| 2.1.6 Ensure the latest firmware is installed | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.7 Disable USB Firmware and configuration installation | CONFIGURATION MANAGEMENT |
| 2.1.8 Disable static keys for TLS | CONFIGURATION MANAGEMENT |
| 2.1.9 Enable Global Strong Encryption | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.11 Ensure CDN is enabled for improved GUI performance | CONFIGURATION MANAGEMENT |
| 2.1.13 Ensure Hostname is Not Displayed On Login GUI | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.2 Allow only trusted hosts in SNMPv3 | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.3 Disable SNMPv3 Query Per User | CONFIGURATION MANAGEMENT |
| 2.5.1 Ensure High Availability configuration is enabled | SYSTEM AND INFORMATION INTEGRITY |
| 2.5.4 Ensure High Availability Group-ID is configured | SYSTEM AND INFORMATION INTEGRITY |
| 3.1 Ensure that unused policies are reviewed regularly | CONFIGURATION MANAGEMENT |
| 4.1.1 Detect Botnet connections | SYSTEM AND INFORMATION INTEGRITY |
| 4.2.1 Ensure Antivirus Definition Push Updates are Configured | SYSTEM AND INFORMATION INTEGRITY |
| 4.2.2 Apply Antivirus Security Profile to Policies | SYSTEM AND INFORMATION INTEGRITY |
| 4.2.3 Enable Outbreak Prevention Database | SYSTEM AND INFORMATION INTEGRITY |
| 4.2.4 Enable AI /heuristic based malware detection | SYSTEM AND INFORMATION INTEGRITY |
| 4.2.5 Enable grayware detection on antivirus | SYSTEM AND INFORMATION INTEGRITY |
| 4.2.7 Enable CDR for proxy mode on XLSB, OpenOffice, and RTF files | SYSTEM AND INFORMATION INTEGRITY |
| 4.3.1 Enable Botnet C&C Domain Blocking DNS Filter | SYSTEM AND INFORMATION INTEGRITY |
| 4.5.2 Block applications running on non-default ports | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.1.1 Ensure Security Fabric is Configured | CONFIGURATION MANAGEMENT |
| 6.1.1 Apply a Trusted Signed Certificate for VPN Portal | ACCESS CONTROL |
| 6.1.2 Enable Limited TLS Versions for SSL VPN | ACCESS CONTROL |
| 7.1.1 Enable Event Logging | AUDIT AND ACCOUNTABILITY |
| 7.2.1 Centralized Logging and Reporting | AUDIT AND ACCOUNTABILITY |
