| 4.2.1 Ensure IS-IS neighbor authentication is set to MD5 | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 4.2.3 Ensure authentication check is not suppressed | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 4.2.5 Ensure IS-IS Hello authentication check is not suppressed | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 4.2.6 Ensure PSNP authentication check is not set to suppressed | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 4.2.7 Ensure CSNP authentication check is not set to suppressed | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 4.5.2 Ensure RIP is set to check for zero values in reserved fields | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | CONFIGURATION MANAGEMENT |
| 4.10.31.1 (L1) Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 4.10.31.1 (L1) Ensure 'Enable RPC Endpoint Mapper Client Authentication' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 6.11.2 Ensure Auxiliary Port is Set as Insecure If Used | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| APPNET0064 - .Net applications that invoke NetFx40_LegacySecurityPolicy must apply previous versions of .NET STIG guidance. | DISA Microsoft DotNet Framework 4.0 STIG v2r7 | Windows | CONFIGURATION MANAGEMENT |
| CISC-RT-000730 - The Cisco PE router must be configured to block any traffic that is destined to IP core infrastructure. | DISA Cisco IOS XR Router RTR STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000730 - The Cisco PE router must be configured to block any traffic that is destined to IP core infrastructure. | DISA Cisco IOS Router RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000730 - The Cisco PE router must be configured to block any traffic that is destined to IP core infrastructure. | DISA Cisco IOS XE Router RTR STIG v3r5 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| DISA_F5_BIG-IP_AFM_v2r2.audit from DISA F5 BIG-IP Advanced Firewall Manager v2r2 STIG | DISA F5 BIG-IP Advanced Firewall Manager STIG v2r2 | F5 | |
| DISA_F5_BIG-IP_APM_v2r4.audit from DISA F5 BIG-IP Access Policy Manager v2r4 STIG | DISA F5 BIG-IP Access Policy Manager STIG v2r4 | F5 | |
| DISA_F5_BIG-IP_ASM_v2r2.audit from DISA F5 BIG-IP Application Security Manager v2r2 STIG | DISA F5 BIG-IP Application Security Manager STIG v2r2 | F5 | |
| DISA_F5_BIG-IP_Device_Management_v2r4.audit from DISA F5 BIG-IP Device Management v2r4 STIG | DISA F5 BIG-IP Device Management STIG v2r4 | F5 | |
| DISA_F5_BIG-IP_LTM_v2r4.audit from DISA F5 BIG-IP Local Traffic Manager v2r4 STIG | DISA F5 BIG-IP Local Traffic Manager STIG v2r4 | F5 | |
| DISA_STIG_Apache_Server-2.2_Windows_v1r13.audit from DISA APACHE 2.2 Server for Windows v1r13 STIG | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | |
| DISA_STIG_Apache_Server-2.4_Windows_v3r3.audit from DISA Apache Server 2.4 Windows Server v3r3 STIG | DISA STIG Apache Server 2.4 Windows Server v3r3 | Windows | |
| DISA_STIG_Apache_Site-2.2_Windows_v1r13.audit from DISA APACHE 2.2 Site for Windows v1r13 STIG | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | |
| DISA_STIG_Apache_Site-2.4_Unix_v2r6.audit from DISA Apache Server 2.4 UNIX Site v2r6 STIG | DISA STIG Apache Server 2.4 Unix Site v2r6 | Unix | |
| DISA_STIG_Docker_Enterprise_2.x_Linux_Unix_DTR_v2r2.audit from DISA Docker Enterprise 2.x Linux/UNIX v2r2 STIG | DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2 | Unix | |
| DISA_STIG_Docker_Enterprise_2.x_Linux_Unix_UCP_v2r2.audit from DISA Docker Enterprise 2.x Linux/UNIX v2r2 STIG | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2 | Unix | |
| DISA_STIG_Docker_Enterprise_2.x_Linux_Unix_v2r2.audit from DISA Docker Enterprise 2.x Linux/UNIX v2r2 STIG | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | |
| DISA_STIG_EDB_PostgreSQL_Advanced_Server_v11_Windows_v2r4_OS.audit from DISA EDB Postgres Advanced Server v11 on Windows v2r4 STIG | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | |
| DISA_STIG_Microsoft_Excel_2010_v1r11.audit for Microsoft Excel 2010, from DISA STIG Microsoft Excel 2010 v1r11 | DISA STIG Office 2010 Excel v1r11 | Windows | |
| DISA_STIG_Microsoft_Exchange_2013_Client_Access_Server_v2r2.audit from DISA Microsoft Exchange 2013 Client Access Server v2r2 STIG | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DISA_STIG_Microsoft_Project_2016_v1r1.audit for Microsoft Project 2016, from DISA STIG Microsoft Project 2016 v1r1 | DISA STIG Microsoft Project 2016 v1r1 | Windows | |
