| 1.1.2 Enable 'aaa authentication login' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL |
| 1.8 Ensure 'Attachment Filtering Agent' is configured | CIS Microsoft Exchange Server 2019 L1 Edge v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.9 (L1) Host must restrict access to a default or native VLAN on standard virtual switches | CIS VMware ESXi 8.0 v1.3.0 L1 VMware | VMware | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 (L1) Ensure port groups are not configured to the value of the native VLAN | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure port groups are not configured to the value of the native VLAN | CIS VMware ESXi 6.7 v1.3.0 Level 1 | VMware | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure port groups are not configured to the value of the native VLAN | CIS VMware ESXi 6.5 v1.0.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| ARST-L2-000150 - The Arista MLS layer 2 switch must enable Unidirectional Link Detection (UDLD) to protect against one-way connections. | DISA STIG Arista MLS EOS 4.2x L2S v2r1 | Arista | CONFIGURATION MANAGEMENT |
| ARST-L2-000160 - The Arista MLS layer 2 switch must have all trunk links enabled statically. | DISA Arista MLS EOS 4.X L2S STIG v2r3 | Arista | CONFIGURATION MANAGEMENT |
| ARST-L2-000160 - The Arista MLS layer 2 switch must have all trunk links enabled statically. | DISA STIG Arista MLS EOS 4.2x L2S v2r1 | Arista | CONFIGURATION MANAGEMENT |
| CISC-L2-000100 - The Cisco switch must have BPDU Guard enabled on all user-facing or untrusted access switch ports. | DISA Cisco NX OS Switch L2S STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-L2-000120 - The Cisco switch must have Unknown Unicast Flood Blocking (UUFB) enabled. | DISA Cisco IOS XE Switch L2S STIG v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-L2-000120 - The Cisco switch must have Unknown Unicast Flood Blocking (UUFB) enabled. | DISA Cisco NX OS Switch L2S STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-L2-000120 - The Cisco switch must have Unknown Unicast Flood Blocking (UUFB) enabled. | DISA Cisco IOS Switch L2S STIG v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-L2-000200 - The Cisco switch must have all trunk links enabled statically. | DISA Cisco IOS Switch L2S STIG v3r1 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-L2-000200 - The Cisco switch must have all trunk links enabled statically. | DISA Cisco IOS XE Switch L2S STIG v3r2 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-L2-000210 - The Cisco switch must have all disabled switch ports assigned to an unused VLAN. | DISA Cisco IOS Switch L2S STIG v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-L2-000220 - The Cisco switch must not have the default VLAN assigned to any host-facing switch ports. | DISA Cisco NX OS Switch L2S STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-L2-000220 - The Cisco switch must not have the default VLAN assigned to any host-facing switch ports. | DISA Cisco IOS Switch L2S STIG v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-L2-000220 - The Cisco switch must not have the default VLAN assigned to any host-facing switch ports. | DISA Cisco IOS XE Switch L2S STIG v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-L2-000250 - The Cisco switch must have all user-facing or untrusted ports configured as access switch ports. | DISA Cisco NX OS Switch L2S STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-L2-000250 - The Cisco switch must have all user-facing or untrusted ports configured as access switch ports. | DISA Cisco IOS XE Switch L2S STIG v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-L2-000250 - The Cisco switch must have all user-facing or untrusted ports configured as access switch ports. | DISA Cisco IOS Switch L2S STIG v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-000150 - The Cisco switch must be configured to enforce the limit of three consecutive invalid logon attempts, after which time it must lock out the user account from accessing the device for 15 minutes. | DISA Cisco IOS XE Switch NDM STIG v3r5 | Cisco | ACCESS CONTROL |
| CISC-ND-000150 - The Cisco switch must be configured to enforce the limit of three consecutive invalid logon attempts, after which time it must lock out the user account from accessing the device for 15 minutes. | DISA Cisco IOS Switch NDM STIG v3r6 | Cisco | ACCESS CONTROL |
