| 1.2 (L1) Ensure the Image Profile VIB acceptance level is configured properly | CIS VMware ESXi 7.0 v1.5.0 L1 Bare Metal | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2 Ensure the Image Profile VIB acceptance level is configured properly | CIS VMware ESXi 6.5 v1.0.0 Level 1 Bare Metal | Unix | CONFIGURATION MANAGEMENT |
| 1.2 Ensure the Image Profile VIB acceptance level is configured properly | CIS VMware ESXi 6.7 v1.3.0 Level 1 Bare Metal | Unix | SYSTEM AND SERVICES ACQUISITION |
| 8.4.16 Disable Trash Folder State | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.7.1 Disable VMware Tools auto install | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| Fortigate - Admin password lockout >= 300 seconds | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | ACCESS CONTROL |
| Fortigate - Admin SCP - 'disabled' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | ACCESS CONTROL |
| Fortigate - Disable insecure services - TELNET | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | CONFIGURATION MANAGEMENT |
| Fortigate - Disable SSHv1 admin access | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | CONFIGURATION MANAGEMENT |
| Fortigate - DNS - primary server | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
| Fortigate - External Logging - 'syslog2' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
| Fortigate - Fortianalyzer2 Logs - severity 'information' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
| Fortigate - Local Logging - severity 'information' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
| Fortigate - Log WAN optimization messages | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
| Fortigate - Password Complexity - 1 lowercase letter | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| Fortigate - Password Complexity - 4 char difference | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| Fortigate - reset-sessionless-tcp disabled | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
| Fortigate - Send malware statistics to FortiGuard 'Disabled' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | CONFIGURATION MANAGEMENT |
| Fortigate - Webfilter License - Not Expired | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | CONFIGURATION MANAGEMENT |
| Salesforce.com : AuthConfig - 'Auth Providers = Facebook Error URL' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = Janrain Consumer Secret' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Authorized Endpoint URL' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS is not configured' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Send Client Credentials in Header' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Token Issuer' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect User Info Endpoint URL' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : Email Services - 'AttachmentOption != 2 or 3' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : Email Services - 'AuthenticationFailureAction != 2 or 3' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : Email Services - 'AuthorizationFailureAction != 2' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : Email Services - 'IsAuthenticationRequired = True' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | IDENTIFICATION AND AUTHENTICATION |
| Salesforce.com : Monitoring Login History - 'Inactive users' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | IDENTIFICATION AND AUTHENTICATION |
| Salesforce.com : Monitoring Login History - 'No users are password locked' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : Network-Based Security - 'Trusted IP Range has been defined' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | SYSTEM AND COMMUNICATIONS PROTECTION |
| Salesforce.com : Object Permissions - 'DefaultCampaignAccess should not be Public Full Access or Public Read/Write' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : Setting Password Policies - 'Obscure secret answer for password resets = true' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | IDENTIFICATION AND AUTHENTICATION |
| Salesforce.com : Setting Session Security - 'Disable timeout warning = false' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| vCenter: vcenter-8.administration-sso-password-policy | VMware vSphere Security Configuration and Hardening Guide | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCUI-80-000134 The vCenter UI service shutdown port must be disabled. | DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCWN-06-000029 - The system must enable all tasks to be shown to Administrators in the Web Client. | DISA VMware vSphere vCenter Server Version 6 STIG v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-65-000004 - The vCenter Server for Windows must terminate management sessions after 10 minutes of inactivity. | DISA VMware vSphere 6.5 vCenter Server for Windows STIG v2r3 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| VM : disable-unexposed-features-memsfss | VMWare vSphere 6.5 Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000010 - The unexposed feature keyword isolation.bios.bbs.disable must be set. | DISA VMware vSphere Virtual Machine Version 6 STIG v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000019 - The unexposed feature keyword isolation.tools.unity.disable must be set. | DISA VMware vSphere Virtual Machine Version 6 STIG v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000021 - The unexposed feature keyword isolation.tools.unity.push.update.disable must be set. | DISA VMware vSphere Virtual Machine Version 6 STIG v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000026 - The unexposed feature keyword isolation.tools.guestDnDVersionSet.disable must be set. | DISA VMware vSphere Virtual Machine Version 6 STIG v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-65-000021 - The unexposed feature keyword isolation.tools.unity.push.update.disable must be set on the virtual machine. | DISA STIG VMware vSphere Virtual Machine 6.5 v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-65-000022 - The unexposed feature keyword isolation.tools.unity.taskbar.disable must be set on the virtual machine. | DISA STIG VMware vSphere Virtual Machine 6.5 v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-65-000023 - The unexposed feature keyword isolation.tools.unityActive.disable must be set on the virtual machine. | DISA STIG VMware vSphere Virtual Machine 6.5 v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-65-000025 - The unexposed feature keyword isolation.tools.vmxDnDVersionGet.disable must be set on the virtual machine. | DISA STIG VMware vSphere Virtual Machine 6.5 v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-65-000026 - The unexposed feature keyword isolation.tools.guestDnDVersionSet.disable must be set on the virtual machine. | DISA STIG VMware vSphere Virtual Machine 6.5 v2r2 | VMware | CONFIGURATION MANAGEMENT |
