| 1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - HTTPS | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | ACCESS CONTROL |
| 1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - HTTPS | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | ACCESS CONTROL |
| 1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - SNMP | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | ACCESS CONTROL |
| 1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - SNMP | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | ACCESS CONTROL |
| 1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - SSH | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | ACCESS CONTROL |
| 1.2.2 Ensure 'Permitted IP Addresses' is set for all management profiles where SSH, HTTPS, or SNMP is enabled - SSH | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | ACCESS CONTROL |
| 2.2.26 Ensure ldap_tls_cacert is set for LDAP - config | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 2.2.26 Ensure ldap_tls_cacert is set for LDAP - file | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 2.2.27 Ensure ldap_id_use_start_tls is set for LDAP - LDAP authentication communications. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 2.2.28 Ensure ldap_tls_reqcert is set for LDAP - LDAP communications. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 3.061 - Unencrypted remote access is permitted to system services. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 5.3.17 Ensure only strong MAC algorithms are used - MACs employing FIPS 140-2 approved cryptographic hash algorithms. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 18.9.59.3.9.5 Ensure 'Set client connection encryption level' is set to 'Enabled: High Level' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 18.9.59.3.9.5 Ensure 'Set client connection encryption level' is set to 'Enabled: High Level' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL |
| 18.9.97.2.3 Ensure 'Allow unencrypted traffic' is set to 'Disabled' - Service | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Client - AllowUnencryptedTraffic | MSCT Windows Server 1903 MS v1.19.9 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Client - AllowUnencryptedTraffic | MSCT Windows Server v20H2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Client - AllowUnencryptedTraffic | MSCT Windows 10 v1507 v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Client - AllowUnencryptedTraffic | MSCT Windows 10 1903 v1.19.9 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Service - AllowUnencryptedTraffic | MSCT Windows Server v1909 MS v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Service - AllowUnencryptedTraffic | MSCT Windows Server v2004 DC v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Service - AllowUnencryptedTraffic | MSCT Windows Server 1903 MS v1.19.9 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Service - AllowUnencryptedTraffic | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - Service - AllowUnencryptedTraffic | MSCT Windows 10 v1507 v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - WinRM Client | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
| Allow unencrypted traffic - WinRM Service | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| Big Sur - Limit SSH to FIPS 140 Validated Ciphers | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Limit SSH to FIPS 140 Validated Ciphers | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Limit SSH to FIPS 140 Validated Ciphers | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Limit SSH to FIPS 140 Validated Ciphers | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| DG0093-ORACLE11 - Remote adminstrative connections to the database should be encrypted - 'Remote admin connections are encrypted' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DG0093-ORACLE11 - Remote adminstrative connections to the database should be encrypted - all protocols use TCPS' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | ACCESS CONTROL |
| GEN003820 - The rsh daemon must not be running. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003830 - The rlogind service must not be running. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005306 - SNMP service must require a FIPS 140-2 approved hash algorithm as part of its authentication and integrity methods | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005505 - The SSH daemon must be configured to only use FIPS 140-2 approved ciphers. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005507 - SSH daemon must be configured to only use MACs employing FIPS 140-2 approved cryptographic hash algorithms | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005510 - The SSH client must be configured to only use FIPS 140-2 approved ciphers. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005512 - The SSH client must only use MACs employing FIPS 140-2 approved cryptographic hash algorithms | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows Server 1903 DC v1.19.9 | Windows | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows Server 2016 MS v1.0.0 | Windows | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows Server v20H2 DC v1.0.0 | Windows | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows Server v2004 MS v1.0.0 | Windows | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows Server 2019 DC v1.0.0 | Windows | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows 10 v1507 v1.0.0 | Windows | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows 10 1909 v1.0.0 | Windows | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
| Set client connection encryption level | MSCT Windows 10 v20H2 v1.0.0 | Windows | ACCESS CONTROL |
| WG230 W22 - Web server administration must be performed over a secure path or at the local console. | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | ACCESS CONTROL |
