| 2.2 Ensure Trusted Execution Path is enabled | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 2.3 Ensure Trusted Execution (TE) policies are locked | CONFIGURATION MANAGEMENT |
| 2.5 Ensure Allowlist violations are enabled | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.6 Ensure regular scans for unauthorized applications | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 3.3 Ensure there are no system 'default group' writable files (objects) | ACCESS CONTROL, MEDIA PROTECTION |
| 4.2.4 Ensure all entries in /etc/hosts.equiv are removed | ACCESS CONTROL, MEDIA PROTECTION |
| 4.2.5 Ensure that host based authentication files are not present | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.2.7 Ensure multicast routing is not in use | CONFIGURATION MANAGEMENT |
| 4.4.1.5 Ensure NFS exports use allow lists | ACCESS CONTROL, MEDIA PROTECTION |
| 4.4.1.7 Ensure secure RPC authentication is enabled | CONFIGURATION MANAGEMENT |
| 4.4.2.1 Ensure File System Level encryption is enabled | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.6.3.15 Ensure sshd PermitRootLogin is disabled | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 4.7.6 Unattended terminal session timeout is 900 seconds (or less) - readonly | ACCESS CONTROL |
| 5.2.2 Ensure minimum password age is configured | IDENTIFICATION AND AUTHENTICATION |
| 6.1.1 Ensure sudo is installed | ACCESS CONTROL |
| 6.1.2 Ensure sudo logging is active | AUDIT AND ACCOUNTABILITY |
| 6.1.3 Ensure sudo commands use pty | ACCESS CONTROL |
| 8.1.1 Ensure /audit filesystem has been created and configured | AUDIT AND ACCOUNTABILITY |
| 8.1.2 Ensure Audit bin(ary) audit event collection is configured | AUDIT AND ACCOUNTABILITY |
| 8.2.2 Ensure syslog is configured to send logs to a remote log host | AUDIT AND ACCOUNTABILITY |
| CIS_IBM_AIX_7_v1.2.0_L2.audit from CIS IBM AIX 7 v1.2.0 | |