| NET-IPV6-025 - IPv6 Site Local Unicast ADDR must not be defined | CONFIGURATION MANAGEMENT |
| NET-IPV6-033 - IPv6 routers are not configured with CEF enabled | CONFIGURATION MANAGEMENT |
| NET-IPV6-034 - IPv6 Egress Outbound Spoofing Filter - 'deny ipv6 any any log' | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET-IPV6-034 - IPv6 Egress Outbound Spoofing Filter - 'ipv6 verify unicast source reachable-via rx OUTBOUND_TO_BACKBONE' | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET-IPV6-059 - Maximum hop limit is less than 32 | CONFIGURATION MANAGEMENT |
| NET-IPV6-065 - The 6-to-4 router is not filtering protocol 41 - 'ip access-group IPV4_EGRESS_FILTER' | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET-IPV6-065 - The 6-to-4 router is not filtering protocol 41 - 'ip access-list IPV4_EGRESS_FILTER' | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET-IPV6-065 - The 6-to-4 router is not filtering protocol 41 - 'tunnel mode ipv6ip 6to4' | ACCESS CONTROL |
| NET-IPV6-066 - 6-to-4 router not filtering invalid source address - 'ipv6 traffic-filter IPV6_EGRESS_ACL in' | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET-IPV6-066 - 6-to-4 router not filtering invalid source address - 'permit ipv6 2002:V4ADDR::/48' | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET-MCAST-001 - PIM enabled on wrong interfaces -'interfaces enabled for PIM' | |
| NET-MCAST-001 - PIM enabled on wrong interfaces -'ip multicast-routing' | CONFIGURATION MANAGEMENT |
| NET-MCAST-001 - PIM enabled on wrong interfaces -'ipv6 multicast-routing' | CONFIGURATION MANAGEMENT |
| NET-MCAST-002 - PIM neighbor filter is not configured - 'ip access-list standard IP_PIM_NEIGHBORS_ACL' | |
| NET-MCAST-002 - PIM neighbor filter is not configured - 'ip pim neighbor-filter IP_PIM_NEIGHBORS_ACL' | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET-MCAST-002 - PIM neighbor filter is not configured - 'ipv6 access-list IPV6_PIM_NEIGHBORS_ACL' | |
| NET-MCAST-002 - PIM neighbor filter is not configured - 'ipv6 pim neighbor-filter list IPV6_PIM_NEIGHBORS_ACL' | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET-MCAST-010 - No Admin-local or Site-local boundary - 'ip multicast boundary' | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET-MCAST-010 - No Admin-local or Site-local boundary - 'ipv6 multicast boundary scope 5' | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET-MCAST-010 - No Admin-local or Site-local boundary - ip access-list standard - 'deny 239' | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET-MCAST-010 - No Admin-local or Site-local boundary - ip access-list standard - 'permit 224' | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET-SRVFRM-003 - ACLs must restrict access to server VLANs | |
| NET-TUNL-012 - Tunnel Default Router Configured | |
| NET-TUNL-017 - ISATAP tunnels must terminate at interior router | |
| NET-TUNL-034 - L2TPv3 sessions are not authenticated - authentication check | CONFIGURATION MANAGEMENT |
| NET-TUNL-034 - L2TPv3 sessions are not authenticated - encapsulation check | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0230 - Network element is not password protected | IDENTIFICATION AND AUTHENTICATION |
| NET0240 - Devices exist with standard default passwords | |
| NET0340 - Network devices must display the DoD-approved logon banner warning. | ACCESS CONTROL |
| NET0400 - Interior routing protocols are not authenticated - 'EIGRP (Interface Check - authentication key-chain)' | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0400 - Interior routing protocols are not authenticated - 'EIGRP (Interface Check - authentication mode)' | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0400 - Interior routing protocols are not authenticated - 'EIGRP (Key-Chain Check)' | IDENTIFICATION AND AUTHENTICATION |
| NET0400 - Interior routing protocols are not authenticated - 'IS-IS (Interface Check - isis authentication key-chain)' | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0400 - Interior routing protocols are not authenticated - 'IS-IS (Interface Check - isis authentication mode)' | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0400 - Interior routing protocols are not authenticated - 'IS-IS (Key-Chain Check)' | IDENTIFICATION AND AUTHENTICATION |
| NET0400 - Interior routing protocols are not authenticated - 'IS-IS (Router Check - authentication key-chain)' | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0400 - Interior routing protocols are not authenticated - 'IS-IS (Router Check - authentication mode)' | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0400 - Interior routing protocols are not authenticated - 'OSPFv2 (Interface Check)' | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0400 - Interior routing protocols are not authenticated - 'OSPFv2 (Router Check)' | IDENTIFICATION AND AUTHENTICATION |
| NET0400 - Interior routing protocols are not authenticated - 'RIPv2 (Interface Check - authentication key-chain)' | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0400 - Interior routing protocols are not authenticated - 'RIPv2 (Interface Check - authentication mode)' | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0400 - Interior routing protocols are not authenticated - 'RIPv2 (Key-Chain Check)' | IDENTIFICATION AND AUTHENTICATION |
| NET0405 - A service or feature that calls home to the vendor must be disabled. | ACCESS CONTROL |
| NET0408 - BGP must authenticate all peers | IDENTIFICATION AND AUTHENTICATION |
| NET0422 - Keys expiration exceeds 180 days. | IDENTIFICATION AND AUTHENTICATION |
| NET0425 - An Infinite Lifetime key has not been implemented - 'Ensure rotating keys are not set to accept-lifetime infinite - Key 1' | IDENTIFICATION AND AUTHENTICATION |
| NET0425 - An Infinite Lifetime key has not been implemented - 'Ensure rotating keys are not set to accept-lifetime infinite - Key 2' | IDENTIFICATION AND AUTHENTICATION |
| NET0425 - An Infinite Lifetime key has not been implemented - 'Ensure rotating keys are not set to send-lifetime infinite - Key 1' | IDENTIFICATION AND AUTHENTICATION |
| NET0425 - An Infinite Lifetime key has not been implemented - 'Ensure rotating keys are not set to send-lifetime infinite - Key 2' | IDENTIFICATION AND AUTHENTICATION |
| NET0425 - An Infinite Lifetime key has not been implemented - 'Third key set to accept-lifetime infinite' | IDENTIFICATION AND AUTHENTICATION |
