| 1.4.3.3 Ensure 'aaa authentication secure-http-client' is configured correctly | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | ACCESS CONTROL |
| 2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.3.8.1 (L1) Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.8.1 (L1) Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 2.3.8.1 (L1) Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.8.1 (L1) Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.8.1 (L1) Ensure 'Microsoft network client: Digitally sign communications (always)' is set to 'Enabled' | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.3 Ensure that the --client-ca-file argument is set as appropriate | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Worker | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.3 Ensure that the --client-ca-file argument is set as appropriate | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Worker | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.3 Ensure that the --client-ca-file argument is set as appropriate | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Worker | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.1.3 Ensure journald is configured to send logs to rsyslog | CIS Amazon Linux 2023 Server L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 18.8.22.1.11 (L2) Ensure 'Turn off the Windows Messenger Customer Experience Improvement Program' is set to 'Enabled' | CIS Microsoft Windows Server 2008 Domain Controller Level 2 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.22.1.12 (L2) Ensure 'Turn off the Windows Messenger Customer Experience Improvement Program' is set to 'Enabled' | CIS Microsoft Windows Server 2008 R2 Member Server Level 2 v3.3.1 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.22.1.12 (L2) Ensure 'Turn off the Windows Messenger Customer Experience Improvement Program' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L2 | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT |
| 18.8.22.1.12 Ensure 'Turn off the Windows Messenger Customer Experience Improvement Program' is set to 'Enabled' | CIS Windows 7 Workstation Level 2 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.22.1.12 Ensure 'Turn off the Windows Messenger Customer Experience Improvement Program' is set to 'Enabled' | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.11 (L2) Ensure 'Turn off the Windows Messenger Customer Experience Improvement Program' is set to 'Enabled' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.11 (L2) Ensure 'Turn off the Windows Messenger Customer Experience Improvement Program' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v3.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.11 (L2) Ensure 'Turn off the Windows Messenger Customer Experience Improvement Program' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v3.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.11 (L2) Ensure 'Turn off the Windows Messenger Customer Experience Improvement Program' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.11 (L2) Ensure 'Turn off the Windows Messenger Customer Experience Improvement Program' is set to 'Enabled' | CIS Windows Server 2012 R2 DC L2 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.11 Ensure 'Turn off the Windows Messenger Customer Experience Improvement Program' is set to 'Enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.11 Ensure 'Turn off the Windows Messenger Customer Experience Improvement Program' is set to 'Enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| Account Management - Review account groups assigned to 'netadmin' | Tenable Cisco Viptela SD-WAN - vManage | Cisco_Viptela | ACCESS CONTROL |
| Citrix ADC - NTP - Synchronization | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | AUDIT AND ACCOUNTABILITY |
| Citrix ADC - System Parameters - FIPS mode | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | SYSTEM AND COMMUNICATIONS PROTECTION |
| Citrix ADC - System Parameters - Idle Session Timeout | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | ACCESS CONTROL |
| Citrix ADM - NTP - Synchronization | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | AUDIT AND ACCOUNTABILITY |
| Citrix ADM - SSL - Settings - TLSv1.1 | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | SYSTEM AND COMMUNICATIONS PROTECTION |
| Citrix ADM - System Settings - Session Timeout | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | ACCESS CONTROL |
| Configure Control Plane Security Parameters | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | SYSTEM AND COMMUNICATIONS PROTECTION |
| Content of Audit Records - Configure disk logging - file size | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Content of Audit Records - Configure remote syslog - priority level | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Disable the Office client from polling the SharePoint Server for published links | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Ensure 'console session timeout' is less than or equal to '5' minutes | Tenable Cisco Firepower Best Practices Audit | Cisco | ACCESS CONTROL |
| Ensure 'Failover' is enabled | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure 'noproxyarp' is enabled for untrusted interfaces | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure DHCP services are disabled for untrusted interfaces - dhcprelay | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure non-default application inspection is configured correctly | Tenable Cisco Firepower Best Practices Audit | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| ESXI-06-000045 - The system must enable a persistent log location for all locally stored logs. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | AUDIT AND ACCOUNTABILITY |
| Event Logging - Configure remote syslog - server | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| Flaw Remediation - Review version of running image | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | SYSTEM AND INFORMATION INTEGRITY |
| Identification and Authentication - Use out of band authentication - AAA - audit logging | Tenable Cisco Viptela SD-WAN - vManage | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
| Identification and Authentication - Use out of band authentication - AAA - netconf logging | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | IDENTIFICATION AND AUTHENTICATION |
| Session Termination - Configure Idle CLI timeout | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | ACCESS CONTROL |
| System Backup - Enable Backups - path | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | CONTINGENCY PLANNING |
| System Use Notification - Banner motd | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | ACCESS CONTROL |
| System Use Notification - Banner motd | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | ACCESS CONTROL |
| Time Stamps - Enable NTP - timezone | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000500 - The Application event log size must be configured to 32768 KB or greater. | DISA Microsoft Windows 10 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
