| 1.7.1 Ensure 'HTTP source restriction' is set to an authorized IP address | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| 2.6 Ensure Password Complexity is Configured - validate_password_length | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.6 Ensure Password Complexity is Configured - validate_password_length | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.6 Ensure Password Complexity is Configured - validate_password_mixed_case_count | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.6 Ensure Password Complexity is Configured - validate_password_number_count | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.6 Ensure Password Complexity is Configured - validate_password_number_count | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.6 Ensure Password Complexity is Configured - validate_password_policy | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.6 Ensure Password Complexity is Configured - validate_password_policy | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.6 Ensure Password Complexity is Configured - validate_password_special_char_count | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.6 Ensure Password Complexity is Configured - validate_password_special_char_count | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.7 Ensure Password Complexity is Configured - validate_password_check_user_name | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.7 Ensure Password Complexity is Configured - validate_password_check_user_name | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.7 Ensure Password Complexity is Configured - validate_password_dictionary_file | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.7 Ensure Password Complexity is Configured - validate_password_length | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.7 Ensure Password Complexity is Configured - validate_password_mixed_case_count | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.7 Ensure Password Complexity is Configured - validate_password_number_count | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.7 Ensure Password Complexity is Configured - validate_password_number_count | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.7 Ensure Password Complexity is Configured - validate_password_special_char_count | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 3.1.8 Ensure the maximum log file lifetime is set correctly | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.8 Ensure the maximum log file lifetime is set correctly | CIS PostgreSQL 9.6 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.8 Ensure the maximum log file lifetime is set correctly | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.8 Ensure the maximum log file lifetime is set correctly | CIS PostgreSQL 14 DB v 1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.8 Ensure the maximum log file lifetime is set correctly | CIS PostgreSQL 15 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.8 Ensure the maximum log file lifetime is set correctly | CIS PostgreSQL 16 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure that MongoDB only listens for network connections on authorized interfaces | CIS MongoDB 3.6 L1 Windows Audit v1.1.0 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2 Ensure that MongoDB only listens for network connections on authorized interfaces | CIS MongoDB 3.6 L1 Unix Audit v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| Auto Backup via central management is not available or not configured. | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | CONTINGENCY PLANNING |
| Ensure 'Host Name' is set | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure 'Image Integrity' is correct | Tenable Cisco Firepower Best Practices Audit | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| Ensure 'ip verify' is set to 'reverse-path' for untrusted interfaces | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure 'logging buffer size' is greater than or equal to '524288' bytes (512kb) | Tenable Cisco Firepower Best Practices Audit | Cisco | AUDIT AND ACCOUNTABILITY |
| Ensure 'logging to monitor' is disabled | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure 'logging' is enabled | Tenable Cisco Firepower Best Practices Audit | Cisco | AUDIT AND ACCOUNTABILITY |
| Ensure 'OSPF authentication' is enabled | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure 'Password Policy' is enabled - minimum-length | Tenable Cisco Firepower Best Practices Audit | Cisco | IDENTIFICATION AND AUTHENTICATION |
| Ensure 'SNMP community string' is not the default string | Tenable Cisco Firepower Best Practices Audit | Cisco | IDENTIFICATION AND AUTHENTICATION |
| Ensure 'SNMP traps' is enabled - coldstart | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure 'snmp-server group' is set to 'v3 priv' | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure 'snmp-server host' is set to 'version 3' | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure 'SSH source restriction' is set to an authorized IP address | Tenable Cisco Firepower Best Practices Audit | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure 'TACACS+/RADIUS' is configured correctly - protocol | Tenable Cisco Firepower Best Practices Audit | Cisco | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| Ensure 'threat-detection statistics' is set to 'tcp-intercept' | Tenable Cisco Firepower Best Practices Audit | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure 'Unused Interfaces' is disable | Tenable Cisco Firepower Best Practices Audit | Cisco | ACCESS CONTROL |
| Ensure DNS services are configured correctly - domain-lookup | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure intrusion prevention is enabled for untrusted interfaces | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure known default accounts do not exist | Tenable Cisco Firepower Best Practices Audit | Cisco | IDENTIFICATION AND AUTHENTICATION |
| Fortigate - AAA - RADIUS server is trusted | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| Fortigate - Review the patch update method | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| Fortigate - Review users with admin privileges | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | ACCESS CONTROL |
| Fortigate - SNMP v3 is not enabled | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
