| 2.18 Disable Mounting of cramfs Filesystems | CONFIGURATION MANAGEMENT |
| 2.19 Disable Mounting of freevxfs Filesystems | CONFIGURATION MANAGEMENT |
| 2.20 Disable Mounting of jffs2 Filesystems | CONFIGURATION MANAGEMENT |
| 2.21 Disable Mounting of hfs Filesystems | CONFIGURATION MANAGEMENT |
| 2.22 Disable Mounting of hfsplus Filesystems | CONFIGURATION MANAGEMENT |
| 2.23 Disable Mounting of squashfs Filesystems | CONFIGURATION MANAGEMENT |
| 2.24 Disable Mounting of udf Filesystems | CONFIGURATION MANAGEMENT |
| 4.5 Activate AppArmor - '0 processes unconfined' | ACCESS CONTROL |
| 4.5 Activate AppArmor - '0 profiles in complain mode' | ACCESS CONTROL |
| 4.5 Activate AppArmor - 'Profiles are loaded' - Review | ACCESS CONTROL |
| 8.1.1.1 Configure Audit Log Storage Size | AUDIT AND ACCOUNTABILITY |
| 8.1.1.2 Disable System on Audit Log Full - 'action_mail_acct is configured' | AUDIT AND ACCOUNTABILITY |
| 8.1.1.2 Disable System on Audit Log Full - 'admin_space_left_action = halt' | AUDIT AND ACCOUNTABILITY |
| 8.1.1.2 Disable System on Audit Log Full- 'space_left_action = email' | AUDIT AND ACCOUNTABILITY |
| 8.1.1.3 Keep All Auditing Information | AUDIT AND ACCOUNTABILITY |
| 8.1.2 Install and Enable auditd Service | AUDIT AND ACCOUNTABILITY |
| 8.1.3 Enable Auditing for Processes That Start Prior to auditd | AUDIT AND ACCOUNTABILITY |
| 8.1.4 Record Events That Modify Date and Time Information - '64bit adjtimex' | AUDIT AND ACCOUNTABILITY |
| 8.1.4 Record Events That Modify Date and Time Information - '64bit clock_settime' | AUDIT AND ACCOUNTABILITY |
| 8.1.4 Record Events That Modify Date and Time Information- '32bit adjtimex' | AUDIT AND ACCOUNTABILITY |
| 8.1.4 Record Events That Modify Date and Time Information- '32bit clock_settime' | AUDIT AND ACCOUNTABILITY |
| 8.1.4 Record Events That Modify Date and Time Information- 'time-change' | AUDIT AND ACCOUNTABILITY |
| 8.1.5 Record Events That Modify User/Group Information - '/etc/group' | AUDIT AND ACCOUNTABILITY |
| 8.1.5 Record Events That Modify User/Group Information - '/etc/gshadow' | AUDIT AND ACCOUNTABILITY |
| 8.1.5 Record Events That Modify User/Group Information - '/etc/passwd' | AUDIT AND ACCOUNTABILITY |
| 8.1.5 Record Events That Modify User/Group Information- '/etc/security/opasswd' | AUDIT AND ACCOUNTABILITY |
| 8.1.5 Record Events That Modify User/Group Information- '/etc/shadow' | AUDIT AND ACCOUNTABILITY |
| 8.1.6 Record Events That Modify the System's Network Environment - '/etc/hosts' | AUDIT AND ACCOUNTABILITY |
| 8.1.6 Record Events That Modify the System's Network Environment - '/etc/network' | AUDIT AND ACCOUNTABILITY |
| 8.1.6 Record Events That Modify the System's Network Environment- '/etc/issue.net' | AUDIT AND ACCOUNTABILITY |
| 8.1.6 Record Events That Modify the System's Network Environment- '/etc/issue' | AUDIT AND ACCOUNTABILITY |
| 8.1.6 Record Events That Modify the System's Network Environment- '32bit sethostname' | AUDIT AND ACCOUNTABILITY |
| 8.1.6 Record Events That Modify the System's Network Environment- '64bit sethostname' | AUDIT AND ACCOUNTABILITY |
| 8.1.7 Record Events That Modify the System's Mandatory Access Controls | AUDIT AND ACCOUNTABILITY |
| 8.1.8 Collect Login and Logout Events- '/var/log/faillog' | AUDIT AND ACCOUNTABILITY |
| 8.1.8 Collect Login and Logout Events- '/var/log/lastlog' | AUDIT AND ACCOUNTABILITY |
| 8.1.8 Collect Login and Logout Events- '/var/log/tallylog' | AUDIT AND ACCOUNTABILITY |
| 8.1.9 Collect Session Initiation Information- '/var/log/btmp' | AUDIT AND ACCOUNTABILITY |
| 8.1.9 Collect Session Initiation Information- '/var/log/wtmp' | AUDIT AND ACCOUNTABILITY |
| 8.1.9 Collect Session Initiation Information- '/var/run/utmp' | AUDIT AND ACCOUNTABILITY |
| 8.1.10 Collect Discretionary Access Control Permission Modification Events- '32bit chmod/fchmod/fchmodat' | AUDIT AND ACCOUNTABILITY |
| 8.1.10 Collect Discretionary Access Control Permission Modification Events- '32bit chown/fchown/fchownat/lchown' | AUDIT AND ACCOUNTABILITY |
| 8.1.10 Collect Discretionary Access Control Permission Modification Events- '32bit setxattr' | AUDIT AND ACCOUNTABILITY |
| 8.1.10 Collect Discretionary Access Control Permission Modification Events- '64bit chmod/fchmod/fchmodat' | AUDIT AND ACCOUNTABILITY |
| 8.1.10 Collect Discretionary Access Control Permission Modification Events- '64bit chown/fchown/fchownat/lchown' | AUDIT AND ACCOUNTABILITY |
| 8.1.10 Collect Discretionary Access Control Permission Modification Events- '64bit setxattr' | AUDIT AND ACCOUNTABILITY |
| 8.1.11 Collect Unsuccessful Unauthorized Access Attempts to Files- '32bit EACCES' | AUDIT AND ACCOUNTABILITY |
| 8.1.11 Collect Unsuccessful Unauthorized Access Attempts to Files- '32bit EPERM' | AUDIT AND ACCOUNTABILITY |
| 8.1.11 Collect Unsuccessful Unauthorized Access Attempts to Files- '64bit EACCES' | AUDIT AND ACCOUNTABILITY |
| 8.1.11 Collect Unsuccessful Unauthorized Access Attempts to Files- '64bit EPERM' | AUDIT AND ACCOUNTABILITY |
