| 1.1 Ensure packages are obtained from authorized repositories | CIS PostgreSQL 10 OS v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.3 Ensure 'Enable Log on High DP Load' is enabled | CIS Palo Alto Firewall 10 v1.2.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 1.1.3 Ensure 'Enable Log on High DP Load' is enabled | CIS Palo Alto Firewall 11 v1.1.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 1.1.3 Ensure 'Enable Log on High DP Load' is enabled | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 1.1.18 - AirWatch - Limit the 'number of messages' for 'Text message limit' | AirWatch - CIS Google Android 4 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.4 SNMP Security - c) SNMP Security Protection Function | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.7 Network & IP Options - 'ip.ping_throttle.drop_level <= 100' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 3.1.11 Set maximum connection limits - MAX_CONNECTIONS | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.11 Set maximum connection limits - MAX_CONNECTIONS | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | ACCESS CONTROL |
| 3.1.11 Set maximum connection limits - MAX_CONNECTIONS | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL |
| 3.1.11 Set maximum connection limits - MAX_COORDAGENTS | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL |
| 3.1.11 Set maximum connection limits - MAX_COORDAGENTS | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | ACCESS CONTROL |
| 3.1.11 Set maximum connection limits - MAX_COORDAGENTS | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.11 Set maximum connection limits - MAX_COORDAGENTS | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.11 Set maximum connection limits - MAXAPPLS | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.11 Set maximum connection limits - MAXAPPLS | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | ACCESS CONTROL |
| 3.3 Authentication and Verification of BGP Routing Protocols | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 5.29 Ensure that the PIDs cgroup limit is used | CIS Docker v1.7.0 L1 Docker - Linux | Unix | CONFIGURATION MANAGEMENT |
| 9.3 Ensure MaxKeepAliveRequests Is Set Properly | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.3 Ensure MaxKeepAliveRequests Is Set Properly | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.3 Ensure MaxKeepAliveRequests is Set to a Value of 100 or Greater | CIS Apache HTTP Server 2.4 v2.2.0 L1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 10.2 Ensure the LimitRequestFields Directive is Set to 100 or Less | CIS Apache HTTP Server 2.4 v2.2.0 L2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 18.10.16.1 (L1) Ensure 'Download Mode' is NOT set to 'Enabled: Internet' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.16.1 (L1) Ensure 'Download Mode' is NOT set to 'Enabled: Internet' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NG | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 22.1 (L1) Ensure 'DO Download Mode' is NOT set to 'HTTP blended with Internet Peering' | CIS Microsoft Intune for Windows 10 v3.0.1 L1 | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 23.1 (L1) Ensure 'DO Download Mode' is NOT set to 'HTTP blended with Internet Peering' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 100. OpenStack Identity - Policy.json - 'identity:list_policies' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 100. OpenStack Networking - Policy.json - 'get_subnet' | TNS OpenStack Neutron/Networking Security Guide | Unix | ACCESS CONTROL |
| Buffer overflow protection should be configured 'LimitRequestFields' | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Buffer overflow protection should be configured 'LimitRequestFieldsize' | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Buffer overflow protection should be configured 'LimitRequestFieldsize' | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DKER-EE-002780 - PIDs cgroup limits must be used in Docker Enterprise. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTAVSEL-100 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to run a scheduled On-Demand scan at least once a week. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| ESXI-80-000113 - The ESXi host must allocate audit record storage capacity to store at least one week's worth of audit records. | DISA VMware vSphere 8.0 ESXi STIG v2r3 | VMware | AUDIT AND ACCOUNTABILITY |
| ESXi: esxi-8.logs-audit-local-capacity | VMware vSphere Security Configuration and Hardening Guide | VMware | AUDIT AND ACCOUNTABILITY |
| EX13-EG-000315 - The Exchange SMTP automated banner response must not reveal server details. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-MB-000325 - The Exchange SMTP automated banner response must not reveal server details. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000630 - The Exchange SMTP automated banner response must not reveal server details. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000630 - The Exchange SMTP automated banner response must not reveal server details. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000650 - The Exchange SMTP automated banner response must not reveal server details. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| FGFW-ND-000105 - The FortiGate device must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| JUEX-NM-000420 - The Juniper EX switch must be configured to generate an immediate real-time alert of all audit failure events requiring real-time alerts. | DISA Juniper EX Series Network Device Management v2r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| MaxKeepAliveRequests parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| MaxKeepAliveRequests parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MaxKeepAliveRequests parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG110 A22 - The number of allowed simultaneous requests must be set. | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG110 A22 - The number of allowed simultaneous requests must be set. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG110 W22 - The number of allowed simultaneous requests must be set. | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WINER-000012 - The maximum number of error reports to archive on a system must be configured to 100 or greater. | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WN10-CC-000206 - Windows Update must not obtain updates from other PCs on the internet. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
