| 2.1.1.4 Audit Security Keys Used With Apple Accounts | CIS Apple macOS 15.0 Sequoia v1.0.0 L2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.2.1.4 Ensure 'Force encrypted backups' is set to 'Enabled' | AirWatch - CIS Apple iOS 17 Benchmark v1.1.0 End User Owned L1 | MDM | CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.3.10 Ensure Media Sharing Is Disabled | CIS Apple macOS 14.0 Sonoma v2.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.3.10 Ensure Media Sharing Is Disabled | CIS Apple macOS 13.0 Ventura v3.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.4.1 Ensure 'Allow simple value' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.4.1 Ensure 'Allow simple value' is set to 'Disabled' | MobileIron - CIS Apple iOS 17 v1.1.0 End User Owned L1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.4.1 Ensure 'Allow simple value' is set to 'Disabled' | MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.4.2 Ensure 'Require alphanumeric value' is set to 'Enabled' | MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.4.2 Ensure 'Require alphanumeric value' is set to 'Enabled' | MobileIron - CIS Apple iOS 17 v1.1.0 End User Owned L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.4.2 Ensure 'Require alphanumeric value' is set to 'Enabled' | AirWatch - CIS Apple iOS 17 v1.1.0 End User Owned L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.4.2 Ensure 'Require alphanumeric value' is set to 'Enabled' | AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.4.12 Ensure Media Sharing Is Disabled | CIS Apple macOS 12.0 Monterey v4.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.7.1 iCloud configuration | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | |
| 2.7.2 Ensure 'Allow Mail Drop' is set to 'Disabled' | MobileIron - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.7.2 Ensure 'Allow Mail Drop' is set to 'Disabled' | MobileIron - CIS Apple iOS 17 v1.1.0 End User Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 2.7.2 Ensure 'Allow Mail Drop' is set to 'Disabled' | AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | ACCESS CONTROL, MEDIA PROTECTION |
| 3.4 Ensure SQL Authentication is not used in contained databases | CIS SQL Server 2012 Database L1 AWS RDS v1.6.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 3.4 Ensure SQL Authentication is not used in contained databases | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 6.5.1 (L1) Host SSH daemon, if enabled, must use FIPS 140-2/140-3 validated ciphers | CIS VMware ESXi 8.0 v1.1.0 L1 Bare Metal | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.13 Apple Watch features with macOS | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | ACCESS CONTROL |
| Adtran : Device Info | TNS Adtran AOS Best Practice Audit | Adtran | CONFIGURATION MANAGEMENT |
| Adtran : Device Version | TNS Adtran AOS Best Practice Audit | Adtran | CONFIGURATION MANAGEMENT |
| Ensure 'EIGRP authentication' is enabled | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure 'HTTP session timeout' is set to organzational policy | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | ACCESS CONTROL |
| Ensure 'HTTP source restriction' is set to an authorized IP address | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | ACCESS CONTROL |
| Ensure 'ip verify' is set to 'reverse-path' for untrusted interfaces | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure 'logging buffered severity ' is greater than or equal to '3' | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
| Ensure 'logging trap' is enabled | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
| Ensure 'logging with timestamps' is enabled - show logging | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
| Ensure 'RIP authentication' is enabled | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure 'SNMP community string' is not the default string | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | IDENTIFICATION AND AUTHENTICATION |
| Ensure 'SNMP traps' is enabled - coldstart | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
| Ensure 'SNMP traps' is enabled - linkdown | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
| Ensure 'SNMP traps' is enabled - linkup | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
| Ensure 'snmp-server group' is set to 'v3 priv' | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
| Ensure 'snmp-server group' is set to 'v3 priv' - show snmp-server | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | CONFIGURATION MANAGEMENT |
| Ensure 'threat-detection statistics' is set to 'tcp-intercept' | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure 'TLS 1.0' is set for HTTPS access | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure 'Unused Interfaces' is disable | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | ACCESS CONTROL |
| Ensure DHCP services are disabled for untrusted interfaces - dhcpd | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | CONFIGURATION MANAGEMENT |
| Ensure email logging is configured for critical to emergency | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
| Ensure email logging is enabled | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
| Ensure packet fragments are restricted for untrusted interfaces | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | SYSTEM AND COMMUNICATIONS PROTECTION |
| Extreme : Device Info | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | CONFIGURATION MANAGEMENT |
| Extreme : License Info | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | CONFIGURATION MANAGEMENT |
| Extreme : switch Info | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | CONFIGURATION MANAGEMENT |
| Huawei: HTTPS Server is configured | TNS Huawei VRP Best Practice Audit | Huawei | |
| Huawei: HTTPS Server is not configured | TNS Huawei VRP Best Practice Audit | Huawei | |
| Huawei: Review Device Info/Version | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| WatchGuard : Review ABS Policy Listing | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | ACCESS CONTROL |
