| 1.1.2 - AirWatch - Enable 'Password' | AirWatch - CIS Google Android 4 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 1.1.2 - AirWatch - Enable Passcode Lock - 'Passcode Required = true' | AirWatch - CIS Apple iOS 8 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 1.1.3 - AirWatch - Enable 'Require alphanumeric value' | AirWatch - CIS Google Android 4 v1.0.0 L1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 1.1.5 - AirWatch - Remove Entries in 'Wi-Fi' | AirWatch - CIS Google Android 4 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.1.14 - AirWatch - Disable 'make passwords visible' | AirWatch - CIS Google Android 4 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 1.1.15 - AirWatch - Enable 'Encrypt phone' | AirWatch - CIS Google Android 4 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 1.2 Ensure 'Screen Lock' is set to Enabled | AirWatch - CIS Google Android 7 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 1.2.9 - AirWatch - Turn On Do Not Track | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.2.9 - AirWatch - Turn On Do Not Track | AirWatch - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.4 Ensure 'Automatically Lock' is set to 'Immediately' | AirWatch - CIS Google Android 7 v1.0.0 L1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.2.2 - AirWatch - Do Not Allow Simple Value | AirWatch - CIS Apple iOS 8 v1.0.0 L1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.2.3 - AirWatch - Require alphanumeric value | AirWatch - CIS Apple iOS 9 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 3.1.1 - AirWatch - Enable 'Require password' | AirWatch - CIS Apple iOS 8 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 3.1.2 - AirWatch - Enable 'Require alphanumeric value' | AirWatch - CIS Apple iOS 8 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 3.1.2 - AirWatch - Enable 'Require alphanumeric value' | AirWatch - CIS Apple iOS 9 v1.0.0 L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| Alertmail server not configured or this feature is not available on the device | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| Auto Backup via central management is not available or not configured. | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | CONTINGENCY PLANNING |
| Ensure 'aaa local authentication max failed attempts' is set to less than or equal to '3' | Tenable Cisco Firepower Best Practices Audit | Cisco | ACCESS CONTROL |
| Ensure 'EIGRP authentication' is enabled | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure 'HTTP session timeout' is less than or equal to '5' minutes | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure 'Image Authenticity' is correct | Tenable Cisco Firepower Best Practices Audit | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| Ensure 'logging buffer size' is greater than or equal to '524288' bytes (512kb) | Tenable Cisco Firepower Best Practices Audit | Cisco | AUDIT AND ACCOUNTABILITY |
| Ensure 'logging to monitor' is disabled | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure 'SNMP traps' is enabled - authentication | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure 'SNMP traps' is enabled - linkdown | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure 'SNMP traps' is enabled - linkup | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure 'TACACS+/RADIUS' is configured correctly - protocol | Tenable Cisco Firepower Best Practices Audit | Cisco | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| Ensure 'threat-detection statistics' is set to 'tcp-intercept' | Tenable Cisco Firepower Best Practices Audit | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure 'TLS 1.0' is set for HTTPS access | Tenable Cisco Firepower Best Practices Audit | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure 'Unused Interfaces' is disable | Tenable Cisco Firepower Best Practices Audit | Cisco | ACCESS CONTROL |
| Ensure DNS services are configured correctly - domain-lookup | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure email logging is configured for critical to emergency | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure intrusion prevention is enabled for untrusted interfaces | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure packet fragments are restricted for untrusted interfaces | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure timezone is properly configured | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| EX19-ED-000159 - Exchange must limit the Receive connector timeout. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | ACCESS CONTROL |
| Fortigate - AAA - LDAP server is trusted | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| Fortigate - AAA - RADIUS server is trusted | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| Fortigate - AAA - TACACS+ server is trusted | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| Fortigate - Review the patch update method | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| Fortigate - Review users with admin privileges | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | ACCESS CONTROL |
| Fortigate - SNMP v3 auth-priv is not enabled | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| Fortigate - SNMP v3 is not enabled | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-09-005505 - The Google Android Pie must be configured to enable audit logging. | AirWatch - DISA Google Android 9.x v2r1 | MDM | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| KNOX-07-012400 - The Samsung Android 7 with Knox must implement the management setting: Disable Allow New Admin Install. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-018200 - The Samsung must be configured to Add the MDM Client application to the Battery optimizations modes Whitelist. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| MOTO-09-006100 - The Motorola Android Pie must be configured to generate audit records for the following auditable events: detected integrity violations. | AirWatch - DISA Motorola Android Pie.x COPE v1r2 | MDM | AUDIT AND ACCOUNTABILITY |
| MOTO-09-006100 - The Motorola Android Pie must be configured to generate audit records for the following auditable events: detected integrity violations. | AirWatch - DISA Motorola Android Pie.x COBO v1r2 | MDM | AUDIT AND ACCOUNTABILITY |
| SNMP is not enabled. SNMP specific checks not performed. | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| SonicWALL - SSL Control - Detect SSLv2 | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
