| 3.2 Ensure JDK Security Manager is Enabled | ACCESS CONTROL |
| 4.2.1 Ensure 'trustDefaultCerts' is set to 'false' | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.10 Ensure mutual TLS authentication is enabled | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.13 Ensure that hardware crypto cards/modules (HSM) are used to store SSL/TLS certificates | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.14 Ensure SP800-131a recommendation is used for stronger cryptographic keys and more robust algorithms. | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.15 Ensure that the Federal Information Processing Standards (FIPS) are used for the cryptographic modules | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3.2 Ensure that constrained delegation is configured for SPNEGO (Simple and Protected GSSAPI Negotiation Mechanism) | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3 Ensure 'safkeyringhw:' is set to use a hardware crypto card | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS_IBM_WebSphere_Liberty_v1.0.0_L2.audit from CIS IBM WebSphere Liberty Benchmark v1.0.0 | |
