The document discusses three items related to enabled ports on cyber assets and electronic access points: 1) Documentation of the need for all enabled ports, individually or by group; 2) Listings of listening ports from configuration files, command output, or network scans; 3) Configuration files of host-based firewalls or other mechanisms that only allow needed ports and deny all others.