| 3.1.1 Disable IPv6 - sysctl all | CIS Debian Family Server L2 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.1 Disable IPv6 - sysctl all | CIS Debian Family Workstation L2 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.1 Disable IPv6 - sysctl default | CIS Debian Family Workstation L2 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.1 Disable IPv6 - sysctl default | CIS Debian Family Server L2 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2 Disable the Shutdown port | CIS Apache Tomcat 11 v1.0.0 L2 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2 Disable the Shutdown port | CIS Apache Tomcat 10.1 v1.1.0 L2 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3.2 Ensure that all Namespaces have Network Policies defined | CIS Google Kubernetes Engine (GKE) v1.7.0 L2 | GCP | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.22 sqlnet.ora - 'Set tcp.excluded_nodes to valid values' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.14 Ensure a secure Data Filtering profile is applied to all security policies allowing traffic to or from the Internet | CIS Palo Alto Firewall 11 v1.1.0 L1 | Palo_Alto | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.97.2.4 Ensure 'Disallow WinRM from storing RunAs credentials' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Apply local connection security rules - Private Profile | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Enable Firewall Logging | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Enable Firewall Logging | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS Control 12 (12.4(b)) Deny Communications Over Unauthorized Ports | CAS Implementation Group 1 Audit File | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'Active Directory All blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'CIM Secure Server allowed' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'CIM SLP allowed' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'DHCP Client allowed' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'DHCPv6 blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'DVFilter blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'DVSSync blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'Fault Tolerance blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'gdbserver blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'HBR allowed' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'httpClient blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'IKED blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'NFC allowed' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'NFS Client blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'NTP Client blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'SNMP Server allowed' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'Software iSCSI Client blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'SSH Client blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'syslog blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'VM serial port connected over network blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'VM serial port connected to vSPC blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'VMware vCenter Agent allowed' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'vSphere Client allowed' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'vSphere High Availability Agent blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'vSphere Web Access allowed' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'WOL allowed' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| Firewall State - Private Profile | MSCT Windows Server v2004 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Firewall State - Private Profile | MSCT Windows Server 2016 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Firewall State - Public Profile | MSCT Windows 10 v21H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Firewall State - Public Profile | MSCT Windows Server 1903 DC v1.19.9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Firewall State - Public Profile | MSCT Windows Server v1909 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Firewall State - Public Profile | MSCT Windows Server v2004 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Firewall State - Public Profile | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Enable Firewall Logging | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION |
| MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (Protects against packet spoofing) | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| vNetwork : reject-mac-changes - 'PortGroup' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
