| 1.6.2 Ensure 'SSH version 2' is enabled | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.11 Disable Apache services - Make sure that network/http:apache2 is disabled. | CIS Solaris 10 L1 v5.2 | Unix | |
| 6.3 Ensure 'log_error_verbosity' is Set to '2' | CIS MySQL 8.0 Community Database L2 v1.1.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 18.6.4.1 (L1) Ensure 'Configure NetBIOS settings' is set to 'Enabled: Disable NetBIOS name resolution on public networks' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows Server 2019 Stand-alone v2.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.9 (L1) Ensure 'Manage processing of Queue-specific files' is set to 'Enabled: Limit Queue-specific files to Color profiles' | CIS Microsoft Windows Server 2019 v3.0.1 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.9 (L1) Ensure 'Manage processing of Queue-specific files' is set to 'Enabled: Limit Queue-specific files to Color profiles' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.9 (L1) Ensure 'Manage processing of Queue-specific files' is set to 'Enabled: Limit Queue-specific files to Color profiles' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.9 (L1) Ensure 'Manage processing of Queue-specific files' is set to 'Enabled: Limit Queue-specific files to Color profiles' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.11 (L1) Ensure 'Manage processing of Queue-specific files' is set to 'Enabled: Limit Queue-specific files to Color profiles' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.18.3 (L1) Ensure 'Enable App Installer Hash Override' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.76.1.3 (L1) Ensure 'Notify Password Reuse' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTOO190 - The encryption type for password protected Office 97 thru Office 2003 must be set. | DISA Microsoft Office System 2016 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Enable IKE Version 1/2 - cipher-suite | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption type for password protected Office 97-2003 files | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption type for password protected Office 97-2003 files | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure DHCP services are disabled for untrusted interfaces - dhcpd | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure SSH Protocol is set to 2 | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Excel 2 macrosheets and add-in files | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Excel 2 macrosheets and add-in files | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IIST-SI-000203 - A private IIS 10.0 website must only accept Secure Socket Layer (SSL) connections. | DISA IIS 10.0 Site v2r11 | Windows | ACCESS CONTROL |
| IISW-SI-000204 - A public IIS 8.5 website must only accept Secure Socket Layer connections when authentication is required. | DISA IIS 8.5 Site v2r9 | Windows | ACCESS CONTROL |
| IISW-SV-000154 - A web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version. | DISA IIS 8.5 Server v2r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000008 - Office applications must be configured to specify encryption type in password-protected Office 97-2003 files. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000255 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance when encrypting stored data - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000259 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000322 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Remove file extensions blocked as Level 2 | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Remove file extensions blocked as Level 2 | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Remove file extensions blocked as Level 2 | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL4-00-031100 - SQL Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations. | DISA STIG SQL Server 2014 Instance OS Audit v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-08-000237 - Oracle WebLogic must limit the use of resources by priority and not impede the host from servicing processes designated as a higher-priority. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-08-000237 - Oracle WebLogic must limit the use of resources by priority and not impede the host from servicing processes designated as a higher-priority. | Oracle WebLogic Server 12c Linux v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-08-000237 - Oracle WebLogic must limit the use of resources by priority and not impede the host from servicing processes designated as a higher-priority. | Oracle WebLogic Server 12c Windows v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
