| 1.2.1 Ensure GPG keys are configured | CIS Fedora 28 Family Linux Workstation L1 v2.0.0 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.1 Ensure GPG keys are configured | CIS CentOS Linux 7 v4.0.0 L1 Workstation | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.1 Ensure GPG keys are configured | CIS Oracle Linux 7 v4.0.0 L1 Workstation | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.1 Ensure GPG keys are configured | CIS AlmaLinux OS 8 Server L1 v3.0.0 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.1 Ensure GPG keys are configured | CIS Amazon Linux 2 v3.0.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.1 Ensure GPG keys are configured | CIS CentOS Linux 7 v4.0.0 L1 Server | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.1 Ensure GPG keys are configured | CIS Red Hat EL8 Server L1 v3.0.0 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.1.1 Ensure GPG keys are configured | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.1.1 Ensure GPG keys are configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.1 Enable Secure Admin Access - 'httpd.timeout <= 300' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.1 Enable Secure Admin Access - 'ssh.access has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1 Enable Secure Admin Access - 'ssh.access is not unlimited' | TNS NetApp Data ONTAP 7G | NetApp | |
| 2.1.12 (L1) Ensure the connection filter IP allow list is not used | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 2.2 Disable/Modify Default Accts - 'alternate admin account has been created (snmp)' | TNS NetApp Data ONTAP 7G | NetApp | |
| 2.2.1.5 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled' | AirWatch - CIS Apple iOS 10 v2.0.0 End User Owned L2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.1.5 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled' | MobileIron - CIS Apple iOS 12 v1.0.0 End User Owned L2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4 Password Security - 'security.passwd.rules.history = 6' | TNS NetApp Data ONTAP 7G | NetApp | IDENTIFICATION AND AUTHENTICATION |
| 2.6 Logging - 'auditlog.max_file_size has been configured' | TNS NetApp Data ONTAP 7G | NetApp | AUDIT AND ACCOUNTABILITY |
| 2.7 Network & IP Options - 'ip.ping_throttle.alarm_interval >= 15' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.8 Protocol Access Controls - 'interface.blocked.mgmt_data_traffic = on' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8 Protocol Access Controls - 'interface.blocked.nfs is not blank' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8 Protocol Access Controls - 'interface.blocked.snapmirror is not blank' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1 Storage System (Hardware) Management - 'Place the interface on a management VLAN' | TNS NetApp Data ONTAP 7G | NetApp | |
| 3.1 Storage System (Hardware) Management - 'Strong Password root account' | TNS NetApp Data ONTAP 7G | NetApp | |
| 3.2 Data ONTAP (Software) Mgmt - 'Telnet login banner' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 3.2.1.10 Ensure 'Allow users to accept untrusted TLS certificates' is set to 'Disabled' | MobileIron - CIS Apple iOS 12 v1.0.0 Institution Owned L2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.8 Ensure at/cron is restricted to authorized users - at.deny does not exist | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 5.1.8 Ensure at/cron is restricted to authorized users - cron.allow | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 5.2 SnapMirror - 'replication.throttle.outgoing.max_kbs has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2 SnapMirror - 'SnapMirror protocol is disabled' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 5.4 CIFS - 'cifs.audit.autosave.onsize.threshold has been configured' | TNS NetApp Data ONTAP 7G | NetApp | AUDIT AND ACCOUNTABILITY |
| 5.4 CIFS - 'cifs.audit.liveview.enable = off' | TNS NetApp Data ONTAP 7G | NetApp | AUDIT AND ACCOUNTABILITY |
| 5.4 CIFS - 'cifs.audit.nfs.filter.filename has been configured' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 5.4 CIFS - 'cifs.guest_account is not configured' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 5.4 CIFS - 'cifs.signing.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.4 CIFS - 'cifs.smb2.durable_handle.timeout' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 5.4 CIFS - 'timed.window = 5m' | TNS NetApp Data ONTAP 7G | NetApp | AUDIT AND ACCOUNTABILITY |
| 5.5 NFS - 'nfs.v2.enable = off' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 5.5 NFS - 'nfs.v4.id.domain has been configured' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 5.5 NFS - 'wafl.default_security_style has been configured' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 5.5 NFS - 'wafl.default_unix_user has been configured' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| IBM i : Use Adopted Authority (QUSEADPAUT) - AUTH_LIST_NAME | IBM System i Security Reference for V7R2 | AS/400 | ACCESS CONTROL |
| IBM i : Use Adopted Authority (QUSEADPAUT) - AUTH_LIST_NAME | IBM System i Security Reference for V7R3 | AS/400 | ACCESS CONTROL |
| JUEX-RT-000050 - The Juniper BGP router must be configured to reject outbound route advertisements for any prefixes that do not belong to any customers or the local autonomous system (AS). | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| VBA Macro Notification Settings - vbadigsigtrustedpublishers - access | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbadigsigtrustedpublishers - word | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VBA Macro Notification Settings - vbarequirelmtrustedpublisher - visio | MSCT M365 Apps for enterprise 2312 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCLU-70-000008 - Lookup Service application files must be verified for their integrity. | DISA STIG VMware vSphere 7.0 Lookup Service v1r2 | Unix | CONFIGURATION MANAGEMENT |
| WBSP-AS-000940 - The WebSphere Application Server must remove JREs left by web server and plug-in installers in the DMZ. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WN12-CC-000019 - Remote access to the Plug and Play interface must be disabled for device installation. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
