| 1.1.6 Ensure /dev/shm is configured - /etc/fstab | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.8 Ensure nodev option set on /dev/shm partition | CIS Fedora 19 Family Linux Workstation L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.11 Ensure separate partition exists for /var/tmp | CIS Fedora 19 Family Linux Workstation L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.17 Ensure separate partition exists for /home | CIS Fedora 19 Family Linux Workstation L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.18 Ensure nodev option set on /home partition | CIS Fedora 19 Family Linux Workstation L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.22 Ensure sticky bit is set on all world-writable directories | CIS Fedora 19 Family Linux Workstation L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.3 Enable TCP Wrappers and a host based firewall (inetd_enable) | CIS FreeBSD v1.0.5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.3 Enable TCP Wrappers and a host based firewall (inetd_flags) | CIS FreeBSD v1.0.5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.3 Enable TCP Wrappers and a host based firewall (ipfw_load) | CIS FreeBSD v1.0.5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2 Ensure 'Protect RE' Firewall Filter includes explicit terms for all Management Services | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4 Ensure 'Protect RE' Firewall Filter includes explicit terms for all Protocols | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.10.1 - TCP Wrappers - installing TCP Wrappers - 'netsec.options.idprotocol is installed' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.1.4 Ensure firewall rules exist for all open ports | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.2.3 Ensure firewall rules exist for all open ports | CIS SUSE Linux Enterprise 12 v3.2.1 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.3.2.4 Ensure firewall rules exist for all open ports | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.21 sqlnet.ora - 'Set tcp.invited_nodes to valid values' | CIS v1.1.0 Oracle 11g OS L2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.1.10 Ensure no world writable files exist | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| Apply local connection security rules | MSCT Windows 10 v1507 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Apply local connection security rules | MSCT Windows 10 1903 v1.19.9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Apply local connection security rules | MSCT Windows 10 1803 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Apply local connection security rules | MSCT Windows 10 v2004 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Apply local connection security rules | MSCT Windows 10 v20H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Apply local connection security rules | MSCT Windows 10 v21H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Apply local connection security rules - Domain Profile | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Apply local connection security rules - Private Profile | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Apply local connection security rules - Public Profile | MSCT Windows 10 1809 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Apply local connection security rules - Public Profile | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall Policy | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall Policy | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| Firewall State - Private Profile | MSCT Windows Server v20H2 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Firewall State - Private Profile | MSCT Windows 10 1909 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Firewall State - Private Profile | MSCT Windows Server v2004 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Firewall State - Private Profile | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Firewall State - Private Profile | MSCT Windows Server 2019 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Firewall State - Public Profile | MSCT Windows Server 1903 MS v1.19.9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Firewall State - Public Profile | MSCT Windows Server 2016 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Firewall State - Public Profile | MSCT Windows 10 1909 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Firewall State - Public Profile | MSCT Windows 10 1809 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Firewall State - Public Profile | MSCT Windows 10 v2004 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Firewall State - Public Profile | MSCT Windows Server 2016 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Firewall State - PublicProfile | MSCT Windows 10 1803 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (Protects against packet spoofing) | MSCT Windows 10 1803 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| MSS: (DisableIPSourceRouting IPv6) IP source routing protection level (Protects against packet spoofing) | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes | MSCT Windows Server 2016 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes | MSCT Windows 10 1803 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Only allow access to required network services | TNS Citrix Hypervisor | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| vNetwork : reject-forged-transmit - 'PortGroup' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| vNetwork : reject-promiscuous-mode - 'PortGroup' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| vNetwork : reject-promiscuous-mode - 'vSwitch' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| XenServer - Only allow access to required network services | TNS Citrix XenServer | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
