| Fortigate - Auto backup is configured - 'FortiManager' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | CONTINGENCY PLANNING |
| Fortigate - AV License - Not Expired | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | CONFIGURATION MANAGEMENT |
| Fortigate - Disable insecure services - TELNET | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | CONFIGURATION MANAGEMENT |
| Fortigate - Does not use self-signed certificate - 'admin' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| Fortigate - External Logging - 'fortianalyzer' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
| Fortigate - External Logging - 'syslogd' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
| Fortigate - full-final-warning-threshold <= 95% | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
| Fortigate - full-first-warning-threshold <= 75% | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
| Fortigate - HTTPS/SSH admin access strong ciphers | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | ACCESS CONTROL |
| Fortigate - Inactivity timeout - 'console' <= 5 | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | ACCESS CONTROL |
| Fortigate - Local Logging is enabled | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
| Fortigate - Log WAN optimization messages | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
| Fortigate - SNMP community string - 'public' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| Fortigate - SNMP v3 uses AES instead of DES | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
| Fortigate - SSH login grace time <= 30 seconds | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | ACCESS CONTROL |
| Fortigate - System event logging | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
| Fortigate - VPN event logging | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
| Salesforce.com : AuthConfig - 'Auth Providers = Facebook Consumer Key' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = Facebook Error URL' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = Janrain Consumer Secret' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = Janrain Error URL' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = Janrain Execution User ID' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = Janrain is not configured' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : AuthConfig - 'Auth Providers = MicrosoftACS Authorized Endpoint URL' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect Default Scope' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect is not configured' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : AuthConfig - 'Auth Providers = OpenIdConnect' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = Salesforce Execution User ID' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : AuthConfig - 'Auth Providers = Salesforce is not configured' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : CronTrigger - 'Cron Jobs with Status of ERROR' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
| Salesforce.com : Email Services - 'IsAuthenticationRequired = True' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | IDENTIFICATION AND AUTHENTICATION |
| Salesforce.com : Email Services - 'IsErrorRoutingEnabled = True' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | SYSTEM AND INFORMATION INTEGRITY |
| Salesforce.com : Monitoring Login History - 'Inactive users' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | IDENTIFICATION AND AUTHENTICATION |
| Salesforce.com : Monitoring Login History - 'No users are frozen' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : Network-Based Security - 'Trusted IP Range has been defined' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | SYSTEM AND COMMUNICATIONS PROTECTION |
| Salesforce.com : Network-Based Security - 'Trusted IP Ranges exist' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | SYSTEM AND COMMUNICATIONS PROTECTION |
| Salesforce.com : Object Permissions - 'DefaultCalendarAccess should not be Show Details or Show Details and Add Events' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : Object Permissions - 'DefaultCaseAccess should not be Public Read/Write or Public Read/Write/Transfer' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : Object Permissions - 'DefaultLeadAccess should not be Public Read/Write or Public Read/Write/Transfer' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : Object Permissions - 'DefaultOpportunityAccess should not be Public Read/Write or Public Read/Write/Transfer' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : Setting Password Policies - 'lockout period >= 30 minutes' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| Salesforce.com : Setting Session Security - 'Enable clickjack protection for non-setup customer Visualforce pages = true' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | SYSTEM AND COMMUNICATIONS PROTECTION |
| Salesforce.com : Setting Session Security - 'Lock session to IP = true' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | ACCESS CONTROL |
| SalesForce.com : Setting Session Security - 'Review Active Users' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| SalesForce.com : Setting Session Security - 'Review Inactive Users' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : Setting Session Security - 'Review Salesforce console User' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : Setting Session Security - 'Review Salesforce CRM Content User' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : Setting Session Security - 'Review user types' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : Setting Session Security - 'Review Work.com User' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
| Salesforce.com : Setting Session Security - 'Use POST requests for cross-domain sessions = true' | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | CONFIGURATION MANAGEMENT |