| CISC-ND-000330 - The Cisco switch must be configured to generate audit records containing the full-text recording of privileged commands. | DISA Cisco IOS Switch NDM STIG v3r6 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-000330 - The Cisco switch must be configured to generate audit records containing the full-text recording of privileged commands. | DISA Cisco IOS XE Switch NDM STIG v3r5 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-000550 - The Cisco switch must be configured to enforce a minimum 15-character password length. | DISA Cisco IOS XE Switch NDM STIG v3r5 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000550 - The Cisco switch must be configured to enforce a minimum 15-character password length. | DISA Cisco IOS Switch NDM STIG v3r6 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000570 - The Cisco switch must be configured to enforce password complexity by requiring that at least one uppercase character be used. | DISA Cisco NX OS Switch NDM STIG v3r6 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000580 - The Cisco switch must be configured to enforce password complexity by requiring that at least one lower-case character be used. | DISA Cisco NX OS Switch NDM STIG v3r6 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000590 - The Cisco switch must be configured to enforce password complexity by requiring that at least one numeric character be used. | DISA Cisco NX OS Switch NDM STIG v3r6 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000600 - The Cisco switch must be configured to enforce password complexity by requiring that at least one special character be used. | DISA Cisco NX OS Switch NDM STIG v3r6 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-001030 - The Cisco switch must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources. | DISA Cisco IOS Switch NDM STIG v3r6 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001030 - The Cisco switch must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources. | DISA Cisco IOS XE Switch NDM STIG v3r5 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001030 - The Cisco switch must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources. | DISA Cisco NX OS Switch NDM STIG v3r6 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001050 - The Cisco switch must be configured to record time stamps for log records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). | DISA Cisco NX OS Switch NDM STIG v3r6 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001260 - The Cisco switch must be configured to generate audit records when successful/unsuccessful logon attempts occur. | DISA Cisco IOS XE Switch NDM STIG v3r5 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-ND-001260 - The Cisco switch must be configured to generate audit records when successful/unsuccessful logon attempts occur. | DISA Cisco IOS Switch NDM STIG v3r6 | Cisco | AUDIT AND ACCOUNTABILITY |
| DISA_STIG_Kubernetes_v2r5.audit from DISA Kubernetes v2r5 STIG | DISA STIG Kubernetes v2r5 | Unix | |
| DISA_STIG_Microsoft_Edge_v2r5.audit from DISA Microsoft Edge STIG v2r5 | DISA Microsoft Edge STIG v2r5 | Windows | |
| DISA_STIG_Mozilla_Firefox_v6r7_Linux.audit from DISA Mozilla Firefox v6r7 STIG | DISA STIG Mozilla Firefox Linux v6r7 | Unix | |
| DISA_STIG_Mozilla_Firefox_v6r7_MacOS.audit from DISA Mozilla Firefox v6r7 STIG | DISA STIG Mozilla Firefox MacOS v6r7 | Unix | |
| DISA_STIG_Mozilla_Firefox_v6r7_Windows.audit from DISA Mozilla Firefox v6r7 STIG | DISA STIG Mozilla Firefox Windows v6r7 | Windows | |
| DISA_STIG_Oracle_Database_11.2g_v2r5_Database.audit from DISA Oracle Database 11.2g v2r5 STIG | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | |
| System Alias and Banners - Switch CLI Banner | Tenable Cisco ACI | Cisco_ACI | ACCESS CONTROL |
| VCSA-70-000274 - The vCenter Server must not configure all port groups to virtual local area network (VLAN) values reserved by upstream physical switches. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000274 - The vCenter Server must not configure all port groups to virtual local area network (VLAN) values reserved by upstream physical switches. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000020 - The vCenter Server must not configure all port groups to VLAN values reserved by upstream physical switches. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-06-000020 - All port groups must not be configured to VLAN values reserved by upstream physical switches. | DISA VMware vSphere vCenter Server Version 6 STIG v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-65-000020 - The vCenter Server for Windows must not configure all port groups to VLAN values reserved by upstream physical switches. | DISA VMware vSphere 6.5 vCenter Server for Windows STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
