1.8 (L2) Host integrated hardware management controller must secure authentication | ACCESS CONTROL |
1.9 (L2) Host hardware must enable AMD SEV-ES, if available | CONFIGURATION MANAGEMENT, MAINTENANCE |
1.10 (L2) Host hardware must enable Intel SGX, if available | CONFIGURATION MANAGEMENT, MAINTENANCE |
1.11 (L2) Host hardware must secure unused external hardware ports | CONFIGURATION MANAGEMENT |
1.12 (L2) Host integrated hardware management controller must deactivate internal networking | CONFIGURATION MANAGEMENT |
2.12 (L2) Host must enable volatile key destruction | CONFIGURATION MANAGEMENT, MAINTENANCE |
3.21 (L2) Host should enable strict lockdown mode | ACCESS CONTROL |
3.23 (L2) Host must deny shell access for the vpxuser account | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
5.5 (L2) Host should deactivate virtual hardware management network interfaces | CONFIGURATION MANAGEMENT |
7.4 (L1) Virtual machines should deactivate 3D graphics features when not required | CONFIGURATION MANAGEMENT |
7.14 (L2) Virtual machines must remove unnecessary CD/DVD devices | CONFIGURATION MANAGEMENT |
7.28 (L2) Virtual machines should have virtual machine hardware version 19 or newer | SYSTEM AND SERVICES ACQUISITION |
8.15 (L2) VMware Tools must deactivate Guest Operations unless required | CONFIGURATION MANAGEMENT |