| 1.1.4.1.1 Ensure select data center regions for meetings/webinars hosted by your account is set to enabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.2 Use the updated Linux Kernel | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.12 Disable chargen-dgram | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.15 Disable daytime-stream | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.17 Disable echo-stream | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.2 Set LogLevel to INFO | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.4 Disable SSH X11 Forwarding | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.5 Set SSH MaxAuthTries to 4 or Less | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 6.2.6 Set SSH IgnoreRhosts to Yes | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.8 Disable SSH Root Login | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 6.2.10 Do Not Allow Users to Set Environment Options - PermitUserEnvironment no | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 6.4 Restrict root Login to System Console | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 7.1 (L2) Virtual machines must enable Secure Boot | CIS VMware ESXi 8.0 v1.2.0 L2 | VMware | CONFIGURATION MANAGEMENT, MAINTENANCE |
| ALMA-09-006950 - The AlmaLinux OS 9 debug-shell systemd service must be disabled. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| Disable promiscuous mode on all network interfaces | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| Disallow unplug detection on the storage network interface | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| Enable only necessary and secure services, protocols, daemons - 'lwsmd' | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| Ensure IP forwarding is disabled | TNS Citrix Hypervisor | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| HP ProCurve - 'Configure Management VLAN' | TNS HP ProCurve | HPProCurve | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| HP ProCurve - 'Disable SNMPv2' | TNS HP ProCurve | HPProCurve | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| HP ProCurve - 'Disable Telnet' | TNS HP ProCurve | HPProCurve | CONFIGURATION MANAGEMENT |
| HP ProCurve - 'Disable TFTP client' | TNS HP ProCurve | HPProCurve | CONFIGURATION MANAGEMENT |
| HP ProCurve - 'Enable ARP protection' | TNS HP ProCurve | HPProCurve | SYSTEM AND COMMUNICATIONS PROTECTION |
| HP ProCurve - 'Enable HTTPS' | TNS HP ProCurve | HPProCurve | SYSTEM AND COMMUNICATIONS PROTECTION |
| HP ProCurve - 'Enable SFTP' | TNS HP ProCurve | HPProCurve | SYSTEM AND COMMUNICATIONS PROTECTION |
| HP ProCurve - 'Privilege mode is configured' | TNS HP ProCurve | HPProCurve | IDENTIFICATION AND AUTHENTICATION |
| HP ProCurve - 'Secure Management VLAN is configured' | TNS HP ProCurve | HPProCurve | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| HP ProCurve - 'Secure Management VLAN is enabled' | TNS HP ProCurve | HPProCurve | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| Management Services Security - Community strings and USM passwords should be difficult to guess and should follow a policy - community | Juniper Hardening JunOS 12 Devices Checklist | Juniper | IDENTIFICATION AND AUTHENTICATION |
| O121-OS-011200 - The OS must limit privileges to change the DBMS software resident within software libraries (including privileged programs). | DISA STIG Oracle 12c v3r2 Linux | Unix | CONFIGURATION MANAGEMENT |
| Snapshots are not present | TNS Citrix Hypervisor | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - AAA - RADIUS server is trusted | TNS SonicWALL v5.9 | SonicWALL | CONFIGURATION MANAGEMENT |
| SonicWALL - AV License - Not Licensed | TNS SonicWALL v5.9 | SonicWALL | CONFIGURATION MANAGEMENT |
| SonicWALL - Content Filtering On - LAN | TNS SonicWALL v5.9 | SonicWALL | ACCESS CONTROL |
| SonicWALL - Disable insecure services - HTTP | TNS SonicWALL v5.9 | SonicWALL | |
| SonicWALL - Flood Protection - Layer 2 - Threshold | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Flood Protection - Layer 2 - WAN machines | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Flood Protection - TCP - Enforce compliance | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Flood Protection - TCP - Max Seg Lifetime | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Log Alert Emails - Enabled | TNS SonicWALL v5.9 | SonicWALL | AUDIT AND ACCOUNTABILITY |
| SonicWALL - Login Banner - Wireless Zone | TNS SonicWALL v5.9 | SonicWALL | ACCESS CONTROL |
| SonicWALL - Use non default admin access ports - 'SSH' | TNS SonicWALL v5.9 | SonicWALL | CONFIGURATION MANAGEMENT |
| SonicWALL - User Inactivity Timeout - 5 minutes or less | TNS SonicWALL v5.9 | SonicWALL | ACCESS CONTROL |
| Use a static IP on the management network interface | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| XenServer - Enable only necessary and secure services, protocols, daemons - 'sshd' | TNS Citrix XenServer | Unix | CONFIGURATION MANAGEMENT |
| XenServer - Enable port locking by default on the VM guest network | TNS Citrix XenServer | Unix | |
| XenServer - Enable remote syslog | TNS Citrix XenServer | Unix | AUDIT AND ACCOUNTABILITY |
| XenServer - Ensure IP forwarding is disabled | TNS Citrix XenServer | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| XenServer - Identify a network interface to be used for storage access | TNS Citrix XenServer | Unix | CONFIGURATION MANAGEMENT |
| XenServer - Install a trusted CA certificate on the pool | TNS Citrix XenServer | Unix | |
