| 1.7 Set 'Maximum number of recipients - organization level' to '5000' | CIS Microsoft Exchange Server 2016 Hub v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.7 Set 'Maximum number of recipients - organization level' to '5000' | CIS Microsoft Exchange Server 2013 Hub v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.18 Set 'Maximum receive size - connector level' to '10240' | CIS Microsoft Exchange Server 2016 Hub v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.3 Ensure 'Maximum receive size: Organization level' is set to '25' | CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.5 Ensure 'Maximum receive size: Connector level' is set to '25' | CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.11 Ensure 'SEC_PROTOCOL_ERROR_FURTHER_ACTION' Is Set to '(DROP,3)' | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.11 Ensure 'SEC_PROTOCOL_ERROR_FURTHER_ACTION' Is Set to '(DROP,3)' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.13 Disable ICMP Redirect Messages - current ipv6 = off | CIS Solaris 11.2 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.4.16 Ensure HTTP session overflow is 'disabled' | CIS IBM WebSphere Liberty v1.0.0 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.11 Ensure 'Dynamic IP Address Restrictions' is enabled - Deny By Request Rate | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.14 Set the 'on-failure' container restart policy to 5 - 'MaximumRetryCount' | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.14 Set the 'on-failure' container restart policy to 5 - RestartPolicyName=on-failure | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.28 Use PIDs cgroup limit | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.28 Use PIDs cgroup limit | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3 Set Maximum Connection Limits for Server and per User | CIS MySQL 8.4 Enterprise v1.0.0 L1 Database | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3 Set Maximum Connection Limits for Server and per User | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L1 Database | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.5.1 Prevent virtual machines from taking over resources - Mem Share Level | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.5.1 Prevent virtual machines from taking over resources - Mem Share Level | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 36 - Configure connectionTimeout | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Access Security - SSH - Set connection-limit and rate-limit restrictions - rate-limit | Juniper Hardening JunOS 12 Devices Checklist | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| Adtran : Firewall - Ensure winnuke protection is enabled | TNS Adtran AOS Best Practice Audit | Adtran | SYSTEM AND COMMUNICATIONS PROTECTION |
| Buffer overflow protection should be configured 'LimitRequestFields' | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Buffer overflow protection should be configured 'LimitRequestFieldsize' | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Control Plane Policing | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | SYSTEM AND COMMUNICATIONS PROTECTION |
| CPM Filtering: Filter for IGMP | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| CPM Filtering: Filter for L2TP | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| CPM Filtering: Filter for PIM | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| CPM Filtering: Filter for VRRP | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| DHCP snooping - authorized-server | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | SYSTEM AND COMMUNICATIONS PROTECTION |
| DHCP snooping - global | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | SYSTEM AND COMMUNICATIONS PROTECTION |
| Dynamic ARP Protection - port trust, vlans, and validate | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | SYSTEM AND COMMUNICATIONS PROTECTION |
| Fortigate - reset-sessionless-tcp disabled | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
| HP ProCurve - 'Enable ARP protection' | TNS HP ProCurve | HPProCurve | SYSTEM AND COMMUNICATIONS PROTECTION |
| ICMP: Do not return unreachable messages | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| Keep Alive setting parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Keep Alive Timeout setting value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MACsec | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | SYSTEM AND COMMUNICATIONS PROTECTION |
| MaxClients parameter value should be configured to appropriate value. | TNS IBM HTTP Server Best Practice Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MaxKeepAliveRequests parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Network Security - Drop TCP packets with the SYN and FIN flag combination | Juniper Hardening JunOS 12 Devices Checklist | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Flood Protection - Layer 2 - Threshold | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Flood Protection - Layer 2 - WAN machines | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Flood Protection - TCP - Enforce compliance | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| Spanning Tree: enable edge-port | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| Spanning Tree: enable root-guard | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : DoS Prevention - Block Port Space Probes | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : DoS Prevention - Drop IKE Flood Attack | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : DoS Prevention - Drop IP Source Route | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : DoS Prevention - Drop SYN Flood Attack | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : DoS Prevention - Drop UDP Flood Attack | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
