| 1.7.2 Ensure 'TLS 1.0' is set for HTTPS access | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.7.2 Ensure 'TLS 1.2' is set for HTTPS access | CIS Cisco ASA 9.x Firewall L1 v1.1.0 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.7.3 Ensure 'SSL AES 256 encryption' is set for HTTPS access | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.5.1 Ensure 'VPN' is 'Configured' | MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.1 Ensure 'VPN' is 'Configured' | AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.1 Ensure 'VPN' is 'Configured' | MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.1 Ensure 'VPN' is 'Configured' | MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1 Use TSIG Keys 256 Bits in Length | CIS BIND DNS v1.0.0 L1 Caching Only Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2 Ensure Weak Protocols are Disabled | CIS MongoDB 6 v1.2.0 L1 MongoDB | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2 Ensure Weak Protocols are Disabled | CIS MongoDB 6 v1.2.0 L1 MongoDB | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2 Ensure Weak Protocols are Disabled | CIS MongoDB 4 L1 OS Windows v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2 Ensure Weak Protocols are Disabled | CIS MongoDB 5 L1 OS Windows v1.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Ensure Encryption of Data in Transit TLS or SSL (Transport Encryption) | CIS MongoDB 5 L1 OS Windows v1.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Ensure Encryption of Data in Transit TLS or SSL (Transport Encryption) | CIS MongoDB 4 L1 OS Windows v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Use Unique Keys for Each Pair of Hosts - unique keys | CIS BIND DNS v1.0.0 L1 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Use Unique Keys for Each Pair of Hosts - unique keys | CIS BIND DNS v1.0.0 L1 Caching Only Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Use Unique Keys for Each Pair of Hosts - unique secret | CIS BIND DNS v1.0.0 L1 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Protect TSIG Key Files During Deployment | CIS BIND DNS v1.0.0 L1 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.4 Ensure SSH Protocol is set to 2 | CIS Debian 9 Server L1 v1.0.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.13 Ensure only strong Ciphers are used | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.13 Ensure only strong Ciphers are used | CIS Fedora 19 Family Linux Workstation L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.14 Ensure only strong Key Exchange algorithms are used | CIS Debian Family Server L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.14 Ensure only strong Key Exchange algorithms are used | CIS Debian Family Workstation L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.15 Ensure only strong Key Exchange algorithms are used | CIS Debian 9 Server L1 v1.0.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.15 Ensure only strong Key Exchange algorithms are used | CIS Fedora 19 Family Linux Workstation L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.15 Ensure only strong Key Exchange algorithms are used | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.15 Ensure only strong Key Exchange algorithms are used - approved algorithms | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.15 Ensure only strong Key Exchange algorithms are used - weak algorithms | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.15 Ensure only strong Key Exchange algorithms are used - weak algorithms | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.14 Ensure only strong Ciphers are used - approved ciphers | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.14 Ensure only strong Ciphers are used - approved ciphers | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.14 Ensure only strong Ciphers are used - weak ciphers | CIS CentOS 6 Server L1 v3.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.14 Ensure only strong Ciphers are used - weak ciphers | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.16 Ensure only strong Key Exchange algorithms are used - approved algorithms | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.16 Ensure only strong Key Exchange algorithms are used - sshd | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.16 Ensure only strong Key Exchange algorithms are used - sshd_config | CIS CentOS 6 Server L1 v3.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.16 Ensure only strong Key Exchange algorithms are used - sshd_config | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.16 Ensure only strong Key Exchange algorithms are used - weak algorithms | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.4 Ensure secure is set to true only for SSL-enabled Connectors - verify secure is set to true | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure mod_ssl and/or mod_nss Is Installed | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure a Valid Trusted Certificate Is Installed | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure SSLv2 is Disabled | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure Weak SSL Protocols Are Disabled - 'TLSv1' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.5 Ensure TLS 1.1 is Disabled | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.5 Ensure Weak SSL/TLS Ciphers Are Disabled - 'VirtualHost SSLHonorCipherOrder = On' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.6 Ensure Insecure SSL Renegotiation Is Not Enabled | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.7 Ensure SSL Compression is Not Enabled | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.9 Ensure All Web Content is Accessed via HTTPS | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.9 Ensure All Web Content is Accessed via HTTPS | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.10 Ensure the TLSv1.0 and TLSv1.1 Protocols are Disabled | CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
