| 1.6.2 Ensure 'SSH version 2' is enabled | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.2 Ensure 'SSH version 2' is enabled | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4 Ensure the SharePoint setup account is configured with the minimum privileges on the SQL server. | CIS Microsoft SharePoint 2019 DB v1.0.0 | MS_SQLDB | |
| 2.5 Ensure the SharePoint setup account is configured with the minimum privileges on the SQL server - db_owner | CIS Microsoft SharePoint 2016 DB v1.1.0 | MS_SQLDB | ACCESS CONTROL |
| 2.5 Ensure the SharePoint setup account is configured with the minimum privileges on the SQL server. | CIS Microsoft SharePoint 2016 DB v1.1.0 | MS_SQLDB | |
| 2.6 Ensure the SharePoint farm service account (database access account) is configured with the minimum privileges on the SQL server - Owner | CIS Microsoft SharePoint 2016 DB v1.1.0 | MS_SQLDB | ACCESS CONTROL |
| 2.6 Ensure the SharePoint farm service account (database access account) is configured with the minimum privileges on the SQL server - Roles | CIS Microsoft SharePoint 2016 DB v1.1.0 | MS_SQLDB | |
| 3.8 Ensure the Lock File Is Secured - 'LockFile directory' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | ACCESS CONTROL |
| 3.8 Ensure the Lock File Is Secured - 'LockFile directory' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | ACCESS CONTROL |
| 3.8 Ensure the Lock File Is Secured - 'LockFile directory' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | ACCESS CONTROL |
| 3.8 Ensure the Lock File Is Secured - 'LockFile permissions' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | ACCESS CONTROL |
| 3.8 Ensure the Lock File Is Secured - 'LockFile permissions' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | ACCESS CONTROL |
| 6.1.2 Set SSH Protocol to 2 - Check if Protocol is set to 2 and not commented for client. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.3 Ensure 'log_error_verbosity' is Set to '2' | CIS Oracle MySQL Enterprise Edition 8.4 v1.1.0 L2 MySQL RDBMS MySQLDB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.3 Ensure 'log_error_verbosity' is Set to '2' | CIS Oracle MySQL Enterprise Edition 8.4 v1.1.0 L2 MySQL RDBMS on Linux MySQLDB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.3 Ensure 'log_error_verbosity' is Set to '2' | CIS Oracle MySQL Community Server 8.0 v1.2.0 L2 MySQL RDBMS MySQLDB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.3 Ensure 'log_warnings' is Set to '2' | CIS MySQL 5.6 Community Database L2 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.3 Ensure 'log_warnings' is Set to '2' | CIS MariaDB 10.11 v1.0.0 L2 MariaDB RDBMS on Linux MySQLDB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.3 Ensure 'log_warnings' is Set to '2' | CIS MariaDB 10.6 Database L2 v1.1.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.3 Ensure 'log_warnings' Is Set to '2' | CIS MySQL 5.6 Enterprise Database L2 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 6.4 Ensure That the Cloud SQL Database Instance Requires All Incoming Connections To Use SSL | CIS Google Cloud Platform Foundation v4.0.0 L1 | GCP | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2.1 Centralized Logging and Reporting | CIS FortiGate 7.4.x v1.0.1 L2 | FortiGate | AUDIT AND ACCOUNTABILITY |
| 7.3.1 Centralized Logging and Reporting | CIS Fortigate 7.0.x v1.4.0 L2 | FortiGate | AUDIT AND ACCOUNTABILITY |
| 18.6.7.4 (L1) Ensure 'Enable authentication rate limiter' is set to 'Enabled' | CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.6.7.7 (L1) Ensure 'Set authentication rate limiter delay (milliseconds)' is set to 'Enabled: 2000' or more | CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows Server 2016 v4.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 (L1) Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows Server 2025 v2.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 11 Enterprise v5.0.1 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 11 Enterprise v5.0.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.7.2 Ensure 'Configure Redirection Guard' is set to 'Enabled: Redirection Guard Enabled' | CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.77.1.5 Ensure 'Service Enabled' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v5.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| ARST-L2-000220 - The Arista MLS layer 2 switch must have the native VLAN assigned to an ID other than the default VLAN for all 802.1q trunk links. | DISA STIG Arista MLS EOS 4.2x L2S v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-L2-000220 - The Arista MLS layer 2 switch must have the native VLAN assigned to an ID other than the default VLAN for all 802.1q trunk links. | DISA Arista MLS EOS 4.X L2S STIG v2r3 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| Enable IKE Version 1/2 - cipher-suite | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure SSH Protocol is set to 2 | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Excel 2 macrosheets and add-in files | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| F5BI-AP-300042 - The F5 BIG-IP appliance that intermediary services for FTP must inspect inbound and outbound FTP communications traffic for protocol compliance and protocol anomalies. | DISA F5 BIG-IP TMOS ALG STIG v1r2 | F5 | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| IBMW-LS-000520 - The WebSphere Liberty Server must use FIPS 140-2 approved encryption modules when authenticating users and processes. | DISA IBM WebSphere Liberty Server STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000209 - A public OHS installation, if hosted on the NIPRNet, must be isolated in an accredited DoD DMZ Extension. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| Remove file extensions blocked as Level 2 | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Flood Protection - Layer 2 - WAN machines | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL4-00-031100 - SQL Server must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations. | DISA STIG SQL Server 2014 Instance OS Audit v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
