| 2.1 Ensure Authentication is configured | IDENTIFICATION AND AUTHENTICATION |
| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | IDENTIFICATION AND AUTHENTICATION |
| 3.2 Ensure that MongoDB only listens for network connections on authorized interfaces | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3 Ensure that MongoDB is run using a Least Privileges, dedicated service account | ACCESS CONTROL |
| 4.1 Ensure Encryption of Data in Transit TLS/SSL (Transport Encryption) | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1 Ensure that system activity is audited | AUDIT AND ACCOUNTABILITY |
| 5.2 Ensure that audit filters are configured properly | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure that logging captures as much information as possible | AUDIT AND ACCOUNTABILITY |
| 5.4 Ensure that new entries are appended to the end of the log file | AUDIT AND ACCOUNTABILITY |
| 6.1 Ensure that MongoDB uses a non-default port | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure authentication file permissions are set correctly | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 7.2 Ensure that database file permissions are set correctly | ACCESS CONTROL, MEDIA PROTECTION |
| CIS_MongoDB_3.6_Benchmark_Level_1_OS_Windows_v1.1.0.audit from CIS MongoDB 3.6 Benchmark | |