| DISA_STIG_Microsoft_Publisher_2016_v1r3.audit for Microsoft Publisher 2016, from DISA STIG Microsoft Publisher 2016 v1r3 | DISA STIG Microsoft Publisher 2016 v1r3 | Windows | |
| DISA_STIG_Microsoft_Windows_2012_Server_DNS_v2r7.audit from DISA Microsoft Windows 2012 Server Domain Name System v2r7 STIG | DISA Microsoft Windows 2012 Server Domain Name System STIG v2r7 | Windows | |
| DISA_STIG_MongoDB_Enterprise_Advanced_3.x_OS_Linux_v2r3.audit from DISA MongoDB Enterprise Advanced 3.x v2r3 STIG | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | |
| DISA_STIG_Splunk_Enterprise_7.x_for_Windows_OS_v3r2.audit from DISA Splunk Enterprise 7.x for Windows v3r2 STIG | DISA STIG Splunk Enterprise 7.x for Windows v3r2 OS | Windows | |
| DISA_STIG_Splunk_Enterprise_7.x_for_Windows_REST_API_v3r2.audit from DISA Splunk Enterprise 7.x for Windows v3r2 STIG | DISA STIG Splunk Enterprise 7.x for Windows v3r2 REST API | Splunk | |
| DISA_STIG_Splunk_Enterprise_8.x_for_Linux_OS_v2r3.audit from DISA Splunk Enterprise 8.x for Linux v2r3 STIG | DISA STIG Splunk Enterprise 8.x for Linux v2r3 STIG OS | Unix | |
| DISA_STIG_Splunk_Enterprise_8.x_for_Linux_REST_API_v2r3.audit from DISA Splunk Enterprise 8.x for Linux v2r3 STIG | DISA STIG Splunk Enterprise 8.x for Linux v2r3 STIG REST API | Splunk | |
| DISA_STIG_VMware_vSphere_7.0_Photon_OS_v1r4.audit from DISA VMware vSphere 7.0 vCenter Appliance Photon OS v1r4 STIG | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | |
| DISA_STIG_VMware_vSphere_7.0_vCA_PostgreSQL_v1r2.audit from DISA VMware vSphere 7.0 vCenter Appliance PostgreSQL v1r2 STIG | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | |
| DISA_STIG_Windows_Firewall_v2r2.audit from DISA Microsoft Windows Defender Firewall with Advanced Security v2r2 STIG | DISA Microsoft Windows Defender Firewall with Advanced Security STIG v2r2 | Windows | |
| DISA_VMware_vSphere_8.0_vCenter_Appliance_Lookup_Service_STIG_v2r1.audit from DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | |
| DISA_VMware_vSphere_8.0_vCenter_Appliance_Perfcharts_STIG_v2r1.audit from DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1 | DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1 | Unix | |
| GEN002860 - Audit logs must be rotated daily. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| IIST-SI-000239 - The IIS 10.0 websites must use ports, protocols, and services according to Ports, Protocols, and Services Management (PPSM) guidelines. | DISA IIS 10.0 Site v2r14 | Windows | CONFIGURATION MANAGEMENT |
| JUSX-DM-000030 - For local accounts created on the device, the Juniper SRX Services Gateway must enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period. | DISA Juniper SRX Services Gateway NDM v3r3 | Juniper | ACCESS CONTROL |
| JUSX-DM-000096 - The Juniper SRX Services Gateway must be configured to use an authentication server to centrally apply authentication and logon settings for remote and nonlocal access for device management. | DISA Juniper SRX Services Gateway NDM v3r3 | Juniper | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| JUSX-DM-000109 - For nonlocal maintenance sessions, the Juniper SRX Services Gateway must remove or explicitly deny the use of nonsecure protocols. | DISA Juniper SRX Services Gateway NDM v3r3 | Juniper | CONFIGURATION MANAGEMENT |
| JUSX-DM-000114 - The Juniper SRX Services Gateway must ensure TCP forwarding is disabled for SSH to prevent unauthorized access. | DISA Juniper SRX Services Gateway NDM v3r3 | Juniper | CONFIGURATION MANAGEMENT |
| JUSX-DM-000163 - The Juniper SRX Services Gateway must limit the number of sessions per minute to an organization-defined number for SSH to protect remote access management from unauthorized access. | DISA Juniper SRX Services Gateway NDM v3r3 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-IP-000002 - The Juniper Networks SRX Series Gateway IDPS must enforce approved authorizations by restricting or blocking the flow of harmful or suspicious communications traffic within the network as defined in the PPSM CAL and vulnerability assessments. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | ACCESS CONTROL |
| JUSX-IP-000010 - The Juniper Networks SRX Series Gateway IDPS must install updates for predefined signature objects, applications signatures, IDPS policy templates, and device software when new releases are available in accordance with organizational configuration management policy and procedures. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
