| 1.1.3.6.2 Set 'Interactive logon: Smart card removal behavior' to 'Lock Workstation' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.6.3 Configure Netflow on Strategic Ports | CIS Cisco NX-OS L2 v1.1.0 | Cisco | AUDIT AND ACCOUNTABILITY, INCIDENT RESPONSE, SYSTEM AND INFORMATION INTEGRITY |
| 2.2.3 Ensure a print server is not installed | CIS Amazon Linux 2023 Server L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.3 Ensure CUPS is not installed | CIS Debian 10 Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.3 Ensure CUPS is not installed | CIS Ubuntu Linux 20.04 LTS Server L1 v2.0.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.4 Ensure CUPS is not enabled | CIS Amazon Linux v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.4 Ensure CUPS is not enabled | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.4 Ensure CUPS is not enabled | CIS Ubuntu Linux 14.04 LTS Workstation L2 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.4 Ensure CUPS is not installed | CIS SUSE Linux Enterprise 12 v3.1.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.4 Ensure CUPS is not installed | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.4 Ensure CUPS is not installed | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.4 Ensure CUPS is not installed | CIS SUSE Linux Enterprise 15 Server L1 v1.1.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.20 Ensure 'Deny log on through Remote Desktop Services' to include 'Guests, Local account' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL |
| ARST-L2-000020 - The Arista MLS layer 2 switch must uniquely identify all network-connected endpoint devices before establishing any connection. | DISA STIG Arista MLS EOS 4.2x L2S v2r1 | Arista | IDENTIFICATION AND AUTHENTICATION |
| ARST-L2-000130 - The Arista MLS layer 2 switch must have IGMP or MLD Snooping configured on all VLANs. | DISA STIG Arista MLS EOS 4.2x L2S v2r1 | Arista | CONFIGURATION MANAGEMENT |
| ARST-L2-000170 - The Arista MLS layer 2 switch must have all disabled switch ports assigned to an unused VLAN. | DISA STIG Arista MLS EOS 4.2x L2S v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-L2-000200 - The Arista MLS layer 2 switch must not use the default VLAN for management traffic. | DISA STIG Arista MLS EOS 4.2x L2S v2r1 | Arista | CONTINGENCY PLANNING |
| ARST-L2-000230 - The Arista MLS layer 2 switch must not have any switch ports assigned to the native VLAN. | DISA STIG Arista MLS EOS 4.2x L2S v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| Audit server does not support encryption | MSCT Windows 11 v24H2 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit server does not support signing | MSCT Windows 11 v24H2 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| check for correct radius server 2/2 | CIS Cisco IOS XR 7.x v1.0.0 L2 | Cisco | |
| check for correct TACACS+ server 2/2 | CIS Cisco IOS XR 7.x v1.0.0 L2 | Cisco | |
| CIS_MS_Windows_7_v3.2.0_Bitlocker.audit from CIS Microsoft Windows 7 Workstation Benchmark v3.2.0 | CIS Windows 7 Workstation Bitlocker v3.2.0 | Windows | |
| CIS_MS_Windows_7_v3.2.0_Level_1_Bitlocker.audit from CIS Microsoft Windows 7 Workstation Benchmark v3.2.0 | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | |
| CIS_MS_Windows_7_v3.2.0_Level_1.audit from CIS Microsoft Windows 7 Workstation Benchmark v3.2.0 | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | |
| CIS_MS_Windows_7_v3.2.0_Level_2_Bitlocker.audit from CIS Microsoft Windows 7 Workstation Benchmark v3.2.0 | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | |
| CIS_MS_Windows_7_v3.2.0_Level_2.audit from CIS Microsoft Windows 7 Workstation Benchmark v3.2.0 | CIS Windows 7 Workstation Level 2 v3.2.0 | Windows | |
| CIS_MS_Windows_8.1_v2.4.1_Level_1_Bitlocker.audit from CIS Microsoft Windows 8.1 Workstation Benchmark v2.4.1 | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | |
| CIS_MS_Windows_8.1_v2.4.1_Level_1.audit from CIS Microsoft Windows 8.1 Workstation Benchmark v2.4.1 | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | |
| CIS_MS_Windows_8.1_v2.4.1_Level_2_Bitlocker.audit from CIS Microsoft Windows 8.1 Workstation Benchmark v2.4.1 | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | |
| CIS_MS_Windows_8.1_v2.4.1_Level_2.audit from CIS Microsoft Windows 8.1 Workstation Benchmark v2.4.1 | CIS Microsoft Windows 8.1 v2.4.1 L2 | Windows | |
| CISC-RT-000680 - The Cisco PE router providing Virtual Private LAN Services (VPLS) must be configured to have all attachment circuits defined to the virtual forwarding instance (VFI) with the globally unique VPN ID assigned for each customer VLAN - VFI with the globally unique VPN ID assigned for each customer VLAN | DISA STIG Cisco IOS XE Router RTR v3r2 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-RT-000680 - The Cisco PE switch providing Virtual Private LAN Services (VPLS) must be configured to have all attachment circuits defined to the virtual forwarding instance (VFI) with the globally unique VPN ID assigned for each customer VLAN. | DISA STIG Cisco IOS XE Switch RTR v3r1 | Cisco | CONFIGURATION MANAGEMENT |
| Enable insecure guest logons | MSCT Windows 11 v23H2 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Enable insecure guest logons | MSCT Windows Server 1903 MS v1.19.9 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Enable insecure guest logons | MSCT Windows Server 2019 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Enable insecure guest logons | MSCT Windows 10 1909 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Enable insecure guest logons | MSCT Windows 11 v24H2 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| JUEX-L2-000030 - The Juniper layer 2 switch must be configured to disable all dynamic VLAN registration protocols. | DISA Juniper EX Series Layer 2 Switch v2r2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| Mandate the maximum version of SMB - LanmanWorkstation | MSCT Windows 11 v24H2 v1.0.0 | Windows | |
| Mandate the minimum version of SMB - LanmanWorkstation | MSCT Windows 11 v24H2 v1.0.0 | Windows | |
| Red Hat Enterprise Linux 6 Workstation is installed | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | |
| Red Hat Enterprise Linux 6 Workstation is installed | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | |
| WN10-CC-000040 - Insecure logons to an SMB server must be disabled. | DISA Windows 10 STIG v3r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000040 - Insecure logons to an SMB server must be disabled. | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN16-CC-000080 - Insecure logons to an SMB server must be disabled. | DISA Windows Server 2016 STIG v2r9 | Windows | CONFIGURATION MANAGEMENT |
| WN19-CC-000070 - Windows Server 2019 insecure logons to an SMB server must be disabled. | DISA Windows Server 2019 STIG v3r2 | Windows | CONFIGURATION MANAGEMENT |
| WN19-SO-000150 - Windows Server 2019 Smart Card removal option must be configured to Force Logoff or Lock Workstation. | DISA Windows Server 2019 STIG v3r2 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000070 - Windows Server 2022 insecure logons to an SMB server must be disabled. | DISA Windows Server 2022 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN22-SO-000150 - Windows Server 2022 Smart Card removal option must be configured to Force Logoff or Lock Workstation. | DISA Windows Server 2022 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
