Some hardening settings have been removed with the release of Security Center baseline version 4.0.

• LDAP Initial Password
• Mobile Offline Roles
• Restrict Access to Critical Data through Zero Trust Access Policies (Plugin Applicability: Adaptive Authentication)
• Read Only Tables Allowlist For Write
• Allowed JDBC Probe Operations (Plugin Applicability: MID Server)
• Set Allowed Domains which Create Users from Incoming Emails
• Set Complex "Default" Password
• Accessible Properties in GraphQL Allowlist
• Cross Origin Messaging Allowlist
• Limit Attachment Size in Training and Prediction Flows for GraphQL Enpoints (Plugin Applicability: Platform Document Intelligence)
• Edit Content Roles Allowlist (Plugin Applicability: Communities)
• Ensure Database Queries Do Not Trigger a OutofMemory Exception Due to Query Size
• Role Allowlist for Script Execution
• Downloadable File Type Allowlist
• Read Only Tables Allowlist For Delete
• Enforce Authentication for Roleless ACL
• Minimize LDAP One-Time Token Expiry Time
• Allow Only Trusted IP Addresses for Authentication
• Set Mobile Password Reset URL
• Password Complexity of Service Accounts (Plugin Applicability: Service Bridge)
• Notify Users During Password Reset/Change Process
• Enforce Application Scope Restrictions
• Access Control Requirements (Plugin Applicability: Communities)
• Record History Access Role Allowlist
• Restrict Role Access for Attachments
• Only Allow PDFs from Predefined List of Trusted URLs
• Prevent Emailing One-Time Password During LDAP Server Outage
• Convert Inbound Email Images to Attachments
• Review Extraneous Explicit Role Access Control Condition