| 2.3.17.4 Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | ACCESS CONTROL |
| 2.3.17.4 Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| 3. OpenStack Compute - Policy.json - 'os_compute_api:os-assisted-volume-snapshots:create' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 10. OpenStack Compute - Policy.json - 'os_compute_api:os-console-auth-tokens' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 11. OpenStack Compute - Policy.json - 'os_compute_api:os-lock-server:unlock' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 18. OpenStack Compute - Policy.json - 'compute_extension:flavor_access:removeTenantAccess' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 26. OpenStack Compute - Policy.json - 'compute_extension:admin_actions' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 30. OpenStack Compute - Policy.json - 'os_compute_api:os-pci:detail' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 32. OpenStack Compute - Policy.json - 'os_compute_api:os-cells:create' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 89.30 (L1) Ensure 'Profile System Performance' is set to 'Administrators, NT SERVICE\WdiServiceHost' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 105. OpenStack Compute - Policy.json - 'os_compute_api:os-flavor-extra-specs:delete' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 108. OpenStack Compute - Policy.json - 'admin_or_owner' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 111. OpenStack Compute - Policy.json - 'os_compute_api:os-aggregates:add_host' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 117. OpenStack Compute - Policy.json - 'compute_extension:floating_ips_bulk' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 122. OpenStack Compute - Policy.json - 'compute_extension:admin_actions:resume' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 127. OpenStack Compute - Policy.json - 'compute_extension:admin_actions:createBackup' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| 145. OpenStack Compute - Policy.json - 'os_compute_api:server-metadata:update_all' | TNS OpenStack Nova/Compute Security Guide | Unix | ACCESS CONTROL |
| ACLs: Filter for RFC 1918 addresses (192.168.0.0/16) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| ACLs: Filter for RFC 3330 addresses (192.0.2.0/24) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| ACLs: Filter for RFC 3330 addresses (192.42.172.0/24) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| ACLs: Filter for RFC 3330 addresses (203.0.113.0/24) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| ACLs: Filter for RFC 3330 addresses (224.0.0.0/4) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| ACLs: Filter for RFC 3330 addresses (240.0.0.0/4) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| ACLs: Filter for RFC 3330 addresses (255.255.255.255/32) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| Authentication: a backup remote authentication server is available | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | ACCESS CONTROL |
| Authentication: local authentication is available as a last resort | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | IDENTIFICATION AND AUTHENTICATION |
| BGP: Disable Capability Negotiation | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| CPM Filtering: Filter for ICMP - echo-reply | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| CPM Filtering: Filter for ICMP - source quench | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| CPM Filtering: Filter for ICMP - time exceeded | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| CPM Filtering: Filter for RSVP | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-002400 - The application must update malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| GEN006560 - The system vulnerability assessment tool, host-based intrusion detection tool, and file integrity tool must notify the SA and the IAO of a security breach or a suspected security breach. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| ICMP: Do not return Proxy ARP requests | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| ICMP: Do not return redirect messages | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| Logging: capture level is set to at least info | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | AUDIT AND ACCOUNTABILITY |
| Login: FTP is disabled | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | CONFIGURATION MANAGEMENT |
| Login: SSH is enabled | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | CONFIGURATION MANAGEMENT |
| PANW-IP-000033 - To protect against unauthorized data mining, the Palo Alto Networks security platform must detect and prevent code injection attacks launched against application objects including, at a minimum, application URLs and application code. | DISA STIG Palo Alto IDPS v3r2 | Palo_Alto | ACCESS CONTROL |
| PANW-IP-000045 - Palo Alto Networks security platform components, including sensors, event databases, and management consoles must integrate with a network-wide monitoring capability. | DISA STIG Palo Alto IDPS v3r2 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| Password Complexity: Require a minimum length of 8 characters | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | IDENTIFICATION AND AUTHENTICATION |
| SNMP: configure access groups to use privacy | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | IDENTIFICATION AND AUTHENTICATION |
| SNMP: configure community strings | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | IDENTIFICATION AND AUTHENTICATION |
| SNMP: Use SNMPv3 only | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | IDENTIFICATION AND AUTHENTICATION |
| Time: NTP servers use an authentication key | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | AUDIT AND ACCOUNTABILITY |
| Time: System has a primary NTP server set | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | AUDIT AND ACCOUNTABILITY |
| TiMOS/SR-OS : OS Version is up to date | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | CONFIGURATION MANAGEMENT |
| TNS_IBM_HTTP_Server_Linux_Best_Practice.audit | TNS IBM HTTP Server Best Practice | Unix | |
| TNS_OpenStack_Networking_Security_Guide.audit | TNS OpenStack Neutron/Networking Security Guide | Unix | |
| uRPF: Unicast Reverse Path Forwarding (uRPF) is Enabled | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
