| 1.2.3.4.3 Configure 'Customize Warning Messages' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL |
| 1.6.2 Ensure 'SSH version 2' is enabled | CIS Cisco ASA 9.x Firewall L1 v1.1.0 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.9 Management plane protection | CIS Cisco IOS XR 7.x v1.0.0 L2 | Cisco | ACCESS CONTROL |
| 2.0 Install & Config - 'Enable SSH' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.0 Install & Config - 'Enable SSHv2' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.1.1 Ensure 'SECURE_CONTROL_<listener_name>' Is Set In 'listener.ora' | CIS Oracle Server 11g R2 Unix v2.2.0 | Unix | ACCESS CONTROL |
| 2.1.1 Ensure 'SECURE_CONTROL_<listener_name>' Is Set In 'listener.ora' | CIS Oracle Server 11g R2 Windows v2.2.0 | Windows | ACCESS CONTROL |
| 2.2.32 Ensure 'Deny log on through Remote Desktop Services' is set to 'Guests, Local account, Enterprise Admins Group, and Domain Admins Group' (STIG MS only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.4.5 Disable Remote Login | CIS Apple macOS 10.12 L1 v1.2.0 | Unix | ACCESS CONTROL |
| 2.4.5 Disable Remote Login | CIS Apple OSX 10.9 L1 v1.3.0 | Unix | ACCESS CONTROL |
| 2.4.5 Disable Remote Login | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 2.4.5 Disable Remote Login | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | ACCESS CONTROL |
| 2.4.5 Disable Remote Login | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | ACCESS CONTROL |
| 3.2 Ensure JDK Security Manager is Enabled | CIS IBM WebSphere Liberty v1.0.0 L2 | Unix | ACCESS CONTROL |
| 3.2.1.16 Ensure 'Allow adding VPN configurations' is set to 'Disabled' | AirWatch - CIS Apple iOS 17 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.2.1.16 Ensure 'Allow adding VPN configurations' is set to 'Disabled' | MobileIron - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | ACCESS CONTROL |
| 3.2.1.16 Ensure 'Allow adding VPN configurations' is set to 'Disabled' | MobileIron - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | ACCESS CONTROL |
| 3.2.1.16 Ensure 'Allow adding VPN configurations' is set to 'Disabled' | MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | ACCESS CONTROL |
| 3.2.1.16 Ensure 'Allow adding VPN configurations' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | ACCESS CONTROL |
| 3.2.1.16 Ensure 'Allow adding VPN configurations' is set to 'Disabled' | MobileIron - CIS Apple iOS 17 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.2.1.16 Ensure 'Allow adding VPN configurations' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | ACCESS CONTROL |
| 3.2.1.16 Ensure 'Allow adding VPN configurations' is set to 'Disabled' | AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | ACCESS CONTROL |
| 6.1.9 Disable SSH root Login - Check if PermitRootLogin is set to no and not commented for the server. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 6.6 Disable root login for SSH | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 9.3.8 Disable SSH Root Login | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | ACCESS CONTROL |
| 18.9.59.3.9.4 Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 18.9.59.3.9.4 Ensure 'Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| Allow Basic authentication - Client - AllowBasic | MSCT Windows 10 v21H1 v1.0.0 | Windows | ACCESS CONTROL |
| Allow Basic authentication - Service - AllowBasic | MSCT Windows 11 v22H2 v1.0.0 | Windows | ACCESS CONTROL |
| Allow Basic authentication - Service - AllowBasic | MSCT Windows 11 v24H2 v1.0.0 | Windows | ACCESS CONTROL |
| Allow Basic authentication - Service - AllowBasic | MSCT Windows 10 v22H2 v1.0.0 | Windows | ACCESS CONTROL |
| Allow Basic authentication - Service - AllowBasic | MSCT Windows 11 v23H2 v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Client - AllowUnencryptedTraffic | MSCT Windows 10 v22H2 v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Client - AllowUnencryptedTraffic | MSCT MSCT Windows Server 2022 DC v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Client - AllowUnencryptedTraffic | MSCT Windows 10 v21H1 v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Service - AllowUnencryptedTraffic | MSCT Windows 10 v21H1 v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Service - AllowUnencryptedTraffic | MSCT Windows 11 v24H2 v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Service - AllowUnencryptedTraffic | MSCT Windows 11 v1.0.0 | Windows | ACCESS CONTROL |
| Brocade - Set SNMP security level to authentication and privacy | Tenable Best Practices Brocade FabricOS | Brocade | ACCESS CONTROL |
| Configure Solicited Remote Assistance - fAllowToGetHelp | MSCT Windows 11 v24H2 v1.0.0 | Windows | ACCESS CONTROL |
| Configure Solicited Remote Assistance - fAllowToGetHelp | MSCT Windows 11 v23H2 v1.0.0 | Windows | ACCESS CONTROL |
| Disallow Digest authentication | MSCT Windows 11 v22H2 v1.0.0 | Windows | ACCESS CONTROL |
| FireEye - SNMP v3 users have passwords | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - SNMP v3 uses AES instead of DES | TNS FireEye | FireEye | ACCESS CONTROL |
| Fortigate - Admin access - trusted hosts | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | ACCESS CONTROL |
| Fortigate - HTTPS/SSH admin access strong ciphers | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows 11 v24H2 v1.0.0 | Windows | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows 11 v1.0.0 | Windows | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows 10 v21H1 v1.0.0 | Windows | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows 10 v22H2 v1.0.0 | Windows | ACCESS CONTROL |
