| 💼 3.1 Ensure That the Default Network Does Not Exist in a Project - Level 2 (Automated) | | | 1 | | no data |
| 💼 3.2 Ensure Legacy Networks Do Not Exist for Older Projects - Level 1 (Automated) | | | 1 | | no data |
| 💼 3.3 Ensure That DNSSEC Is Enabled for Cloud DNS - Level 1 (Automated) | | | 1 | | no data |
| 💼 3.4 Ensure That RSASHA1 Is Not Used for the Key-Signing Key in Cloud DNS DNSSEC - Level 1 (Automated) | | | 1 | | no data |
| 💼 3.5 Ensure That RSASHA1 Is Not Used for the Zone-Signing Key in Cloud DNS DNSSEC - Level 1 (Automated) | | | 1 | | no data |
| 💼 3.6 Ensure That SSH Access Is Restricted From the Internet - Level 2 (Automated) | | | 1 | | no data |
| 💼 3.7 Ensure That RDP Access Is Restricted From the Internet - Level 2 (Automated) | | | 1 | | no data |
| 💼 3.8 Ensure VPC Service Controls Is Enabled for Supported Google Cloud Services - Level 2 (Manual) | | | 1 | | no data |
| 💼 3.9 Ensure Private Service Connect is Used for Access to Google APIs - Level 2 (Manual) | | | 1 | | no data |
| 💼 3.10 Ensure that VPC Flow Logs is Enabled for Every Subnet in a VPC Network - Level 2 (Automated) | | | 1 | | no data |
| 💼 3.11 Ensure No HTTPS or SSL Proxy Load Balancers Permit SSL Policies With Weak Cipher Suites - Level 1 (Manual) | | | 1 | | no data |
| 💼 3.12 Use Identity Aware Proxy (IAP) to Ensure Only Traffic From Google IP Addresses are 'Allowed' - Level 2 (Manual) | | | 1 | | no data |