| 1.1.3.14.2 Set 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8 Set 'External send connector authentication: Ignore Start TLS' to 'False' | CIS Microsoft Exchange Server 2016 Edge v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.12 Set 'External send connector authentication: Domain Security' to 'True' | CIS Microsoft Exchange Server 2016 Edge v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.13.2.4 Ensure 'Message Formats' is set to Enabled:S/MIME and Fortezza | CIS Microsoft Office Outlook 2016 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.160 WN19-DC-000140 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.221 WN10-SO-000230 | CIS Microsoft Windows 10 STIG v1.0.0 CAT II | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.241 WN16-SO-000430 | CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6 Configure TLS authentication for Docker daemon --tlscert | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6 Configure TLS authentication for Docker daemon -tlsverify | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6 Configure TLS authentication for Docker daemon -tlsverify | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.10 Set 'Configure startup mode' to 'TLS' | CIS Microsoft Exchange Server 2013 UM v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.17 Set 'Support the following message formats:' to 'Enabled:S/MIME and Fortezza' | CIS MS Office Outlook 2010 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.19 Set 'Require client MAPI encryption' to 'True' | CIS Microsoft Exchange Server 2016 CAS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.25.8 Ensure 'Encryption Type for Password Protected Office Open XML Files' is set to Enabled | CIS Microsoft Office 2016 v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2.1.10 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled' | AirWatch - CIS Apple iOS 10 v2.0.0 Institution Owned L2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2.1.10 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled' | MobileIron - CIS Apple iOS 10 v2.0.0 Institution Owned L2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2.1.10 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled' | MobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2.1.10 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled' | AirWatch - CIS Apple iOS 12 v1.0.0 Institution Owned L2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1.2.3 Ensure 'setCookieSecureFlag' secure attribute is set to 'true' for the `JWT` cookie. | CIS IBM WebSphere Liberty v1.0.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1.2.6 Ensure 'httpOnlyCookies' HttpOnly attribute is set to 'True' for the authentication cookies | CIS IBM WebSphere Liberty v1.0.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2 Ensure Federal Information Processing Standard (FIPS) is enabled | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.5 Ensure that secure ciphers suites are configured | CIS IBM WebSphere Liberty v1.0.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3.15 Ensure 'httpsRequired' is set to 'true' in SAML | CIS IBM WebSphere Liberty v1.0.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.4.14 Ensure 'invalidateOnUnauthorizedSessionRequestException' is set to 'false' | CIS IBM WebSphere Liberty v1.0.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1 Set 'Secure Protocol combinations' to 'Enabled:Only use TLS 1.0' | CIS IE 9 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6 - Encryption | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.4 Ensure secure is set to true only for SSL-enabled Connectors (verify secure is set to true) | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.7 Ensure Signing Keys are Unique | CIS BIND DNS v1.0.0 L2 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.11 Use Only Approved Cipher in Counter Mode | CIS Debian Linux 7 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.8.4.1 Ensure 'Encryption Oracle Remediation' is set to 'Enabled: Force Updated Clients' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 29 - Ensure secure is set to true only for SSL-enabled Connectors | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows Server 2019 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows 10 1803 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow fallback to SSL 3.0 (Internet Explorer) | MSCT Windows 10 1909 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow users to proceed from the HTTPS warning page | MSCT Edge v89 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow users to proceed from the HTTPS warning page | MSCT Edge v136 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Configure SIP security mode | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption Oracle Remediation | MSCT Windows Server v1909 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption Oracle Remediation | MSCT Windows Server v2004 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption Oracle Remediation | MSCT Windows 11 v24H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption Oracle Remediation - AllowEncryptionOracle | MSCT Windows Server 2025 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption type for password protected Office 97-2003 files | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| HTTP vs. HTTPS - ssl | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | SYSTEM AND COMMUNICATIONS PROTECTION |
| Minimum TLS version enabled | MSCT Microsoft Edge Version 81 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Minimum TLS version enabled | MSCT Edge v86 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Protect document metadata for rights managed Office Open XML Files | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Routing Protocol Security - Select the strongest algorithm that is supported by your equipment and your neighbors - ISIS | Juniper Hardening JunOS 12 Devices Checklist | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| Routing Protocol Security - Select the strongest algorithm that is supported by your equipment and your neighbors - RIP | Juniper Hardening JunOS 12 Devices Checklist | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| Turn off encryption support | MSCT Windows 10 v22H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Turn off encryption support | MSCT Windows 10 v2004 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
