| 1.1 Secure Login and Telnet Disabling - Disable telnet server | Tenable ZTE ROSNG | ZTE_ROSNG | CONFIGURATION MANAGEMENT |
| 1.1.6 Ensure 'Store passwords using reversible encryption' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.2 Password Security Policy - b) The password must include either three of 'number', 'capital', 'lowercase', 'special-character' or set the 'character-set-num' value to 3-4 | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 1.2 Password Security Policy - f) The validity period of an account can be configured | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 1.4 SNMP Security - a) SNMP Community Security | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 1.5 FTP/SFTP Access Authorization - login-type-allowed | Tenable ZTE ROSNG | ZTE_ROSNG | CONFIGURATION MANAGEMENT |
| 1.5 FTP/SFTP Access Authorization - sftp top-directory | Tenable ZTE ROSNG | ZTE_ROSNG | CONFIGURATION MANAGEMENT |
| 1.6 Support Web Access Security - a) ciphersuite | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8 SSH Strong Algorithm - g) Disable hmac md5 | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2 NTP Security Protection - a) Enable NTP | Tenable ZTE ROSNG | ZTE_ROSNG | AUDIT AND ACCOUNTABILITY |
| 2.2 NTP Security Protection - b) NTP access-group | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2 NTP Security Protection - c) NTP Auth-key encrypted | Tenable ZTE ROSNG | ZTE_ROSNG | AUDIT AND ACCOUNTABILITY |
| 2.2.5 (L1) Ensure 'Allow log on locally' is set to 'Administrators' | CIS Microsoft Windows Server 2025 Stand-alone v1.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.2.8 (L1) Ensure 'Allow log on locally' is set to 'Administrators' (MS only) | CIS Microsoft Windows Server 2016 v4.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.8 (L1) Ensure 'Allow log on locally' is set to 'Administrators' (MS only) | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.8 Ensure 'Allow log on locally' is set to 'Administrators' (MS only) | CIS Microsoft Windows Server 2025 v2.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.8 Ensure 'Allow log on locally' is set to 'Administrators' (MS only) | CIS Microsoft Windows Server 2022 v5.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.24 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3 Disable the Proxy ARP Function - b) No inter-vlan-proxy | Tenable ZTE ROSNG | ZTE_ROSNG | CONFIGURATION MANAGEMENT |
| 2.4 Disable the IP Unreachable Function | Tenable ZTE ROSNG | ZTE_ROSNG | CONFIGURATION MANAGEMENT |
| 3.1 Authentication and Verification of OSPF Routing Protocols - message-digest-key | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 3.2 Authentication and Verification of ISIS Routing Protocols - authentication | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 3.2 Set 'Require Client Certificates' to 'Required' | CIS Microsoft Exchange Server 2016 CAS v1.0.0 | Windows | |
| 3.2 Set 'Require Client Certificates' to 'Required' | CIS Microsoft Exchange Server 2013 CAS v1.1.0 | Windows | |
| 6.2.3 (L1) Ensure email from external senders is identified | CIS Microsoft 365 Foundations v6.0.1 L1 E3 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 6.2.3 (L1) Ensure email from external senders is identified | CIS Microsoft 365 Foundations v6.0.1 L1 E5 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 18.10.24.1 (L1) Ensure 'EMET 5.52' or higher is installed | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| CIS Control 1 (1.4) Maintain Detailed Asset Inventory | CAS Implementation Group 1 Audit File | Unix | CONFIGURATION MANAGEMENT |
| CIS Control 6 (6.2(b)) Activate Audit Logging | CAS Implementation Group 1 Audit File | Unix | AUDIT AND ACCOUNTABILITY |
| CIS Control 10 (10.1) Ensure Regular Automated Backups | CAS Implementation Group 1 Audit File | Unix | CONTINGENCY PLANNING |
| CIS_Amazon_Linux_2_STIG_v2.0.0_L1_Server.audit from CIS Amazon Linux 2 STIG v2.0.0 | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | |
| CIS_Bottlerocket_v1.0.0_L1.audit from CIS Bottlerocket Benchmark Level 1 | CIS Bottlerocket L1 | Unix | |
| CIS_CentOS_Linux_7_v4.0.0_L1_Workstation.audit from CIS CentOS Linux 7 Benchmark v4.0.0 | CIS CentOS Linux 7 v4.0.0 L1 Workstation | Unix | |
| CIS_Cisco_IOS_15_v4.1.1_Level_2.audit from CIS Cisco IOS 15 Benchmark | CIS Cisco IOS 15 L2 v4.1.1 | Cisco | |
| CIS_Debian_Linux_9_Workstation_v1.0.1_L1.audit from CIS Debian Linux 9 Benchmark | CIS Debian 9 Workstation L1 v1.0.1 | Unix | |
| CIS_Google_Chrome_L2_v3.0.0.audit from CIS Google Chrome Benchmark v3.0.0 | CIS Google Chrome L2 v3.0.0 | Windows | |
| CIS_Microsoft_Windows_Server_2022_v5.0.0_L1_MS.audit from CIS Microsoft Windows Server 2022 5.0.0 | CIS Microsoft Windows Server 2022 v5.0.0 L1 MS | Windows | |
| CIS_Microsoft_Windows_Server_2022_v5.0.0_NG_DC.audit from CIS Microsoft Windows Server 2022 5.0.0 | CIS Microsoft Windows Server 2022 v5.0.0 NG DC | Windows | |
| CIS_Oracle_Linux_7_v4.0.0_L1_Workstation.audit from CIS Oracle Linux 7 Benchmark v4.0.0 | CIS Oracle Linux 7 v4.0.0 L1 Workstation | Unix | |
| CIS_Oracle_Server_18c_v1.1.0_L1_Windows.audit from CIS Oracle Database 18c Benchmark v1.1.0 | CIS Oracle Server 18c Windows v1.1.0 | Windows | |
| CIS_PostgreSQL_16_v1.1.0_L1_OS_Linux_Unix.audit from CIS PostgreSQL 16 Benchmark v1.1.0 | CIS PostgreSQL 16 v1.1.0 L1 OS Linux Unix | Unix | |
| CIS_SUSE_Linux_Enterprise_16_v1.0.0_L2_Workstation.audit from CIS SUSE Linux Enterprise 16 1.0.0 | CIS SUSE Linux Enterprise 16 v1.0.0 L2 Workstation | Unix | |
| CIS_Ubuntu_Linux_22.04_LTS_v3.0.0_L2_Server.audit from CIS Ubuntu Linux 22.04 LTS 3.0.0 | CIS Ubuntu Linux 22.04 LTS v3.0.0 L2 Server | Unix | |
| CIS_Ubuntu_Linux_24.04_LTS_v1.0.0_L1_Server.audit from CIS Ubuntu Linux 24.04 LTS 1.0.0 | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Server | Unix | |
| SP13-00-000135 - SharePoint must employ cryptographic mechanisms preventing the unauthorized disclosure of information during transmission, unless the transmitted data is otherwise protected by alternative physical measures. | DISA Microsoft SharePoint 2013 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
