| 1.2.5 Ensure valid certificate is set for browser-based administrator interface - Authentication Profile | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.5 Ensure valid certificate is set for browser-based administrator interface - Certificate Profiles | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.5 Ensure valid certificate is set for browser-based administrator interface - Certificates | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.3 Ensure that the certificate securing Remote Access VPNs is valid - Certificates | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.3 Ensure that the certificate securing Remote Access VPNs is valid - GlobalProtect Gateways | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.3 Ensure that the certificate securing Remote Access VPNs is valid - GlobalProtect Portals | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1 Ensure that IP addresses are mapped to usernames - User ID Agents | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.1 Ensure that IP addresses are mapped to usernames - Zones | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2 Ensure that WMI probing is disabled | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 6.17 Ensure that a Zone Prot Profile with tuned Flood Protection settings enabled | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure application security policies exist when allowing traffic from an untrusted zone to a more trusted zone | ACCESS CONTROL |
| 8.3 Ensure that the Certificate used for Decryption is Trusted | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| CIS_Palo_Alto_Firewall_8_Benchmark_L2_v1.0.0.audit from CIS Palo Alto Firewall 8 Benchmark v1.0.0 | |
