| 1.1.4 Set an Export Password | CIS HPE Aruba Networking CX Switch v1.0.1 L1 | ArubaOS | IDENTIFICATION AND AUTHENTICATION |
| 1.1.8 Session Management | CIS HPE Aruba Networking CX Switch v1.0.1 L1 | ArubaOS | ACCESS CONTROL |
| 1.1.8 Session Management | CIS HPE Aruba Networking CX Switch v1.0.1 Optional Security Recommendations | ArubaOS | ACCESS CONTROL |
| 1.2.5 Set 'access-class' for 'line vty' | CIS Cisco IOS 12 L1 v4.0.0 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.4.1 Enable logging | CIS Cisco IOS XR 7.x v1.0.1 L1 | Cisco | AUDIT AND ACCOUNTABILITY |
| 2.1.1.1.2 Set the 'ip domain-name' | CIS Cisco IOS XE 17.x v2.2.1 L1 | Cisco | CONFIGURATION MANAGEMENT |
| 2.1.1.1.2 Set the 'ip domain-name' | CIS Cisco IOS XE 16.x v2.2.0 L1 | Cisco | CONFIGURATION MANAGEMENT |
| 2.2.1 Set 'logging enable' | CIS Cisco IOS XE 17.x v2.2.1 L1 | Cisco | AUDIT AND ACCOUNTABILITY |
| 2.2.1 Set 'logging enable' | CIS Cisco IOS XE 16.x v2.2.0 L1 | Cisco | AUDIT AND ACCOUNTABILITY |
| AIX7-00-002057 - AIX audit logs must be rotated daily. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AMLS-L3-000100 - The Arista Multilayer Switch must enforce approved authorizations for controlling the flow of information between interconnected networks in accordance with applicable policy. | DISA STIG Arista MLS DCS-7000 Series RTR v1r4 | Arista | ACCESS CONTROL |
| AMLS-L3-000110 - The Arista Multilayer Switch must disable Protocol Independent Multicast (PIM) on all interfaces that are not required to support multicast routing. | DISA STIG Arista MLS DCS-7000 Series RTR v1r4 | Arista | ACCESS CONTROL |
| BIND-9X-001500 - A BIND 9.x server implementation must be operating on a Current-Stable version as defined by ISC. | DISA BIND 9.x STIG v3r1 | Unix | CONFIGURATION MANAGEMENT |
| CISC-L2-000030 - The Cisco switch must authenticate all VLAN Trunk Protocol (VTP) messages with a hash function using the most secured cryptographic algorithm available. | DISA Cisco IOS XE Switch L2S STIG v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-L2-000040 - The Cisco switch must manage excess bandwidth to limit the effects of packet-flooding types of denial-of-service (DoS) attacks. | DISA Cisco IOS Switch L2S STIG v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-L2-000090 - The Cisco switch must have Root Guard enabled on all switch ports connecting to access layer switches. | DISA Cisco IOS Switch L2S STIG v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-L2-000100 - The Cisco switch must have Bridge Protocol Data Unit (BPDU) Guard enabled on all user-facing or untrusted access switch ports. | DISA Cisco IOS Switch L2S STIG v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-L2-000120 - The Cisco switch must have Unknown Unicast Flood Blocking (UUFB) enabled. | DISA Cisco IOS XE Switch L2S STIG v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-L2-000130 - The Cisco switch must have DHCP snooping for all user VLANs to validate DHCP messages from untrusted sources. | DISA Cisco IOS XE Switch L2S STIG v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-L2-000140 - The Cisco switch must have IP Source Guard enabled on all user-facing or untrusted access switch ports. | DISA Cisco IOS XE Switch L2S STIG v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-L2-000160 - The Cisco switch must have Storm Control configured on all host-facing switchports. | DISA Cisco IOS XE Switch L2S STIG v3r2 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-L2-000210 - The Cisco switch must have all disabled switch ports assigned to an unused VLAN. | DISA Cisco IOS XE Switch L2S STIG v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-L2-000210 - The Cisco switch must have all disabled switch ports assigned to an unused VLAN. | DISA Cisco NX OS Switch L2S STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-L2-000240 - The Cisco switch must not use the default VLAN for management traffic. | DISA Cisco IOS Switch L2S STIG v3r1 | Cisco | CONTINGENCY PLANNING |
| CISC-L2-000270 - The Cisco switch must not have any switchports assigned to the native VLAN. | DISA Cisco IOS XE Switch L2S STIG v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-000280 - The Cisco switch must produce audit records containing information to establish when (date and time) the events occurred. | DISA Cisco IOS XE Switch NDM STIG v3r6 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-000380 - The Cisco switch must be configured to protect audit information from unauthorized modification. | DISA Cisco IOS XE Switch NDM STIG v3r6 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-000720 - The Cisco switch must be configured to terminate all network connections associated with device management after five minutes