| 1.1 Remove extraneous files and directories (CONFIG_DIR/Catalina/localhost/host-manager.xml) | CIS Apache Tomcat 7 L2 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 1.1 Remove extraneous files and directories (CONFIG_DIR/Catalina/localhost/manager.xml) | CIS Apache Tomcat 7 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1 Remove extraneous files and directories (CONFIG_DIR/Catalina/localhost/manager.xml) | CIS Apache Tomcat 7 L2 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 1.1 Remove extraneous files and directories (WEBAPP_DIR/js-examples) | CIS Apache Tomcat 7 L2 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1 Remove extraneous files and directories (WEBAPP_DIR/tomcat-docs) | CIS Apache Tomcat 7 L2 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 1.5.3 Ensure prelink is disabled | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.0 Install & Config - 'Disable FTP' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable NDMP' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable RSH' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable SNMPv1' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable TFTP' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Enable FilerView HTTPS' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1 Enable Secure Admin Access - 'autologout.telnet.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.1 Enable Secure Admin Access - 'ssh.idle.timeout <= 60' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.1 Enable Secure Admin Access - 'ssh.port = 22' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.2 Disable/Modify Default Accts - 'security.passwd.rootaccess.enable = off' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.4 Password Security - 'maximum password age <= 90' | TNS NetApp Data ONTAP 7G | NetApp | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Password Security - 'security.passwd.firstlogin.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Password Security - 'security.passwd.rules.maximum >= 14' | TNS NetApp Data ONTAP 7G | NetApp | IDENTIFICATION AND AUTHENTICATION |
| 2.7 Network & IP Options - 'ip.fastpath.enable = off' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.7 Network & IP Options - 'ip.icmp_ignore_redirect.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.8 Protocol Access Controls - 'httpd.access has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8 Protocol Access Controls - 'interface.blocked.snapmirror has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8 Protocol Access Controls - 'snmp.access has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2 Data ONTAP (Software) Mgmt - 'Set SSH login banner' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 4.3 Ensure 'Automatic Downloads' of 'App Updates' is set to 'Enabled' | AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | SYSTEM AND INFORMATION INTEGRITY |
| 4.4 Ensure 'Software Update' returns 'Your software is up to date.' | AirWatch - CIS Apple iOS 17 Institution Owned L1 | MDM | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.4 Ensure 'Software Update' returns 'Your software is up to date.' | MobileIron - CIS Apple iOS 18 v1.0.0 L1 End User Owned | MDM | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.7 Ensure 'Automatic Downloads' of 'App Updates' is set to 'Enabled' | AirWatch - CIS Apple iOS 17 Institution Owned L1 | MDM | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.7 Ensure 'Automatic Downloads' of 'App Updates' is set to 'Enabled' | AirWatch - CIS Apple iOS 18 Benchmark v1.0.0 L1 End User Owned | MDM | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.7 Ensure 'Automatic Downloads' of 'App Updates' is set to 'Enabled' | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 End User Owned | MDM | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 5.1 MultiStore - 'MultiStore protocol is disabled' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 5.2 SnapMirror - 'replication.throttle.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2 SnapMirror - 'snapmirror.allow file should be reviewed' | TNS NetApp Data ONTAP 7G | NetApp | |
| 5.3 SnapVault - 'SnapVault protocol is disabled' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 5.4 CIFS - 'cifs.audit.autosave.ontime.interval has been configured' | TNS NetApp Data ONTAP 7G | NetApp | AUDIT AND ACCOUNTABILITY |
| 5.4 CIFS - 'cifs.LMCompatibilityLevel <= 3' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 5.4 CIFS - 'cifs.smb2.signing.required = on' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.4 CIFS - 'dns.update.enable = on or secure' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.4 CIFS - 'ldap.security.level = 1 or 2' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.4 CIFS - 'ldap.ssl.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.4 CIFS - 'timed.servers has been configured' | TNS NetApp Data ONTAP 7G | NetApp | AUDIT AND ACCOUNTABILITY |
| 5.5 NFS - 'nfs.kerberos.file_keytab.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.5 NFS - 'nfs.kerberos.principal has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.5 NFS - 'nfs.v4.write_delegation = on' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 5.5 NFS - 'wafl.nt_admin_priv_map_to_root = on' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| Control which extensions cannot be installed | MSCT Microsoft Edge Version 79 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| DB2X-00-005300 - In the event of a system failure, DB2 must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes - Recovery Plan | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Windows | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbawarnings - access | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCST-70-000008 - The Security Token Service application files must be verified for their integrity. | DISA STIG VMware vSphere 7.0 STS Tomcat v1r2 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
