Set inbound 'ip access-group' on the External Interface | SYSTEM AND INFORMATION INTEGRITY |
| 3.3.1.1 Set 'key chain' | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.3.1.2 Set 'key' | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.3.1.3 Set 'key-string' | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.3.1.4 Set 'address-family ipv4 autonomous-system' | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.3.1.5 Set 'af-interface default' | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.3.1.6 Set 'authentication key-chain' | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.3.1.8 Set 'ip authentication key-chain eigrp' | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.3.1.9 Set 'ip authentication mode eigrp' | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.3.2.1 Set 'authentication message-digest' for OSPF area | IDENTIFICATION AND AUTHENTICATION |
| 3.3.2.2 Set 'ip ospf message-digest-key md5' | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3.3.1 Set 'neighbor password' | IDENTIFICATION AND AUTHENTICATION |
| CIS_Cisco_IOS_XE_17.x_v2.1.0_L2.audit from CIS Cisco IOS XE 17.x Benchmark v2.1.0 | |
