| 1.1 Secure Login and Telnet Disabling - Disable telnet server | Tenable ZTE ROSNG | ZTE_ROSNG | CONFIGURATION MANAGEMENT |
| 1.2 Ensure that the SharePoint Central Administration Site is TLS-enabled - HTTPS | CIS Microsoft SharePoint 2016 OS v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2 Ensure that the SharePoint Central Administration Site is TLS-enabled - Port 443 | CIS Microsoft SharePoint 2019 OS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2 Password Security Policy - d) Check either of the following words exist in configuration file | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 1.2 Password Security Policy - e) Check for strong-password max-length - strong-password username-related-chk inverse | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 1.4 SNMP Security - a) SNMP Community Security | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 1.4 SNMP Security - b) SNMP server | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.7.8 Ensure GDM autorun-never is enabled | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation | Unix | MEDIA PROTECTION |
| 1.7.8 Ensure GDM autorun-never is enabled | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Server | Unix | MEDIA PROTECTION |
| 1.9 SSL Strong Algorithm - a) Version | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.9 SSL Strong Algorithm - b) ciphersuite | Tenable ZTE ROSNG | ZTE_ROSNG | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.24 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.24 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.24 Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.24 Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.26 Ensure 'Deny log on as a service' to include 'No one' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.2.29 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (DC only) | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | ACCESS CONTROL |
| 2.2.29 Ensure 'Deny log on as a service' to include 'No one' (STIG DC only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.2.29 Ensure 'Deny log on as a service' to include 'No one' (STIG DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.2.30 Ensure 'Deny log on as a service' to include 'Enterprise Admins Group and Domain Admins Group' (STIG MS only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.2.30 Ensure 'Deny log on as a service' to include 'Enterprise Admins Group and Domain Admins Group' (STIG MS only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.2.31 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' and (when the Web Server (IIS) Role with Web Services Role Service is installed) 'IIS_IUSRS' (MS only) | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.2.32 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (DC only) | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.32 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (DC only) | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.32 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' and (when the Web Server (IIS) Role with Web Services Role Service is installed) 'IIS_IUSRS' (MS only) | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.2.46 Ensure 'Manage auditing and security log' is set to 'Administrators' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.3.1.3 Ensure 'Accounts: Guest account status' is set to 'Disabled' (STIG DC & MS only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.5 Product Default Banner | Tenable ZTE ROSNG | ZTE_ROSNG | ACCESS CONTROL |
| 3.4 Ensure Auto-Scaling Launch Configuration for App-Tier is configured to use an approved Amazon Machine Image | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | CONFIGURATION MANAGEMENT |
| 4.1.2.1 Ensure local user Home directories exists | CIS IBM AIX 7 v1.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.2 Configuring syslog - remote logging - *.info;auth.none in /etc/syslog.conf | CIS IBM AIX 7.1 L2 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3 (L1) Ensure email from external senders is identified | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 6.2.3 (L1) Ensure email from external senders is identified | CIS Microsoft 365 Foundations v5.0.0 L1 E3 | microsoft_azure | CONFIGURATION MANAGEMENT |
| CIS Control 3 (3.4(a)) Deploy Automated Operating System Patch Management Tools | CAS Implementation Group 1 Audit File | Unix | SYSTEM AND INFORMATION INTEGRITY |
| CIS Control 3 (3.4(b)) Deploy Automated Operating System Patch Management Tools | CAS Implementation Group 1 Audit File | Unix | SYSTEM AND INFORMATION INTEGRITY |
| CIS Control 3 (3.4(c)) Deploy Automated Operating System Patch Management Tools | CAS Implementation Group 1 Audit File | Unix | SYSTEM AND INFORMATION INTEGRITY |
| CIS_Cisco_ASA_9.x_Firewall_v1.1.0_L1.audit from CIS Cisco ASA 9.x Firewall Benchmark v1.1.0 | CIS Cisco ASA 9.x Firewall L1 v1.1.0 | Cisco | |
| CIS_Cisco_ASA_9.x_Firewall_v1.1.0_L2.audit from CIS Cisco ASA 9.x Firewall Benchmark v1.1.0 | CIS Cisco ASA 9.x Firewall L2 v1.1.0 | Cisco | |
| CIS_Cisco_IOS_XE_16.x_v2.1.0_L1.audit from CIS Cisco IOS XE 16.x Benchmark v2.1.0 | CIS Cisco IOS XE 16.x v2.1.0 L1 | Cisco | |
| CIS_Cisco_IOS_XE_16.x_v2.1.0_L2.audit from CIS Cisco IOS XE 16.x Benchmark v2.1.0 | CIS Cisco IOS XE 16.x v2.1.0 L2 | Cisco | |
| CIS_Cisco_IOS_XE_17.x_v2.1.1_L2.audit from CIS Cisco IOS XE 17.x Benchmark v2.1.1 | CIS Cisco IOS XE 17.x v2.1.1 L2 | Cisco | |
| CIS_Microsoft_Windows_10_Stand-alone_v3.0.0_L1.audit from CIS Microsoft Windows 10 Stand-alone Benchmark v3.0.0 | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 | Windows | |
| CIS_Microsoft_Windows_10_Stand-alone_v3.0.0_L2.audit from CIS Microsoft Windows 10 Stand-alone Benchmark v3.0.0 | CIS Microsoft Windows 10 Stand-alone v3.0.0 L2 | Windows | |
| CIS_Microsoft_Windows_11_Stand-alone_v4.0.0_L1.audit from CIS Microsoft Windows 11 Stand-alone Benchmark v4.0.0 | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | |
| CIS_Microsoft_Windows_11_Stand-alone_v4.0.0_L2.audit from CIS Microsoft Windows 11 Stand-alone Benchmark v4.0.0 | CIS Microsoft Windows 11 Stand-alone v4.0.0 L2 | Windows | |
| CIS_v4.1.0_Cisco_Firewall_ASA_9_Level_1.audit for Cisco ASA 9 from CIS Cisco Firewall Benchmark v4.1.0 | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | |
| SP13-00-000015 - SharePoint must utilize approved cryptography to protect the confidentiality of remote access sessions. | DISA STIG SharePoint 2013 v2r4 | Windows | ACCESS CONTROL |
| SP13-00-000120 - SharePoint must maintain the confidentiality of information during aggregation, packaging, and transformation in preparation for transmission. When transmitting data, applications need to leverage transmission protection mechanisms such as TLS, SSL VPNs, or IPSec. | DISA STIG SharePoint 2013 v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCWN-65-000057 - The vCenter Server for Windows must enable TLS 1.2 exclusively. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | CONFIGURATION MANAGEMENT |
| WN16-00-000360 - The Microsoft FTP service must not be installed unless required. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | CONFIGURATION MANAGEMENT |
