| 5.3.2 Ensure that all Namespaces have Network Policies defined | CIS Kubernetes v1.20 Benchmark v1.0.0 L2 Master | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.2 Ensure that all Namespaces have Network Policies defined | CIS Kubernetes Benchmark v1.5.1 L2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.97.2.4 (L1) Ensure 'Disallow WinRM from storing RunAs credentials' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.97.2.4 Ensure 'Disallow WinRM from storing RunAs credentials' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.102.2.3 Ensure 'Disallow WinRM from storing RunAs credentials' is set to 'Enabled' - Enabled | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.88.2.4 (L1) Ensure 'Disallow WinRM from storing RunAs credentials' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.88.2.4 (L1) Ensure 'Disallow WinRM from storing RunAs credentials' is set to 'Enabled' | CIS Microsoft Windows Server 2019 v3.0.1 L1 DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.88.2.4 (L1) Ensure 'Disallow WinRM from storing RunAs credentials' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v3.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.89.2.4 (L1) Ensure 'Disallow WinRM from storing RunAs credentials' is set to 'Enabled' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.89.2.4 (L1) Ensure 'Disallow WinRM from storing RunAs credentials' is set to 'Enabled' | CIS Microsoft Windows Server 2016 STIG v2.0.0 L1 DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.89.2.4 (L1) Ensure 'Disallow WinRM from storing RunAs credentials' is set to 'Enabled' | CIS Microsoft Windows Server 2016 STIG v2.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.89.2.4 (L1) Ensure 'Disallow WinRM from storing RunAs credentials' is set to 'Enabled' | CIS Microsoft Windows Server 2019 STIG v2.0.0 STIG DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.89.2.4 (L1) Ensure 'Disallow WinRM from storing RunAs credentials' is set to 'Enabled' | CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AMLS-L3-000160 - If BGP is enabled on Arista MLS, it must not be a BGP peer with a router from an AS belonging to any Alternate Gateway. | DISA STIG Arista MLS DCS-7000 Series RTR V1R2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| AMLS-L3-000160 - If Border Gateway Protocol (BGP) is enabled on The Arista Multilayer Switch, The Arista Multilayer Switch must not be a BGP peer with a router from an Autonomous System belonging to any Alternate Gateway. | DISA STIG Arista MLS DCS-7000 Series RTR v1r3 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| AMLS-L3-000180 - Arista MLS must enforce that IGP instances configured on the OOB management gateway only peer with their own routing domain | DISA STIG Arista MLS DCS-7000 Series RTR V1R2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| AMLS-L3-000180 - The Arista Multilayer Switch must enforce that Interior Gateway Protocol instances configured on the out-of-band management gateway router only peer with their own routing domain. | DISA STIG Arista MLS DCS-7000 Series RTR v1r3 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| AMLS-L3-000280 - Arista MLS must restrict BGP connections to known IP addresses of neighbor routers from trusted Autonomous Systems (AS). | DISA STIG Arista MLS DCS-7000 Series RTR V1R2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U2-000590 - The Apache web server must be tuned to handle the operational requirements of the hosted application. | DISA STIG Apache Server 2.4 Unix Site v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U2-000590 - The Apache web server must be tuned to handle the operational requirements of the hosted application. | DISA STIG Apache Server 2.4 Unix Site v2r4 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-002600 - Kubernetes API Server must configure timeouts to limit attack surface. | DISA STIG Kubernetes v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI5-VM-000011 - The system must disable VM-to-VM communication through VMCI | DISA STIG VMWare ESXi 5 Virtual Machine STIG v1r7 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0166 - AG Network IP addresses are advertised in enclave - 'BGP distribute lists prefix lists' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0166 - AG Network IP addresses are advertised in enclave - 'BGP distribute lists prefix lists' | DISA STIG Cisco Perimeter Router v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0166 - AG Network IP addresses are advertised in enclave - 'EIGRP distribute lists prefix lists' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0166 - AG Network IP addresses are advertised in enclave - 'EIGRP distribute lists prefix lists' | DISA STIG Cisco Perimeter Router v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0166 - AG Network IP addresses are advertised in enclave - 'OSPF distribute lists prefix lists' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0166 - AG Network IP addresses are advertised in enclave - 'OSPF distribute lists prefix lists' | DISA STIG Cisco Perimeter Router v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0166 - AG Network IP addresses are advertised in enclave - 'RIP distribute lists prefix lists' | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0166 - AG Network IP addresses are advertised in enclave - 'RIP distribute lists prefix lists' | DISA STIG Cisco Perimeter Router v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0986 - Routes from the two IGP domains are redistributed | DISA STIG Cisco Perimeter Router v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0986 - Routes from the two IGP domains are redistributed | DISA STIG Cisco Infrastructure Router v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0986 - Routes from the two IGP domains are redistributed | DISA STIG Cisco Infrastructure L3 Switch v8r29 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0986 - Routes from the two IGP domains are redistributed | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| WA070 IIS7 - A private web server must be located on a separate controlled access subnet. | DISA IIS 7.0 Web Server v1r19 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
