The increasing proliferation of distributed energy resources (DERs) on the smart grid has made distributed solar and wind two key contributors to the expanding attack surface of the network; however, there is a lack of proper understanding and enforcement of DER communications security requirements. With vendors employing proprietary methods to mitigate hosts of attacks, the literature currently lacks a clear organization of the protocol-level vulnerabilities, attacks, and solutions mapped to each layer of the logical model such as the OSI stack. To bridge this gap and pave the way for future research by the authors in determining key DER security requirements, this paper conducts a comprehensive review of the key vulnerabilities, attacks, and potential solutions for solar and wind DERs at the protocol level. In doing so, this paper serves as a starting point for utilities, vendors, aggregators, and other industry stakeholders to develop a clear understanding of the DER security challenges and solutions, which are key precursors to comprehending security requirements.