| 1.3.1 Ensure AIDE is installed | CIS Amazon Linux 2023 Server L1 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.3.1 Ensure AIDE is installed | CIS Red Hat EL8 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.3.1 Ensure AIDE is installed | CIS AlmaLinux OS 8 Server L1 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 6.1.1 Ensure AIDE is installed | CIS AlmaLinux OS 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 6.1.1 Ensure AIDE is installed | CIS AlmaLinux OS 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| Administrative actions are logged | TNS Citrix Hypervisor | Unix | AUDIT AND ACCOUNTABILITY |
| Disable promiscuous mode on all network interfaces | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| Enable only necessary and secure services, protocols, daemons - 'lwsmd' | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| Ensure IP forwarding is disabled | TNS Citrix Hypervisor | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| HP ProCurve - 'Configure login attempts' | TNS HP ProCurve | HPProCurve | ACCESS CONTROL |
| HP ProCurve - 'Configure Management VLAN' | TNS HP ProCurve | HPProCurve | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| HP ProCurve - 'Disable Telnet' | TNS HP ProCurve | HPProCurve | CONFIGURATION MANAGEMENT |
| HP ProCurve - 'Disable TFTP server' | TNS HP ProCurve | HPProCurve | CONFIGURATION MANAGEMENT |
| HP ProCurve - 'Enable ARP protection' | TNS HP ProCurve | HPProCurve | SYSTEM AND COMMUNICATIONS PROTECTION |
| HP ProCurve - 'Enable SFTP' | TNS HP ProCurve | HPProCurve | SYSTEM AND COMMUNICATIONS PROTECTION |
| HP ProCurve - 'Secure Management VLAN is enabled' | TNS HP ProCurve | HPProCurve | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| Install a trusted certificate in place of the default self-signed SSL certificate | TNS Citrix Hypervisor | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Restrict allowed IPv4 addresses used by each VM guest | TNS Citrix Hypervisor | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Snapshots are not present | TNS Citrix Hypervisor | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Ensure default 'admin' username is not used | TNS SonicWALL v5.9 | SonicWALL | IDENTIFICATION AND AUTHENTICATION |
| SonicWALL - Anti-Spyware - WLAN | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - AutoDownload Firmware - Enabled | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Flood Protection - Layer 3 - Attack Threshold | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Flood Protection - Layer 3 - Protection Mode | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Login Banner - Trusted Zone | TNS SonicWALL v5.9 | SonicWALL | ACCESS CONTROL |
| SonicWALL - Password Policy - Affected User types | TNS SonicWALL v5.9 | SonicWALL | IDENTIFICATION AND AUTHENTICATION |
| SonicWALL - Password Policy - Affected User types - limited-admins | TNS SonicWALL v5.9 | SonicWALL | IDENTIFICATION AND AUTHENTICATION |
| SonicWALL - Password Policy - Change Period <=30 days | TNS SonicWALL v5.9 | SonicWALL | IDENTIFICATION AND AUTHENTICATION |
| SonicWALL - PW Policy - Lockout - Num Attempts <=3 | TNS SonicWALL v5.9 | SonicWALL | ACCESS CONTROL |
| SonicWALL - Security Services - IDP - Activated | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Unused Interfaces | TNS SonicWALL v5.9 | SonicWALL | CONFIGURATION MANAGEMENT |
| SonicWALL - Use non default admin access ports - HTTPS | TNS SonicWALL v5.9 | SonicWALL | CONFIGURATION MANAGEMENT |
| SonicWALL - Web Interface - Does not use self-signed cert | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| Use a static IP on the management network interface | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| Use a static IP on the storage network interface | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows 10 v21H2 v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows 11 v22H2 v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows 11 v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows Server v1909 MS v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows Server v2004 MS v1.0.0 | Windows | ACCESS CONTROL |
| User Account Control: Detect application installations and prompt for elevation | MSCT Windows Server 2019 DC v1.0.0 | Windows | ACCESS CONTROL |
| XenServer - All network interfaces are operating in full-duplex mode | TNS Citrix XenServer | Unix | |
| XenServer - Auto-start is not enabled | TNS Citrix XenServer | Unix | |
| XenServer - Enable only necessary and secure services, protocols, daemons - 'sshd' | TNS Citrix XenServer | Unix | CONFIGURATION MANAGEMENT |
| XenServer - Enable QoS on all VM guests | TNS Citrix XenServer | Unix | |
| XenServer - Host is enabled | TNS Citrix XenServer | Unix | |
| XenServer - Passwords stored in 'secrets' are not visible | TNS Citrix XenServer | Unix | |
| XenServer - Restrict allowed IPv4 addresses used by each VM guest | TNS Citrix XenServer | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| XenServer - Use a static IP on the management network interface | TNS Citrix XenServer | Unix | |
