| 1.2.1 Restrict Access to VTY Sessions | CIS Cisco NX-OS L1 v1.1.0 | Cisco | ACCESS CONTROL, CONFIGURATION MANAGEMENT, MAINTENANCE, SYSTEM AND INFORMATION INTEGRITY |
| 2.2.26 Ensure ldap_tls_cacert is set for LDAP - file | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 3.061 - Unencrypted remote access is permitted to system services. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 5.2.1 Minimize the admission of privileged containers | CIS RedHat OpenShift Container Platform v1.6.0 L1 | OpenShift | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 5.2.5 Minimize the admission of containers with allowPrivilegeEscalation | CIS RedHat OpenShift Container Platform v1.6.0 L1 | OpenShift | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 5.2.6 Minimize the admission of root containers | CIS RedHat OpenShift Container Platform v1.6.0 L2 | OpenShift | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 5.3.17 Ensure only strong MAC algorithms are used - MACs employing FIPS 140-2 approved cryptographic hash algorithms. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| Disabling the root shell login account | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| GEN003580 - The system must use initial TCP sequence numbers most resistant to sequence number guessing attacks. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003810 - The portmap or rpcbind service must not be running unless needed. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003820 - The rsh daemon must not be running. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003830 - The rlogind service must not be running. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003840 - The rexec daemon must not be running. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005260 - X Window System connections not required must be disabled. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005280 - The system must not have the UUCP service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005305 - The SNMP service must use only SNMPv3 or its successors. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005306 - SNMP service must require a FIPS 140-2 approved hash algorithm as part of its authentication and integrity methods | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005500 - The SSH daemon must be configured to only use the SSHv2 protocol. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005501 - The SSH client must be configured to only use the SSHv2 protocol. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005504 - The SSH daemon must only listen on management network addresses unless authorized for uses other than management. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005505 - The SSH daemon must be configured to only use FIPS 140-2 approved ciphers. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005507 - SSH daemon must be configured to only use MACs employing FIPS 140-2 approved cryptographic hash algorithms | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005510 - The SSH client must be configured to only use FIPS 140-2 approved ciphers. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005512 - The SSH client must only use MACs employing FIPS 140-2 approved cryptographic hash algorithms | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006040 - The system must not have any peer-to-peer file-sharing application installed. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006060 - The system must not run Samba unless needed. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006080 - The Samba Web Administration Tool (SWAT) must be restricted to the local host or require SSL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006380 - The system must not use UDP for NIS/NIS+. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006400 - The Network Information System (NIS) protocol must not be used. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006460 - Any NIS+ server must be operating at security level 2. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN009140 - The system must not have the chargen service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN009160 - The system must not have the Calendar Manager Service Daemon (CMSD) service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN009180 - The system must not have the tool-talk database server (ttdbserver) service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN009190 - The system must not have the comsat service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN009200 - The system must not have the daytime service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN009210 - The system must not have the discard service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN009220 - The system must not have the dtspc service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN009230 - The system must not have the echo service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN009240 - The system must not have Internet Message Access Protocol (IMAP) service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN009250 - The system must not have the PostOffice Protocol (POP3) service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN009260 - The system must not have the talk or ntalk services active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN009270 - The system must not have the netstat service active on the inetd process. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN009290 - The system must not have the systat service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN009300 - The inetd time service must not be active on the system on the inetd daemon. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN009320 - The system must not have the sprayd service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN009330 - The system must not have the rstatd service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN009340 - Xserver login managers must not be running unless needed for X11 session management. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| Monterey - Disable SSH Server for Remote Access Sessions | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| RHEL-09-251010 - RHEL 9 must have the firewalld package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| VCLD-70-000003 - VAMI must use cryptography to protect the integrity of remote sessions. | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
