| 1.5 Ensure the Cassandra service is run as a non-root user | CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0 | Unix | ACCESS CONTROL |
| 1.5 Ensure the Cassandra service is run as a non-root user | CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0 | Unix | ACCESS CONTROL |
| 2.1 Enable Secure Admin Access - 'autologout.telnet.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.1 Enable Secure Admin Access - 'autologout.telnet.timeout <= 5' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.1 Enable Secure Admin Access - 'ssh.access has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1 Enable Secure Admin Access - 'ssh.access is not unlimited' | TNS NetApp Data ONTAP 7G | NetApp | |
| 2.1 Enable Secure Admin Access - 'ssh.idle.timeout <= 60' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.1 Enable Secure Admin Access - 'ssh.passwd_auth.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | IDENTIFICATION AND AUTHENTICATION |
| 2.1 Enable Secure Admin Access - 'ssh.port = 22' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.1 Enable Secure Admin Access - 'ssh.pubkey_auth.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.1 Enable Secure Admin Access - 'telnet.distinct.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| Adtran : Device Info | TNS Adtran AOS Best Practice Audit | Adtran | CONFIGURATION MANAGEMENT |
| Adtran : Device Version | TNS Adtran AOS Best Practice Audit | Adtran | CONFIGURATION MANAGEMENT |
| Ensure 'logging to monitor' is disabled - show logging | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
| Ensure 'SSH source restriction' is set to an authorized IP address | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure 'threat-detection statistics' is set to 'tcp-intercept' | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure 'TLS 1.0' is set for HTTPS access | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure /etc/hosts.allow is configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure /etc/hosts.deny is configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure bogus ICMP responses are ignored - /etc/sysctl | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure DCCP is disabled | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure DHCP services are disabled for untrusted interfaces - dhcpd | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | CONFIGURATION MANAGEMENT |
| Ensure discretionary access control permission modification events are collected - auditctl b32 setxattr | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure GDM login banner is configured - system-db | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
| Ensure ICMP is restricted for untrusted interfaces | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure ICMP redirects are not accepted - /etc/sysctl ipv4 default accept | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure IPv6 router advertisements are not accepted - /etc/sysctl ipv6 default accept | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure LDAP client is not installed - dpkg | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure LDAP Server is not enabled | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure NIS Client is not installed - zypper | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure non-default application inspection is configured correctly | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | SYSTEM AND INFORMATION INTEGRITY |
| Ensure Samba is not enabled | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure SSH LoginGraceTime is set to one minute or less | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
| Ensure SSH MaxAuthTries is set to 4 or less | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
| Ensure SSH PermitEmptyPasswords is disabled | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
| Ensure TCP SYN Cookies is enabled - sysctl | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure TCP Wrappers is installed - dpkg | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Extreme : Device Info | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | CONFIGURATION MANAGEMENT |
| Extreme : License Info | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | CONFIGURATION MANAGEMENT |
| Extreme : switch Info | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | CONFIGURATION MANAGEMENT |
| FFOX-00-000019 - Firefox private browsing must be disabled. | DISA STIG Mozilla Firefox MacOS v6r7 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000019 - Firefox private browsing must be disabled. | DISA STIG Mozilla Firefox Windows v6r7 | Windows | CONFIGURATION MANAGEMENT |
| Huawei: HTTPS Server is configured | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: HTTPS Server is not configured | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: Review Device Info/Version | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| PHTN-30-000080 - The Photon operating system must configure sshd to disable X11 forwarding. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000212 - The Photon operating system must configure Secure Shell (SSH) to disable X11 forwarding. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000085 - The Photon operating system must configure sshd to disable X11 forwarding. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-70-000019 - Lookup Service must limit the number of allowed connections. | DISA STIG VMware vSphere 7.0 Lookup Service v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : Review ABS Policy Listing | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | ACCESS CONTROL |
