| 3.1.1 Ensure packet redirect sending is disabled - net.ipv4.conf.default.send_redirects (sysctl.conf/sysctl.d) | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure packet redirect sending is disabled - sysctl net.ipv4.conf.all.send_redirects | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure source routed packets are not accepted - sysctl net.ipv4.conf.all.accept_source_route | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure source routed packets are not accepted - sysctl net.ipv4.conf.default.accept_source_route | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.2 Ensure ICMP redirects are not accepted - net.ipv4.conf.all.accept_redirects (sysctl.conf/sysctl.d) | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.2 Ensure ICMP redirects are not accepted - net.ipv6.conf.all.accept_redirects (sysctl.conf/sysctl.d) | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.2 Ensure ICMP redirects are not accepted - sysctl net.ipv4.conf.all.accept_redirects | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.3 Ensure secure ICMP redirects are not accepted - 'net.ipv4.conf.default.secure_redirects' (sysctl.conf/sysctl.d) | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.9 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.default.accept_ra' (sysctl.conf/sysctl.d) | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.3.1 Ensure source routed packets are not accepted - net.ipv4.conf.default.accept_source_route (sysctl.conf/sysctl.d) | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.3.1 Ensure source routed packets are not accepted - net.ipv6.conf.all.accept_source_route (sysctl.conf/sysctl.d) | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.3.2 Ensure ICMP redirects are not accepted - net.ipv6.conf.default.accept_redirects (sysctl.conf/sysctl.d) | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.3.3 Ensure secure ICMP redirects are not accepted - 'net.ipv4.conf.default.secure_redirects' (sysctl.conf/sysctl.d) | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.3.7 Ensure Reverse Path Filtering is enabled - 'sysctl net.ipv4.conf.default.rp_filter' | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.3.8 Ensure TCP SYN Cookies is enabled - sysctl exec | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.3.9 Ensure IPv6 router advertisements are not accepted - 'net.ipv6.conf.default.accept_ra' (sysctl.conf/sysctl.d) | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.3.9 Ensure IPv6 router advertisements are not accepted - 'sysctl net.ipv6.conf.all.accept_ra' | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (32-bit) | CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - auditctl init_module/delete_module (64-bit) | CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - auditctl insmod | CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.16 Ensure kernel module loading and unloading is collected - init_module/delete_module (32-bit) | CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| Ensure bogus ICMP responses are ignored - /etc/sysctl | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure bogus ICMP responses are ignored - sysctl | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure broadcast ICMP requests are ignored - /etc/sysctl | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure ICMP redirects are not accepted - /etc/sysctl ipv4 all accept | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure ICMP redirects are not accepted - sysctl ipv4 all accept | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure ICMP redirects are not accepted - sysctl ipv4 default accept | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure IP forwarding is disabled - sysctl | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure IPv6 redirects are not accepted - /etc/sysctl ipv6 all accept | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure IPv6 redirects are not accepted - /etc/sysctl ipv6 default accept | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure IPv6 redirects are not accepted - sysctl ipv6 all accept | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure IPv6 redirects are not accepted - sysctl ipv6 default accept | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure IPv6 router advertisements are not accepted - /etc/sysctl ipv6 all accept | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure IPv6 router advertisements are not accepted - /etc/sysctl ipv6 default accept | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure IPv6 router advertisements are not accepted - sysctl ipv6 all accept | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure packet redirect sending is disabled - /etc/sysctl ipv4 default send | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure packet redirect sending is disabled - sysctl ipv4 all send | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure packet redirect sending is disabled - sysctl ipv4 default send | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure Reverse Path Filtering is enabled - /etc/sysctl ipv4 all rp_filter | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure Reverse Path Filtering is enabled - /etc/sysctl ipv4 default rp_filter | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure Reverse Path Filtering is enabled - sysctl ipv4 all rp_filter | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure Reverse Path Filtering is enabled - sysctl ipv4 default rp_filter | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure secure ICMP redirects are not accepted - /etc/sysctl ipv4 all secure | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure secure ICMP redirects are not accepted - /etc/sysctl ipv4 default secure | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure source routed packets are not accepted - /etc/sysctl ipv4 all acccept | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure source routed packets are not accepted - sysctl ipv4 all acccept | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure source routed packets are not accepted - sysctl ipv4 default accept | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure TCP SYN Cookies is enabled - /etc/sysctl | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Microsoft network server: Amount of idle time required before suspending session | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | ACCESS CONTROL |
| Microsoft network server: Amount of idle time required before suspending session | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
