| 1.1.10 Set 'aaa accounting network' | CIS Cisco IOS 15 L2 v4.1.1 | Cisco | AUDIT AND ACCOUNTABILITY |
| 1.1.11 Set 'aaa accounting system' | CIS Cisco IOS 15 L2 v4.1.1 | Cisco | AUDIT AND ACCOUNTABILITY |
| 1.2.6 Set 'exec-timeout' to less than or equal to 10 minutes for 'line aux 0' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL |
| 1.2.9 Set 'exec-timeout' to less than or equal to 10 minutes 'line vty' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL |
| 1.5.2 Unset 'private' for 'snmp-server community' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.5.4 Do not set 'RW' for any 'snmp-server community' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.10.11 Ensure 'logging trap severity ' is greater than or equal to '5' | Tenable Cisco Firepower Best Practices Audit | Cisco | AUDIT AND ACCOUNTABILITY |
| 2.1.3 Set 'no ip bootp server' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.8 Set 'no service pad' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.1.4 Set 'key' for each 'ntp server' | CIS Cisco IOS 15 L2 v4.1.1 | Cisco | AUDIT AND ACCOUNTABILITY |
| 3.1.4 Set 'ip verify unicast source reachable-via' | CIS Cisco IOS 12 L2 v4.0.0 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 127.0.0.0' | CIS Cisco IOS 12 L2 v4.0.0 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny 224.0.0.0' | CIS Cisco IOS 12 L2 v4.0.0 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2.1 Set 'ip access-list extended' to Forbid Private Source Addresses from External Networks - 'Deny internal networks' | CIS Cisco IOS 12 L2 v4.0.0 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2.2 Set inbound 'ip access-group' on the External Interface | CIS Cisco IOS 15 L2 v4.1.1 | Cisco | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3.1.4 Set 'address-family ipv4 autonomous-system' | CIS Cisco IOS 15 L2 v4.1.1 | Cisco | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3.3.3 Set 'key-string' | CIS Cisco IOS 15 L2 v4.1.1 | Cisco | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.117 - Users must be prevented from connecting using Terminal Services. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 5.124 - Client computers required to authenticate for RPC communication. | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 5.135 - Hide mechanism for removing Zone information from file attachments. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.200 - Network - Mapper I/O Driver - ProhibitLLTDIOOnPrivateNet | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.201 - Network - Responder Driver - EnableRspndr | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.203 - Prohibit Network Bridge in Windows | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.207 - Network - Windows Connect Now Wizards | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.208 - Device Install - PnP Interface Remote Access | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.220 - Windows Movie Maker Codec Downloads | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.221 - Windows Movie Maker Web Links | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.223 - The classic logon screen must be required for user logons. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.224 - Power Mgmt - Password Wake on Battery | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 5.225 - Power Mgmt - Password Wake When Plugged In | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 5.240 - Windows Explorer - Shell Protocol Protected Mode | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.245 - Windows Mail - Communities | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| Ensure 'logging buffered severity ' is greater than or equal to '3' | Tenable Cisco Firepower Best Practices Audit | Cisco | AUDIT AND ACCOUNTABILITY |
| Ensure 'logging to Serial console' is disabled | Tenable Cisco Firepower Best Practices Audit | Cisco | AUDIT AND ACCOUNTABILITY |
| Ensure 'logging with timestamps' is enabled | Tenable Cisco Firepower Best Practices Audit | Cisco | AUDIT AND ACCOUNTABILITY |
| Ensure 'RIP authentication' is enabled | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure 'syslog hosts' is configured correctly | Tenable Cisco Firepower Best Practices Audit | Cisco | AUDIT AND ACCOUNTABILITY |
| SLES-12-010530 - The SUSE operating system file integrity tool must be configured to verify extended attributes. | DISA SLES 12 STIG v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-010680 - The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to prohibit the use of cached offline authentications after one day. | DISA SLES 12 STIG v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010690 - All SUSE operating system files and directories must have a valid owner. | DISA SLES 12 STIG v3r1 | Unix | ACCESS CONTROL |
| SLES-12-010760 - All SUSE operating system local initialization files must have mode 0740 or less permissive. | DISA SLES 12 STIG v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-020090 - Audispd must off-load audit records onto a different system or media from the SUSE operating system being audited. | DISA SLES 12 STIG v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-15-010500 - The SUSE operating system must configure the Linux Pluggable Authentication Modules (PAM) to prohibit the use of cached offline authentications after one day. | DISA SLES 15 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-15-020120 - The SUSE operating system must display the date and time of the last successful account logon upon an SSH logon. | DISA SLES 15 STIG v2r2 | Unix | ACCESS CONTROL |
| SLES-15-020290 - The SUSE operating system must prevent the use of dictionary words for passwords. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040200 - A separate file system must be used for SUSE operating system user home directories (such as /home or an equivalent). | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040250 - The SUSE operating system SSH daemon private host key files must have mode 0640 or less permissive. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040260 - The SUSE operating system SSH daemon must perform strict mode checking of home directory configuration files. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| WINER-000006 - The system must be configured to prevent the display of error messages to the user. | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WINER-000010 - The system must be configured to archive error reports. | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND INFORMATION INTEGRITY |
