| 1 - Application specific logging - start.jar --module=logging | TNS Best Practice Jetty 9 Linux | Unix | |
| 2 - Remove or Disable Example Content - enable-welcome-root | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| 2 - Specify file handler in jetty-logging.properties files - org.eclipse.jetty.LEVEL=INFO | TNS Best Practice Jetty 9 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 2 - Specify file handler in jetty-logging.properties files - org.eclipse.jetty.util.log.class=org.eclipse.jetty.util.log.StrErrLog | TNS Best Practice Jetty 9 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 3 - Audit Logging - Logger | TNS Best Practice JBoss 7 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 3 - Configure log file size limit - Settings | TNS Best Practice Jetty 9 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 7 - SSL implementation - start.ini --module=http | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7 - SSL implementation - start.ini --module=https | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7 - SSL implementation - start.ini --module=ssl | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7 - SSL implementation - start.jar --module=http | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 12 - Restrict access to logs directory - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 12 - Restrict access to logs directory - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 15 - Authentication | TNS Best Practice JBoss 7 Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| 15 - Restrict access to web application directory - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 16 - ORB Subsystem - Initializers On | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 16 - Restrict access to JETTY.policy - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 17 - Restrict access to JETTY.properties - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 19 - Restrict access to logging.properties - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 20 - Enable Encryption | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 20 - Restrict access to server.xml - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 23 - Strong password policy must be established | TNS Best Practice Jetty 9 Linux | Unix | |
| 24 - Remove extraneous files and directories - $JETTY_BASE/webapps/doc | TNS Best Practice Jetty 9 Linux | Unix | CONFIGURATION MANAGEMENT |
| 24 - Remove extraneous files and directories - $JETTY_BASE/webapps/servlet-example | TNS Best Practice Jetty 9 Linux | Unix | CONFIGURATION MANAGEMENT |
| 25 - Disable Unused Connectors | TNS Best Practice Jetty 9 Linux | Unix | |
| 34 - Ensure Web content directory is on a separate partition from the system files | TNS Best Practice Jetty 9 Linux | Unix | |
| 35 - Do not allow custom header status messages | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 36 - Configure connectionTimeout | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 38 - Force SSL for all applications | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 39 - Increase the entropy in session identifiers | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Adtran : Ensure the default 'admin' username is not used | TNS Adtran AOS Best Practice Audit | Adtran | ACCESS CONTROL |
| Adtran : Firewall - Ensure winnuke protection is enabled | TNS Adtran AOS Best Practice Audit | Adtran | SYSTEM AND COMMUNICATIONS PROTECTION |
| Adtran : Password Policy - no weak passwords | TNS Adtran AOS Best Practice Audit | Adtran | IDENTIFICATION AND AUTHENTICATION |
| Adtran : Secure Web Access - HTTP disabled | TNS Adtran AOS Best Practice Audit | Adtran | CONFIGURATION MANAGEMENT |
| Host version | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| Huawei: Command Levels Not Changed | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: Configure appropriate NTP server | TNS Huawei VRP Best Practice Audit | Huawei | AUDIT AND ACCOUNTABILITY |
| Huawei: Disable Telnet on IPV4 | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: Enable AAA authentication | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
| Huawei: Enable SNMP Traps | TNS Huawei VRP Best Practice Audit | Huawei | AUDIT AND ACCOUNTABILITY |
| Huawei: Insecure HTTP is not configured. | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: Require Group for SNMPv3 Access | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Huawei: Require SSH version 2 | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: Set super password | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
| Huawei: SNMP Community string != private | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
| List halted VMs | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| List running VMs | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| List security roles | TNS Citrix Hypervisor | Unix | ACCESS CONTROL |
| List VM memory allocations | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| Review accounts used to mount remote storage | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| The hosts.deny file blocks access by default | TNS Citrix Hypervisor | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
