| 2.4 Ensure an industry standard authentication mechanism is used - authenticationMechanisms | CONFIGURATION MANAGEMENT |
| 2.4 Ensure an industry standard authentication mechanism is used - authorization | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - clusterAuthMode | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - mode | IDENTIFICATION AND AUTHENTICATION |
| 5.3 Ensure that logging captures as much information as possible | AUDIT AND ACCOUNTABILITY |
| 5.4 Ensure that new entries are appended to the end of the log file | AUDIT AND ACCOUNTABILITY |
| 6.3 Ensure that operating system resource limits are set for MongoDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.4 Ensure that server-side scripting is disabled if not needed | CONFIGURATION MANAGEMENT |
| 6.5 Ensure that the HTTP interface is disabled | CONFIGURATION MANAGEMENT |
| 6.6 Ensure that JSONP access via an HTTP interface is disabled | CONFIGURATION MANAGEMENT |
| 6.7 Ensure that the REST API is disabled | CONFIGURATION MANAGEMENT |
| CIS_MongoDB_Benchmark_Level_2_OS_Windows_v1.0.0.audit from CIS MongoDB Benchmark v1.0.0 | |
