| 2.2.3 - Configuring SSH - server protocol - 'Protocol 2' | CIS AIX 5.3/6.1 L1 v1.1.0 | Unix | |
| 18.9.5.7 (L1) Ensure 'Turn On Virtualization Based Security: Kernel-mode Hardware-enforced Stack Protection' is set to 'Enabled: Enabled in enforcement mode' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.5.7 (L1) Ensure 'Turn On Virtualization Based Security: Kernel-mode Hardware-enforced Stack Protection' is set to 'Enabled: Enabled in enforcement mode' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.5.7 (L1) Ensure 'Turn On Virtualization Based Security: Kernel-mode Hardware-enforced Stack Protection' is set to 'Enabled: Enabled in enforcement mode' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.5.7 (L1) Ensure 'Turn On Virtualization Based Security: Kernel-mode Hardware-enforced Stack Protection' is set to 'Enabled: Enabled in enforcement mode' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.28.2 (L2) Ensure 'Turn off account-based insights, recent, favorite, and recommended files in File Explorer' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L2 + BitLocker | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.2 (L1) Ensure 'Allow camera and microphone access in Microsoft Defender Application Guard' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.2 (L1) Ensure 'Allow camera and microphone access in Microsoft Defender Application Guard' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v3.0.0 L1 + BL | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.2 (L1) Ensure 'Allow camera and microphone access in Microsoft Defender Application Guard' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.2 (L1) Ensure 'Allow camera and microphone access in Microsoft Defender Application Guard' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v3.0.0 L1 + BL | Windows | CONFIGURATION MANAGEMENT |
| 23.4 (L1) Ensure 'Credential Guard' is set to 'Enabled with UEFI lock' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| check for correct radius server 1/2 | CIS Cisco IOS XR 7.x v1.0.0 L2 | Cisco | |
| check for correct radius server 2/2 | CIS Cisco IOS XR 7.x v1.0.0 L2 | Cisco | |
| check for correct TACACS+ server 1/2 | CIS Cisco IOS XR 7.x v1.0.0 L2 | Cisco | |
| check for correct TACACS+ server 2/2 | CIS Cisco IOS XR 7.x v1.0.0 L2 | Cisco | |
| check for ntp server 2 | CIS Cisco IOS XR 7.x v1.0.0 L1 | Cisco | |
| check for server 2 in group | CIS Cisco IOS XR 7.x v1.0.0 L2 | Cisco | |
| check ntp server #2 set | CIS Fortigate 7.0.x v1.3.0 L1 | FortiGate | |
| DNS Profile - Address - DNS Server 2 | Tenable Cisco ACI | Cisco_ACI | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-70-000081 - The ESXi host must not suppress warnings about unmitigated hyperthreading vulnerabilities. | DISA STIG VMware vSphere 7.0 ESXi v1r2 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000223 The ESXi host must not suppress warnings about unmitigated hyperthreading vulnerabilities. | DISA VMware vSphere 8.0 ESXi STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| Huawei: Command Levels Not Changed | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: Device clock disable DST adjustment | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: Disable SNMP write access | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| Huawei: Disable Telnet on IPV6 | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: Enable AAA authentication | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
| Huawei: Enable SNMP Traps | TNS Huawei VRP Best Practice Audit | Huawei | AUDIT AND ACCOUNTABILITY |
| Huawei: Information Center is not disabled. | TNS Huawei VRP Best Practice Audit | Huawei | AUDIT AND ACCOUNTABILITY |
| Huawei: Insecure HTTP is not configured. | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: Require Group for SNMPv3 Access | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Huawei: Review Device Info/Version | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: Set appropriate 'login' header | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| Huawei: Set appropriate 'shell' header | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| Huawei: Set super password | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
| Huawei: Simple Password Authentication is not used. | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
| Huawei: SNMP appropriate trap host | TNS Huawei VRP Best Practice Audit | Huawei | AUDIT AND ACCOUNTABILITY |
| Huawei: SNMP Community string != private | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
| Huawei: SNMP Community string != public | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
| Huawei: SNMP is Configured | TNS Huawei VRP Best Practice Audit | Huawei | |
| Huawei: User Interfaces are Authenticated | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
| Huawei: User Interfaces Configured Inbound SSH | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: User Interfaces Idle Timeout Less Than 5 Minutes | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| ntp server 2 | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | |
| ntp server 2 | DISA STIG Arista MLS EOS 4.2x NDM v2r1 | Arista | |
| Verify an external loghost is configured | TNS Huawei VRP Best Practice Audit | Huawei | |
| WBSP-AS-001290 - WebSphere Application Server must utilize FIPS 140-2-approved encryption modules when authenticating users and processes. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001290 - WebSphere Application Server must utilize FIPS 140-2-approved encryption modules when authenticating users and processes. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001290 - WebSphere Application Server must utilize FIPS 140-2-approved encryption modules when authenticating users and processes. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| WG340 W22 - A private web server must utilize an approved TLS version. - 'SSLEngine' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG340 W22 - A private web server must utilize an approved TLS version. - 'SSLProtocol' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
