| 3.1 - Roles, Applications, and Authentication - Review authentication methods | |
| 3.1 - Roles, Applications, and Authentication - Review custom roles | ACCESS CONTROL |
| 3.1 - Roles, Applications, and Authentication - RSH is disabled | CONFIGURATION MANAGEMENT |
| 3.1 - Roles, Applications, and Authentication - Telnet is disabled | CONFIGURATION MANAGEMENT |
| 3.1 - Roles, Applications, and Authentication - Use of secure applications | |
| 3.2 - Default Accounts - Admin user has been renamed - create new admin | ACCESS CONTROL |
| 3.2 - Default Accounts - Admin user has been renamed - default admin disabled or deleted | |
| 3.2 - Default Accounts - Review default accounts | ACCESS CONTROL |
| 3.3 - Certificate-Based API Access | |
| 3.4 - Login and Password Parameters - Account expiration time | |
| 3.4 - Login and Password Parameters - Account inactivity time | |
| 3.4 - Login and Password Parameters - Account Maximum Failed Attempts <= 5 | |
| 3.4 - Login and Password Parameters - Delay after failed login <= 4 seconds | |
| 3.4 - Login and Password Parameters - Delay between password changes <= 1 | |
| 3.4 - Login and Password Parameters - Hash Algorithm SHA512 | |
| 3.4 - Login and Password Parameters - Lockout Duration <= 1 Day | |
| 3.4 - Login and Password Parameters - Password Alphanumeric = true | |
| 3.4 - Login and Password Parameters - Password Expiration Time <=90 days | IDENTIFICATION AND AUTHENTICATION |
| 3.4 - Login and Password Parameters - Password expiration warning | IDENTIFICATION AND AUTHENTICATION |
| 3.4 - Login and Password Parameters - Password minimum digits <= 1 | |
| 3.4 - Login and Password Parameters - Password Minimum Length >= 8 | |
| 3.4 - Login and Password Parameters - Password minimum lowercase <= 1 | |
| 3.4 - Login and Password Parameters - Password Minimum Special Characters >= 1 | |
| 3.4 - Login and Password Parameters - Password minimum uppercase <= 1 | |
| 3.4 - Login and Password Parameters - Password Require Initial Update = true | |
| 3.4 - Login and Password Parameters - Passwords Disallow Reuse >= 6 | IDENTIFICATION AND AUTHENTICATION |
| 3.4 - Login and Password Parameters - Username Alphanumeric = false | |
| 3.4 - Login and Password Parameters - Username Minimum Lenth >= 3 | |
| 4.1 - System Administration Methods - CLI Session Timeout | |
| 4.1 - System Administration Methods - Login Banner | ACCESS CONTROL |
| 4.1 - System Administration Methods - Message of the Day | ACCESS CONTROL |
| 5.1 - Storage Administrative System Auditing - Log Forwarding enabled | AUDIT AND ACCOUNTABILITY |
| 5.1 - Storage Administrative System Auditing - Log Forwarding protocol tcp-encrypted | AUDIT AND ACCOUNTABILITY |
| 5.2 - Storage Administrative System Auditing - Event Notifications | AUDIT AND ACCOUNTABILITY |
| 6 - Storage Encryption | |
| 7 - Data Replication Encryption | |
| 8 - Managing TLS and SSL - FIPS 140-2 Enabled | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8 - Managing TLS and SSL - SSLv3 disabled | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8 - Managing TLS and SSL - Supported Ciphers | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8 - Managing TLS and SSL - TLSv1 disabled | SYSTEM AND COMMUNICATIONS PROTECTION |
| 10 - Online Certificate Status Protocol | |
| 11 - Managing SSHv2 - Ciphers | |
| 11 - Managing SSHv2 - Key Exchange Algorithms | |
| 11 - Managing SSHv2 - MAC Algorithms | |
| 11 - Managing SSHv2 - Max Authentication Retry Count | |
| 12 - AutoSupport - Enabled | |
| 12 - AutoSupport - Remove Private Data | SYSTEM AND INFORMATION INTEGRITY |
| 12 - AutoSupport - Transport type | |
| 13 - Network Time Protocol | AUDIT AND ACCOUNTABILITY |
| 14 - NAS File System Local Accounts - Use NTLM Authentication with CIFS Workgroups | |
