| 1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - HTTPS | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | ACCESS CONTROL |
| 1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - HTTPS | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | ACCESS CONTROL |
| 1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - SNMP | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | ACCESS CONTROL |
| 1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - SNMP | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | ACCESS CONTROL |
| 1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - SSH | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | ACCESS CONTROL |
| 1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - SSH | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | ACCESS CONTROL |
| 2.2.26 Ensure ldap_tls_cacert is set for LDAP - config | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 2.2.27 Ensure ldap_id_use_start_tls is set for LDAP - LDAP authentication communications. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 2.2.28 Ensure ldap_tls_reqcert is set for LDAP - LDAP communications. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 4.39 listener.ora - 'secure_control_listener_name = (TCP,IPC)' | CIS v1.1.0 Oracle 11g OS L2 | Unix | ACCESS CONTROL |
| 4.39 listener.ora - 'secure_control_listener_name = (TCP,IPC)' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | ACCESS CONTROL |
| 4.40 listener.ora - 'secure_protocol_listener_name = (TCP,IPC)' | CIS v1.1.0 Oracle 11g OS L1 | Unix | ACCESS CONTROL |
| 4.40 listener.ora - 'secure_protocol_listener_name = (TCP,IPC)' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | ACCESS CONTROL |
| 4.41 listener.ora - 'secure_register_listener_name = (TCP,IPC)' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | ACCESS CONTROL |
| 4.41 listener.ora - 'secure_register_listener_name = (TCP,IPC)' | CIS v1.1.0 Oracle 11g OS L2 | Unix | ACCESS CONTROL |
| 5.02 OAS - 'Encryption Type - sqlnet.encryption_server = REQUIRED' | CIS v1.1.0 Oracle 11g OS L2 | Unix | ACCESS CONTROL |
| 5.02 OAS - 'Encryption Type - sqlnet.encryption_server = REQUIRED' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | ACCESS CONTROL |
| 5.03 OAS - 'Encryption Type - sqlnet.encryption_client = REQUIRED' | CIS v1.1.0 Oracle 11g OS L2 | Unix | ACCESS CONTROL |
| 5.03 OAS - 'Encryption Type - sqlnet.encryption_client = REQUIRED' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | ACCESS CONTROL |
| 5.05 OAS - 'Integrity Protection - sqlnet.crypto_checksum_client = REQUIRED' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | ACCESS CONTROL |
| 5.05 OAS - 'Integrity Protection - sqlnet.crypto_checksum_client = REQUIRED' | CIS v1.1.0 Oracle 11g OS L2 | Unix | ACCESS CONTROL |
| 5.05 OAS - 'Integrity Protection - sqlnet.crypto_checksum_server = REQUIRED' | CIS v1.1.0 Oracle 11g OS L2 | Unix | ACCESS CONTROL |
| 5.05 OAS - 'Integrity Protection - sqlnet.crypto_checksum_server = REQUIRED' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | ACCESS CONTROL |
| 5.06 OAS - 'Integrity Protection - sqlnet.crypto_checksum_types_server = (SHA1)' | CIS v1.1.0 Oracle 11g OS L2 | Unix | ACCESS CONTROL |
| 5.06 OAS - 'Integrity Protection - sqlnet.crypto_checksum_types_server = (SHA1)' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | ACCESS CONTROL |
| 5.16 OAS - 'SSL Client Authentication - ssl_client_authentication = TRUE' | CIS v1.1.0 Oracle 11g OS L2 | Unix | ACCESS CONTROL |
| 12.51 Remote Administration of Listener - 'Use encryption if remote administration is required' | CIS v1.1.0 Oracle 11g OS L2 | Unix | ACCESS CONTROL |
| 18.9.59.3.9.5 Ensure 'Set client connection encryption level' is set to 'Enabled: High Level' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 18.9.59.3.9.5 Ensure 'Set client connection encryption level' is set to 'Enabled: High Level' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 18.9.97.2.3 Ensure 'Allow unencrypted traffic' is set to 'Disabled' - Service | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Client - AllowUnencryptedTraffic | MSCT Windows Server 2016 MS v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Client - AllowUnencryptedTraffic | MSCT Windows 10 1909 v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Client - AllowUnencryptedTraffic | MSCT Windows Server 1903 DC v1.19.9 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Client - AllowUnencryptedTraffic | MSCT Windows Server v2004 MS v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - WinRM Service | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - WinRM Service | MSCT Windows 10 1809 v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - WinRM Service | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| DG0093-ORACLE11 - Remote adminstrative connections to the database should be encrypted - 'Remote admin connections are encrypted' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DG0093-ORACLE11 - Remote adminstrative connections to the database should be encrypted - all protocols use TCPS' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | ACCESS CONTROL |
| ESXi: esxi-8.ssh-fips | VMware vSphere Security Configuration and Hardening Guide 8.0 - Bare Metal Host | Unix | ACCESS CONTROL |
| ESXi: esxi-8.tls-profile | VMware vSphere Security Configuration and Hardening Guide 8.0 - Bare Metal Host | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN005507 - SSH daemon must be configured to only use MACs employing FIPS 140-2 approved cryptographic hash algorithms | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005512 - The SSH client must only use MACs employing FIPS 140-2 approved cryptographic hash algorithms | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows 10 1909 v1.0.0 | Windows | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows 10 v1507 v1.0.0 | Windows | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows Server v1909 DC v1.0.0 | Windows | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows Server v20H2 DC v1.0.0 | Windows | ACCESS CONTROL |
| WG230 W22 - Web server administration must be performed over a secure path or at the local console. | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | ACCESS CONTROL |
