| 4.2.3 Ensure that the --client-ca-file argument is set as appropriate | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Worker | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.3 Ensure that the --client-ca-file argument is set as appropriate | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Worker | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.4 (L1) Ensure 'Windows Firewall: Domain: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log' | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.1.4 (L1) Ensure 'Windows Firewall: Domain: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | AUDIT AND ACCOUNTABILITY |
| 9.1.4 (L1) Ensure 'Windows Firewall: Domain: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log' | CIS Microsoft Windows Server 2019 v4.0.0 L1 DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.4 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log' | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.4 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log' | CIS Microsoft Windows Server 2019 v4.0.0 L1 DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.4 (L1) Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.6 (L1) Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3.6 (L1) Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | AUDIT AND ACCOUNTABILITY |
| 9.3.6 (L1) Ensure 'Windows Firewall: Public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\publicfw.log' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | AUDIT AND ACCOUNTABILITY |
| 38.6 (L1) Ensure 'Enable Domain Network Firewall: Log File Path' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| 38.13 (L1) Ensure 'Enable Private Network Firewall: Log File Path' is set to '%SystemRoot%\System32\logfiles\firewall\privatefw.log' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | AUDIT AND ACCOUNTABILITY |
| Account Management - Review account groups assigned to 'netadmin' | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | ACCESS CONTROL |
| Account Management - Review account groups assigned to 'netadmin' | Tenable Cisco Viptela SD-WAN - vManage | Cisco_Viptela | ACCESS CONTROL |
| Citrix ADC - NTP - Synchronization | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | AUDIT AND ACCOUNTABILITY |
| Citrix ADC - System Parameters - FIPS mode | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | SYSTEM AND COMMUNICATIONS PROTECTION |
| Citrix ADC - System Parameters - Idle Session Timeout | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | ACCESS CONTROL |
| Citrix ADM - NTP - Synchronization | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | AUDIT AND ACCOUNTABILITY |
| Citrix ADM - SSL - Settings - TLSv1.1 | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | SYSTEM AND COMMUNICATIONS PROTECTION |
| Configure Control Plane Security Parameters | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | SYSTEM AND COMMUNICATIONS PROTECTION |
| Configure IPsec Tunnel Parameters - rekey | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | ACCESS CONTROL |
| Content of Audit Records - Configure disk logging - file rotate | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Content of Audit Records - Configure disk logging - file size | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Content of Audit Records - Configure disk logging - file size | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Content of Audit Records - Configure disk logging - priority level | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Content of Audit Records - Configure remote syslog - priority level | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Ensure 'ip verify' is set to 'reverse-path' for untrusted interfaces | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure 'logging' is enabled | Tenable Cisco Firepower Best Practices Audit | Cisco | AUDIT AND ACCOUNTABILITY |
| Ensure 'Password Policy' is enabled - minimum-length | Tenable Cisco Firepower Best Practices Audit | Cisco | IDENTIFICATION AND AUTHENTICATION |
| Ensure 'SNMP traps' is enabled - coldstart | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure 'snmp-server group' is set to 'v3 priv' | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure 'snmp-server host' is set to 'version 3' | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure 'SSH source restriction' is set to an authorized IP address | Tenable Cisco Firepower Best Practices Audit | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure known default accounts do not exist | Tenable Cisco Firepower Best Practices Audit | Cisco | IDENTIFICATION AND AUTHENTICATION |
| Event Logging - Configure remote syslog - server | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Event Logging - Configure remote syslog - server | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Flaw Remediation - Review version of running image | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | CONFIGURATION MANAGEMENT |
| Flaw Remediation - Review version of running image | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | SYSTEM AND INFORMATION INTEGRITY |
| Identification and Authentication - Use out of band authentication - AAA - audit logging | Tenable Cisco Viptela SD-WAN - vManage | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
| Identification and Authentication - Use out of band authentication - AAA - netconf logging | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
| Secure Name/address Resolution Service - Configure DNS servers - Primary | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | SYSTEM AND COMMUNICATIONS PROTECTION |
| Session Termination - Configure Idle CLI timeout | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | ACCESS CONTROL |
| Session Termination - Configure Idle CLI timeout | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | ACCESS CONTROL |
| System Backup - Enable Backups - interval | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | CONTINGENCY PLANNING |
| System Backup - Enable Backups - path | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | CONTINGENCY PLANNING |
| System Use Notification - Banner motd | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | ACCESS CONTROL |
| System Use Notification - Banner motd | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | ACCESS CONTROL |
| Time Stamps - Enable NTP - remote server | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Time Stamps - Enable NTP - timezone | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
