| 1.1 Secure Login and Telnet Disabling - Enable SSH server | Tenable ZTE ROSNG | ZTE_ROSNG | CONFIGURATION MANAGEMENT |
| 1.1.3.2.1.1 Ensure 'Allow Trusted Locations on the network' is set to Disabled | CIS Microsoft Office Access 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.2 Password Security Policy - a) The default password length shouldn't be below 8 characters | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 1.2 Password Security Policy - c) Configure 'strong-password dictionary' and 'same-consecutive' to avoid weak password - strong-password dictionary | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 1.2 Password Security Policy - d) Check either of the following words exist in configuration file | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 1.2 Password Security Policy - e) Check for strong-password max-length | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 1.2 Password Security Policy - e) Check for strong-password max-length - strong-password date-check enable | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 1.3 Ensure Install of macOS Updates Is Enabled | CIS Apple macOS 15.0 Sequoia v2.0.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.3 Ensure Install of macOS Updates Is Enabled | CIS Apple macOS 26 Tahoe v1.0.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.4 Ensure Install of macOS Updates Is Enabled | CIS Apple macOS 13.0 Ventura v4.0.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.4 Ensure Install of macOS Updates Is Enabled | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.4 Ensure Install of macOS Updates Is Enabled | CIS Apple macOS 14.0 Sonoma v3.0.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.4 Ensure Install of macOS Updates Is Enabled | CIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.4 Ensure Install of macOS Updates Is Enabled | CIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.4 SNMP Security - a) SNMP Community Security | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 1.4 SNMP Security - b) SNMP server | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.4.7.2.3.1 Ensure 'Allow Trusted Locations on The Network' to Disabled | CIS Microsoft Office Excel 2013 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.7.2.3.1 Ensure 'Allow Trusted Locations on The Network' to Disabled | CIS Microsoft Office Excel 2016 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.5 FTP/SFTP Access Authorization - login-type-allowed | Tenable ZTE ROSNG | ZTE_ROSNG | CONFIGURATION MANAGEMENT |
| 1.6 Ensure Install of macOS Updates Is Enabled | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.6 Ensure Install of macOS Updates Is Enabled | CIS Apple macOS 12.0 Monterey v4.0.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.6 Ensure Install of macOS Updates Is Enabled | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.6 Ensure Install of macOS Updates Is Enabled | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.6 Support Web Access Security - a) ciphersuite | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6 Support Web Access Security - b) ssl-context field | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8 SSH Strong Algorithm - e) Disable encryption aes256-cbc | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8 SSH Strong Algorithm - g) Disable hmac md5 | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8.7.2.3.1 Ensure 'Allow Trusted Locations on the Network' is set to Disabled | CIS Microsoft Office Word 2013 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.9 SSL Strong Algorithm - a) Version | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.9 SSL Strong Algorithm - b) ciphersuite | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2 NTP Security Protection - b) NTP access-group | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2 NTP Security Protection - c) NTP Auth-key encrypted | Tenable ZTE ROSNG | ZTE_ROSNG | AUDIT AND ACCOUNTABILITY |
| 2.3 Disable the Proxy ARP Function - d) No local-proxy-arp | Tenable ZTE ROSNG | ZTE_ROSNG | CONFIGURATION MANAGEMENT |
| 2.3.3.9 Ensure Media Sharing Is Disabled | CIS Apple macOS 14.0 Sonoma v3.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.3.10 Ensure Media Sharing Is Disabled | CIS Apple macOS 13.0 Ventura v4.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.4.12 Ensure Media Sharing Is Disabled | CIS Apple macOS 12.0 Monterey v4.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.5 Product Default Banner | Tenable ZTE ROSNG | ZTE_ROSNG | ACCESS CONTROL |
| 4.11 Install verified packages only | CIS Docker 1.12.0 v1.0.0 L2 Docker | Unix | CONFIGURATION MANAGEMENT |
| 5.3.2.2.2 Ensure password number of changed characters is configured | CIS SUSE Linux Enterprise 15 v2.0.1 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.2.2.2 Ensure password number of changed characters is configured | CIS SUSE Linux Enterprise 15 v2.0.1 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
| EX19-MB-000124 - Exchange Message size restrictions must be controlled on Receive connectors. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| F5BI-DM-000277 - The BIG-IP appliance must create backups of system-level information contained in the information system when changes occur or weekly, whichever is sooner. | DISA F5 BIG-IP Device Management STIG v2r4 | F5 | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING |
| FGFW-ND-000185 - The FortiGate device must support organizational requirements to conduct backups of information system documentation, including security-related documentation, when changes occur or weekly, whichever is sooner. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING |
| JUNI-ND-001400 - The Juniper router must be configured to support organizational requirements to conduct backups of the configuration when changes occur. | DISA STIG Juniper Router NDM v3r2 | Juniper | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING |
| TNS_Salesforce_Best_Practices_v1.2.0.audit from TNS Salesforce Best Practices Audit v1.2.0 | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| WBLC-01-000033 - Oracle WebLogic must enforce the organization-defined time period during which the limit of consecutive invalid access attempts by a user is counted. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WBLC-01-000033 - Oracle WebLogic must enforce the organization-defined time period during which the limit of consecutive invalid access attempts by a user is counted. | Oracle WebLogic Server 12c Windows v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WBLC-01-000033 - Oracle WebLogic must enforce the organization-defined time period during which the limit of consecutive invalid access attempts by a user is counted. | Oracle WebLogic Server 12c Linux v2r2 | Unix | CONFIGURATION MANAGEMENT |
| WG400 A22 - All interactive programs (CGI) must be placed in a designated directory with appropriate permissions. | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | ACCESS CONTROL |
| WG400 A22 - All interactive programs (CGI) must be placed in a designated directory with appropriate permissions. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | ACCESS CONTROL |
