| 3.5.1.5 Ensure firewalld default zone is set | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.4 Ensure default zone is set | CIS SUSE Linux Enterprise 15 v2.0.1 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.2 (L1) Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2016 v3.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.2 (L1) Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.2 (L1) Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.2 (L1) Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.2 (L1) Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.2 (L1) Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.2 (L1) Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.2 Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.2 Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.2 Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.2 Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Member Server | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.2 Ensure 'Windows Firewall: Domain: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.3 (L1) Ensure 'Windows Firewall: Domain: Outbound connections' is set to 'Allow (default)' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.5 Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater' - 16,384 KB or greater | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.2 (L1) Ensure 'Windows Firewall: Private: Inbound connections' is set to 'Block (default)' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.2 (L1) Ensure 'Windows Firewall: Private: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.2 (L1) Ensure 'Windows Firewall: Private: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.2 (L1) Ensure 'Windows Firewall: Private: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.2 (L1) Ensure 'Windows Firewall: Private: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.2 Ensure 'Windows Firewall: Private: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.5 Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater' - 16,384 KB or greater | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.5 Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater' - 16,384 KB or greater | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.6 Ensure 'Windows Firewall: Private: Logging: Size limit (KB)' is set to '16,384 KB or greater' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 9.3.2 (L1) Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.2 (L1) Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.2 (L1) Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.2 (L1) Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.2 (L1) Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.2 (L1) Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.2 (L1) Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.2 (L1) Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.2 (L1) Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.2 (L1) Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.2 (L1) Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.2 Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.2 Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.2 Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.2 Ensure 'Windows Firewall: Public: Inbound connections' is set to 'Block (default)' | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.3 (L1) Ensure 'Windows Firewall: Public: Outbound connections' is set to 'Allow (default)' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.3 (L1) Ensure 'Windows Firewall: Public: Outbound connections' is set to 'Allow (default)' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.3 (L1) Ensure 'Windows Firewall: Public: Outbound connections' is set to 'Allow (default)' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.5 Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater' - 16,384 KB or greater | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.8 Ensure 'Windows Firewall: Public: Logging: Size limit (KB)' is set to '16,384 KB or greater' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 20.21 Ensure 'DoD Root Certificate Authority (CA) certificates' are installed in the 'Trusted Root Store' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 20.28 Ensure 'Fax Server role' is set to 'Not Installed' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.28 Ensure 'Fax Server role' is set to 'Not Installed' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| JUEX-RT-000500 - The Juniper perimeter router must be configured to restrict it from accepting outbound IP packets that contain an illegitimate address in the source address field via egress filter or by enabling Unicast Reverse Path Forwarding (uRPF). | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
