Includes all the checks from the L4 Unix Server policy, and adds checks for configurations that will provide information useful to an attacker, signs that a server may be misconfigured, or for risks that require very high levels of expertise by attackers.
This policy also tests for those Denial of Service situations that can be tested safely, by using checks that will not result in a Denial of Service situation. ISS recommends using this policy when scanning any Unix server in a DMZ, with the exception of Unix Web servers (there is a separate policy for these systems).