| 1.2.3 Ensure 'Failover' is enabled | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.2.4 Ensure 'Unused Interfaces' is disable | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.6.3 Ensure 'RSA key pair' is greater than or equal to 2048 bits | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.6.4 Ensure 'SCP protocol' is set to Enable for files transfers | CIS Cisco ASA 9.x Firewall L2 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.7.1 Ensure 'HTTP source restriction' is set to an authorized IP address | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.8.3 Ensure 'HTTP idle timeout' is less than or equal to '5' minutes | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.8.3 Ensure 'HTTP idle timeout' is less than or equal to '5' minutes | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.8.3 Ensure 'HTTP session timeout' is less than or equal to '5' minutes | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.10.3 Ensure 'logging to monitor' is disabled | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.11.2 Ensure 'snmp-server user' is set to 'v3 auth SHA' | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.11.4 Ensure 'SNMP traps' is enabled - authentication | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.11.4 Ensure 'SNMP traps' is enabled - linkdown | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 1.11.5 Ensure 'SNMP community string' is not the default string | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 2.1.1 Ensure 'RIP authentication' is enabled | CIS Cisco ASA 9.x Firewall L2 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 2.3 Ensure 'DNS Guard' is enabled | CIS Cisco ASA 9.x Firewall L2 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 2.4 Ensure DHCP services are disabled for untrusted interfaces - dhcpd | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 2.4.2 Ensure 'Snapshot' is set | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | CONFIGURATION MANAGEMENT |
| 2.5 Ensure ICMP is restricted for untrusted interfaces | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.1 Ensure DNS services are configured correctly - domain-lookup | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.1 Ensure DNS services are configured correctly - name-server | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.2 Ensure intrusion prevention is enabled for untrusted interfaces | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.2.1.1 Configure RA Guard - interfaces | CIS Cisco NX-OS L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.2.1.1 Configure RA Guard - policy | CIS Cisco NX-OS L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.2.3 Disable Proxy ARP on all Layer 3 Interfaces | CIS Cisco NX-OS L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.4 Ensure non-default application inspection is configured correctly | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.5.1 Basic Fiber Channel Configuration | CIS Cisco NX-OS L2 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.6 Ensure no Allow Rule with Any in Source filed present in the Firewall Rules | CIS Check Point Firewall L2 v1.1.0 | CheckPoint | CONFIGURATION MANAGEMENT |
| 3.7 Ensure 'ip verify' is set to 'reverse-path' for untrusted interfaces | CIS Cisco ASA 9.x Firewall L1 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 3.7 Ensure no Allow Rule with Any in Services filed present in the Firewall Rules | CIS Check Point Firewall L2 v1.1.0 | CheckPoint | CONFIGURATION MANAGEMENT |
| 3.11 Ensure Java applet filtering is enabled | CIS Cisco ASA 9.x Firewall L2 v1.0.0 | Cisco | CONFIGURATION MANAGEMENT |
| 4.1.9 Ensure that the kubelet --config configuration file has permissions set to 600 or more restrictive | CIS RedHat OpenShift Container Platform 4 v1.2.0 L1 | OpenShift | CONFIGURATION MANAGEMENT |
| 5.5.7 Ensure Secure Boot for Shielded GKE Nodes is Enabled | CIS Google Kubernetes Engine (GKE) v1.3.0 L2 | GCP | CONFIGURATION MANAGEMENT |
| 18.8.21.2 Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Microsoft Windows 10 Enterprise v1.12.0 L1 + NG | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.2 Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Microsoft Windows Server 2019 DC L1 v1.3.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.2 Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.2 Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Microsoft Windows 10 Enterprise v1.12.0 L1 + BL | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.2 Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.2 Ensure 'Configure registry policy processing: Do not apply during periodic background processing' is set to 'Enabled: FALSE' | CIS Windows Server 2012 R2 DC L1 v2.6.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.2 Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.3 Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.3 Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE' | CIS Microsoft Windows Server 2016 MS L1 v1.4.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.3 Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE' | CIS Microsoft Windows 10 Enterprise v1.12.0 L1 + BL | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.3 Ensure 'Configure registry policy processing: Process even if the Group Policy objects have not changed' is set to 'Enabled: TRUE' | CIS Windows Server 2012 R2 DC L1 v2.6.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.3 Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled' | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.3 Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.4 Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.4 Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled' | CIS Windows Server 2012 R2 MS L1 v2.6.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.4 Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.8.21.4 Ensure 'Turn off background refresh of Group Policy' is set to 'Disabled' - Disabled | CIS Windows Server 2012 DC L1 v2.4.0 | Windows | CONFIGURATION MANAGEMENT |
| VM : use-vm-templates | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
