| 1.1 Secure Login and Telnet Disabling - Disable telnet server | Tenable ZTE ROSNG | ZTE_ROSNG | CONFIGURATION MANAGEMENT |
| 1.4 SNMP Security - a) SNMP Community Security | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 1.6 Support Web Access Security - b) ssl-context field | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8 SSH Strong Algorithm - e) Disable encryption aes256-cbc | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8 SSH Strong Algorithm - g) Disable hmac md5 | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8 SSH Strong Algorithm - h) Disable hmac none | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.9 SSL Strong Algorithm - c) pki-profile | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2 NTP Security Protection - b) NTP access-group | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3 Disable the Proxy ARP Function - b) No inter-vlan-proxy | Tenable ZTE ROSNG | ZTE_ROSNG | CONFIGURATION MANAGEMENT |
| 2.4 Disable the IP Unreachable Function | Tenable ZTE ROSNG | ZTE_ROSNG | CONFIGURATION MANAGEMENT |
| 3.2 Authentication and Verification of ISIS Routing Protocols - authentication | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 18.8.14.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.8.14.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.8.14.1 Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.8.14.1 Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.13.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.13.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.13.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.13.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.13.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.13.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.13.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.13.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.13.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.13.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.13.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.13.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.13.1 (L1) Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Microsoft Windows Server 2019 v4.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.13.1 Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.13.1 Ensure 'Boot-Start Driver Initialization Policy' is set to 'Enabled: Good, unknown and bad but critical' | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Boot-Start Driver Initialization Policy | MSCT Windows Server v1909 DC v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Boot-Start Driver Initialization Policy | MSCT Windows Server v1909 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Boot-Start Driver Initialization Policy | MSCT Windows Server 2016 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Boot-Start Driver Initialization Policy | MSCT Windows 11 v24H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Boot-Start Driver Initialization Policy | MSCT Windows 11 v23H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Boot-Start Driver Initialization Policy | MSCT Windows 10 1903 v1.19.9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Boot-Start Driver Initialization Policy | MSCT Windows Server 1903 MS v1.19.9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Boot-Start Driver Initialization Policy - DriverLoadPolicy | MSCT Windows Server 2025 DC v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Boot-Start Driver Initialization Policy - DriverLoadPolicy | MSCT Windows Server 2025 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Boot-Start Driver Initialization Policy - DriverLoadPolicy | MSCT Windows 10 1803 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX16-ED-000750 - The application must be configured to block and quarantine malicious code upon detection, then send an immediate alert to appropriate individuals. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX16-ED-000750 - The application must be configured to block and quarantine malicious code upon detection, then send an immediate alert to appropriate individuals. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX16-ED-000760 - The application must be configured to block and quarantine malicious code upon detection, then send an immediate alert to appropriate individuals. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| JUSX-DM-000146 - For nonlocal maintenance sessions using SNMP, the Juniper SRX Services Gateway must use and securely configure SNMPv3 with SHA to protect the integrity of maintenance and diagnostic communications. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | MAINTENANCE |
| OL07-00-020210 - The Oracle Linux operating system must enable SELinux. | DISA Oracle Linux 7 STIG v3r2 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| OL08-00-040400 - OL 8 must prevent nonprivileged users from executing privileged functions, including disabling, circumventing, or altering implemented security safeguards/countermeasures. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-08-010450 - RHEL 8 must enable the SELinux targeted policy. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| SLES-15-010419 - The SUSE operating system must use a file integrity tool to verify correct operation of all security functions. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| SQL6-D0-000700 - SQL Server must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. | DISA STIG SQL Server 2016 Database Audit v3r2 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| UBTU-22-651010 - Ubuntu 22.04 LTS must use a file integrity tool to verify correct operation of all security functions. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
