| 1.1.1.2 SNMPv3 traps should be configured - configuration | AUDIT AND ACCOUNTABILITY |
| 1.1.1.2 SNMPv3 traps should be configured - hip match | AUDIT AND ACCOUNTABILITY |
| 1.1.1.2 SNMPv3 traps should be configured - host | AUDIT AND ACCOUNTABILITY |
| 1.1.1.2 SNMPv3 traps should be configured - ip-tag | AUDIT AND ACCOUNTABILITY |
| 1.1.1.2 SNMPv3 traps should be configured - user-id | AUDIT AND ACCOUNTABILITY |
| 1.2.5 Ensure valid certificate is set for browser-based administrator interface - Authentication Profile | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 1.2.5 Ensure valid certificate is set for browser-based administrator interface - Certificate Profiles | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 1.2.5 Ensure valid certificate is set for browser-based administrator interface - Certificates | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 1.6.3 Ensure that the Certificate Securing Remote Access VPNs is Valid | CONFIGURATION MANAGEMENT |
| 2.1 Ensure that IP addresses are mapped to usernames - User ID Agents | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.1 Ensure that IP addresses are mapped to usernames - Zones | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2 Ensure that WMI probing is disabled | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 6.17 Ensure that a Zone Protection Profile with tuned Flood Protection settings enabled for all flood types is attached to all untrusted zones | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 7.1 Ensure application security policies exist when allowing traffic from an untrusted zone to a more trusted zone | ACCESS CONTROL, MEDIA PROTECTION |
| 8.3 Ensure that the Certificate used for Decryption is Trusted | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| CIS_Palo_Alto_Firewall_9_Benchmark_v1.1.0_L2.audit from CIS Palo Alto Firewall 9 Benchmark v1.1.0 | |
