| 3.4 Ensure SQL Authentication is not used in contained databases | CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDS | MS_SQLDB | ACCESS CONTROL |
| 3.8 Ensure only the default permissions specified by Microsoft are granted to the public server role | CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDS | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.2 Ensure 'Software Update' returns 'Your software is up to date.' | AirWatch - CIS Apple iOS 10 v2.0.0 End User Owned L1 | MDM | SYSTEM AND INFORMATION INTEGRITY |
| 4.2 Ensure 'Software Update' returns 'Your software is up to date.' | AirWatch - CIS Apple iOS 12 v1.0.0 End User Owned L1 | MDM | SYSTEM AND INFORMATION INTEGRITY |
| 4.2 Ensure 'Software Update' returns 'Your software is up to date.' | MobileIron - CIS Apple iOS 12 v1.0.0 End User Owned L1 | MDM | SYSTEM AND INFORMATION INTEGRITY |
| 4.4 Ensure 'Software Update' returns 'Your software is up to date.' | MobileIron - CIS Apple iOS 17 Institution Owned L1 | MDM | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.4 Ensure 'Software Update' returns 'Your software is up to date.' | AirWatch - CIS Apple iOS 18 Benchmark v1.0.0 L1 End User Owned | MDM | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.3 Ensure 'Login Auditing' is set to 'failed logins' | CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDS | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 7.2 Ensure Asymmetric Key Size is set to' greater than or equal to 2048' in non-system databases | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1 Ensure 'SQL Server Browser Service' is configured correctly | CIS SQL Server 2008 R2 DB Engine L1 v1.7.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 8.1 Ensure 'SQL Server Browser Service' is configured correctly | CIS SQL Server 2022 Database L1 DB v1.1.0 | MS_SQLDB | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1 Ensure 'SQL Server Browser Service' is configured correctly | CIS Microsoft SQL Server 2019 v1.5.0 L1 Database Engine | MS_SQLDB | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1 Ensure 'SQL Server Browser Service' is configured correctly | CIS SQL Server 2017 Database L1 DB v1.3.0 | MS_SQLDB | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1 Ensure 'SQL Server Browser Service' is configured correctly | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 8.1 Ensure 'SQL Server Browser Service' is configured correctly | CIS SQL Server 2016 Database L1 DB v1.4.0 | MS_SQLDB | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Account Management - Review account groups assigned to 'netadmin' | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | ACCESS CONTROL |
| Account Management - Review disabled user accounts | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | ACCESS CONTROL |
| Account Management - Review disabled user accounts | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | ACCESS CONTROL |
| Change the Rekeying Timer | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | ACCESS CONTROL |
| Change the Size of the Anti-Replay Window | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | ACCESS CONTROL |
| Configure an IPsec Tunnel | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | ACCESS CONTROL |
| Configure IPsec Tunnel Parameters - cipher-suite | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | ACCESS CONTROL |
| Configure IPsec Tunnel Parameters - replay-window | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | ACCESS CONTROL |
| Content of Audit Records - Configure disk logging - enable | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Content of Audit Records - Configure disk logging - enable | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Content of Audit Records - Configure disk logging - enable | Tenable Cisco Viptela SD-WAN - vManage | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Content of Audit Records - Configure disk logging - file rotate | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Content of Audit Records - Configure disk logging - file rotate | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Content of Audit Records - Configure disk logging - file size | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Content of Audit Records - Configure disk logging - priority level | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Content of Audit Records - Configure remote syslog - priority level | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Content of Audit Records - Configure remote syslog - priority level | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Enable IKE Version 1/2 - cipher-suite | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | SYSTEM AND COMMUNICATIONS PROTECTION |
| Event Logging - Configure remote syslog - server | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Flaw Remediation - Review version of running image | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | SYSTEM AND INFORMATION INTEGRITY |
| Identification and Authentication - Use out of band authentication - AAA - audit logging | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
| Identification and Authentication - Use out of band authentication - AAA - audit logging | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
| Identification and Authentication - Use out of band authentication - AAA - audit logging | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
| Identification and Authentication - Use out of band authentication - Admin Authentication Order | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
| Identification and Authentication - Use out of band authentication - Admin Authentication Order | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
| Identification and Authentication - Use out of band authentication - Server IP | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
| Secure Name/address Resolution Service - Configure DNS servers - Primary | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | SYSTEM AND COMMUNICATIONS PROTECTION |
| Secure Name/address Resolution Service - Configure DNS servers - Primary | Tenable Cisco Viptela SD-WAN - vManage | Cisco_Viptela | SYSTEM AND COMMUNICATIONS PROTECTION |
| Secure Name/address Resolution Service - Configure DNS servers - Secondary | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | SYSTEM AND COMMUNICATIONS PROTECTION |
| Session Termination - Configure Idle CLI timeout | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | ACCESS CONTROL |
| System Backup - Enable Backups - path | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | CONTINGENCY PLANNING |
| System Use Notification - Banner Login | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | ACCESS CONTROL |
| System Use Notification - Banner Login | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | ACCESS CONTROL |
| Time Stamps - Enable NTP - remote server | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Time Stamps - Enable NTP - timezone | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
