| 2.18 Disable Mounting of cramfs Filesystems | CONFIGURATION MANAGEMENT |
| 2.19 Disable Mounting of freevxfs Filesystems | CONFIGURATION MANAGEMENT |
| 2.20 Disable Mounting of jffs2 Filesystems | CONFIGURATION MANAGEMENT |
| 2.21 Disable Mounting of hfs Filesystems | CONFIGURATION MANAGEMENT |
| 2.22 Disable Mounting of hfsplus Filesystems | CONFIGURATION MANAGEMENT |
| 2.23 Disable Mounting of squashfs Filesystems | CONFIGURATION MANAGEMENT |
| 2.24 Disable Mounting of udf Filesystems | CONFIGURATION MANAGEMENT |
| 4.5 Activate AppArmor | |
| 4.5 Activate AppArmor - GRUB_CMDLINE_LINUX - 0 processes are unconfirmed | ACCESS CONTROL |
| 4.5 Activate AppArmor - GRUB_CMDLINE_LINUX - 0 profiles are in complain mode | ACCESS CONTROL |
| 4.5 Activate AppArmor - GRUB_CMDLINE_LINUX - apparmor=1 | ACCESS CONTROL |
| 4.5 Activate AppArmor - GRUB_CMDLINE_LINUX - security=apparmor | ACCESS CONTROL |
| 4.5 Activate AppArmor - profiles are loaded | ACCESS CONTROL |
| 8.1.1.1 Configure Audit Log Storage Size | AUDIT AND ACCOUNTABILITY |
| 8.1.1.2 Disable System on Audit Log Full - action_mail_acct = root | AUDIT AND ACCOUNTABILITY |
| 8.1.1.2 Disable System on Audit Log Full - admin_space_left_action = halt | AUDIT AND ACCOUNTABILITY |
| 8.1.1.2 Disable System on Audit Log Full - space_left_action = email | AUDIT AND ACCOUNTABILITY |
| 8.1.1.3 Keep All Auditing Information | AUDIT AND ACCOUNTABILITY |
| 8.1.2 Install and Enable auditd Service | AUDIT AND ACCOUNTABILITY |
| 8.1.3 Enable Auditing for Processes That Start Prior to auditd | AUDIT AND ACCOUNTABILITY |
| 8.1.4 Record Events That Modify Date and Time Information - 32 bit adjtimex | AUDIT AND ACCOUNTABILITY |
| 8.1.4 Record Events That Modify Date and Time Information - 32 bit clock_settime | AUDIT AND ACCOUNTABILITY |
| 8.1.4 Record Events That Modify Date and Time Information - 64 bit adjtimex | AUDIT AND ACCOUNTABILITY |
| 8.1.4 Record Events That Modify Date and Time Information - 64 bit clock_settime | AUDIT AND ACCOUNTABILITY |
| 8.1.4 Record Events That Modify Date and Time Information - time-change | AUDIT AND ACCOUNTABILITY |
| 8.1.5 Record Events That Modify User/Group Information - /etc/group | AUDIT AND ACCOUNTABILITY |
| 8.1.5 Record Events That Modify User/Group Information - /etc/gshadow | AUDIT AND ACCOUNTABILITY |
| 8.1.5 Record Events That Modify User/Group Information - /etc/passwd | AUDIT AND ACCOUNTABILITY |
| 8.1.5 Record Events That Modify User/Group Information - /etc/security/opasswd | AUDIT AND ACCOUNTABILITY |
| 8.1.5 Record Events That Modify User/Group Information - /etc/shadow | AUDIT AND ACCOUNTABILITY |
| 8.1.6 Record Events That Modify the System's Network Environment - /etc/hosts | AUDIT AND ACCOUNTABILITY |
| 8.1.6 Record Events That Modify the System's Network Environment - /etc/issue | AUDIT AND ACCOUNTABILITY |
| 8.1.6 Record Events That Modify the System's Network Environment - /etc/issue.net | AUDIT AND ACCOUNTABILITY |
| 8.1.6 Record Events That Modify the System's Network Environment - /etc/network | AUDIT AND ACCOUNTABILITY |
| 8.1.6 Record Events That Modify the System's Network Environment - 32 bit system-locale | AUDIT AND ACCOUNTABILITY |
| 8.1.6 Record Events That Modify the System's Network Environment - 64 bit system-locale | AUDIT AND ACCOUNTABILITY |
| 8.1.7 Record Events That Modify the System's Mandatory Access Controls | AUDIT AND ACCOUNTABILITY |
| 8.1.8 Collect Login and Logout Events - /var/log/faillog | AUDIT AND ACCOUNTABILITY |
| 8.1.8 Collect Login and Logout Events - /var/log/lastlog | AUDIT AND ACCOUNTABILITY |
| 8.1.8 Collect Login and Logout Events - /var/log/tallylog | AUDIT AND ACCOUNTABILITY |
| 8.1.9 Collect Session Initiation Information - /var/log/btmp | AUDIT AND ACCOUNTABILITY |
| 8.1.9 Collect Session Initiation Information - /var/log/wtmp | AUDIT AND ACCOUNTABILITY |
| 8.1.9 Collect Session Initiation Information - /var/run/utmp | AUDIT AND ACCOUNTABILITY |
| 8.1.10 Collect Discretionary Access Control Permission Modification Events - 32 bit chmod | AUDIT AND ACCOUNTABILITY |
| 8.1.10 Collect Discretionary Access Control Permission Modification Events - 32 bit chown | AUDIT AND ACCOUNTABILITY |
| 8.1.10 Collect Discretionary Access Control Permission Modification Events - 32 bit setxattr | AUDIT AND ACCOUNTABILITY |
| 8.1.10 Collect Discretionary Access Control Permission Modification Events - 64 bit chmod | AUDIT AND ACCOUNTABILITY |
| 8.1.10 Collect Discretionary Access Control Permission Modification Events - 64 bit chown | AUDIT AND ACCOUNTABILITY |
| 8.1.10 Collect Discretionary Access Control Permission Modification Events - 64 bit setxattr | AUDIT AND ACCOUNTABILITY |
| 8.1.11 Collect Unsuccessful Unauthorized Access Attempts to Files - 32 bit EACCES | AUDIT AND ACCOUNTABILITY |