of inactivity. | DISA Cisco IOS XE Switch NDM STIG v3r6 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-001150 - The Cisco switch must be configured to authenticate Network Time Protocol (NTP) sources using authentication with FIPS-compliant algorithms. | DISA Cisco NX OS Switch NDM STIG v3r6 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-001470 - The Cisco switch must be running an IOS release that is currently supported by Cisco Systems. | DISA Cisco IOS XE Switch NDM STIG v3r6 | Cisco | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| CISC-RT-000010 - The Cisco switch must be configured to enforce approved authorizations for controlling the flow of information within the network based on organization-defined information flow control policies. | DISA Cisco IOS XE Switch RTR STIG v3r4 | Cisco | ACCESS CONTROL |
| CISC-RT-000120 - The Cisco switch must be configured to protect against or limit the effects of denial-of-service (DoS) attacks by employing control plane protection. | DISA Cisco IOS XE Switch RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000170 - The Cisco switch must be configured to have Internet Control Message Protocol (ICMP) unreachable messages disabled on all external interfaces. | DISA Cisco IOS XE Switch RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000200 - The Cisco switch must be configured to log all packets that have been dropped at interfaces via an ACL. | DISA Cisco IOS XE Switch RTR STIG v3r4 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-RT-000240 - The Cisco perimeter switch must be configured to deny network traffic by default and allow network traffic by exception. | DISA Cisco IOS XE Switch RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000250 - The Cisco perimeter switch must be configured to enforce approved authorizations for controlling the flow of information between interconnected networks in accordance with applicable policy. | DISA Cisco IOS XE Switch RTR STIG v3r4 | Cisco | ACCESS CONTROL |
| CISC-RT-000330 - The Cisco perimeter switch must be configured to filter ingress traffic at the external interface on an inbound direction. | DISA Cisco IOS XE Switch RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000396 - The Cisco perimeter switch must be configured to drop IPv6 packets containing an extension header with the Endpoint Identification option. | DISA Cisco IOS XE Switch RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000450 - The Cisco switch must be configured to only permit management traffic that ingresses and egresses the out-of-band management (OOBM) interface. | DISA Cisco IOS XE Switch RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000730 - The Cisco PE router must be configured to block any traffic that is destined to IP core infrastructure. | DISA Cisco IOS XE Router RTR STIG v3r5 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000730 - The Cisco PE router must be configured to block any traffic that is destined to IP core infrastructure. | DISA Cisco IOS XR Router RTR STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000760 - The Cisco PE switch must be configured to enforce a Quality-of-Service (QoS) policy to provide preferred treatment for mission-critical applications. | DISA Cisco IOS Switch RTR STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000790 - The Cisco multicast switch must be configured to disable Protocol Independent Multicast (PIM) on all interfaces that are not required to support multicast routing. | DISA Cisco IOS Switch RTR STIG v3r3 | Cisco | ACCESS CONTROL |
| DISA STIG VMware vSphere ESXi 6 Security Technical Implementation Guide Version 1 Release 5 | DISA VMware vSphere ESXi 6.0 STIG v1r5 Unix | Unix | |
| DISA_STIG_McAfee_VSEL_1.9.x_2.0.x_Local_Client_v1r6.audit from DISA McAfee VSEL 1.9/2.0 Local Client v1r6 STIG | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | |
| DISA_STIG_McAfee_VSEL_1.9.x_2.0.x_Managed_Client_v1r5.audit from DISA McAfee VSEL 1.9/2.0 Managed Client v1r5 STIG | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | |
| DISA_STIG_Server_2012_and_2012_R2_DC_v3r7.audit from DISA Microsoft Windows Server 2012/2012 R2 Domain Controller v3r7 STIG | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | |
| DISA_STIG_Server_2012_and_2012_R2_MS_v3r7.audit from DISA Microsoft Windows Server 2012/2012 R2 Member Server v3r7 STIG | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | |
| DISA_STIG_VMware_vSphere_8.0_vCenter_Appliance_Photon_OS_4.0_v2r1.audit from DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | |
| IISW-SI-000239 - The IIS 8.5 websites must utilize ports, protocols, and services according to PPSM guidelines. | DISA IIS 8.5 Site v2r9 | Windows | CONFIGURATION MANAGEMENT |
