| 1.1.16 Ensure separate partition exists for /var/log/audit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.3.5 Ensure AIDE is configured to use FIPS 140-2 - installed | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 2.2.2 Ensure X11 Server components are not installed - rpm | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 2.2.24 Ensure NFS is configured to use RPCSEC_GSS - NFS is configured to use RPCSEC_GSS. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 2.021 - Remove Software Certificate Installation Files | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure IP forwarding is disabled - config | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 3.003 - System pagefile is cleared upon shutdown. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 3.013 - Caching of logon credentials must be limited. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 3.047 - The Smart Card removal option is set to take no action. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 3.048 - The Recovery Console SET command must be disabled. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 3.054 - Users are not warned in advance that their passwords will expire. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 3.062 - Anonymous SID/Name translation is allowed. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 3.088 - The system is not configured to use Safe DLL Search Mode. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 3.119 - The system is configured to allow the display of the last user name on the logon screen. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 3.122 - Administrator Passwords are changed when necessary. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 4.010 - User rights assignments must meet minimum requirements. - Change the system time | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.3.5 Ensure permissions on SSH public host key files are configured | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 6.2.12 Ensure users own their home directories | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 6.2.22 Ensure users' files and directories within the home directory permissions are 750 or more restrictive | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| Big Sur - Disable Password Hints | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Enable Firmware Password | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Big Sur - Must Use an Approved Antivirus Program | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Disable Password Hints | NIST macOS Catalina v1.5.0 - 800-171 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Password Hints | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Password Hints | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Enable Firmware Password | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000380 - All Group Identifiers (GIDs) referenced in the /etc/passwd file must be defined in the /etc/group file. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN000560 - The system must not have accounts configured with blank or null passwords. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN000960 - The root account must not have world-writable directories in its executable search path. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001780 - Global initialization files must contain the mesg -n or mesg n commands. - '/etc/profile' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001780 - Global initialization files must contain the mesg -n or mesg n commands. - '/etc/security/environ' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001840 - All global initialization files' executable search paths must contain only absolute paths - '/etc/.login' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001840 - All global initialization files' executable search paths must contain only absolute paths - '/etc/bashrc' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001902 - Local initialization files' lists of preloaded libraries must contain only absolute paths. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002430 - Removable media, remote file systems and any file system not containing approved device files must be mounted with nodev | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002560 - The system and user default umask must be 077 - user initialization files | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN003500 - Process core dumps must be disabled unless needed. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN004560 - The SMTP service's SMTP greeting must not provide version information. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005460 - The system must only use remote syslog servers (log hosts) justified and documented using site-defined procedures. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005540 - The SSH daemon must be configured for IP filtering - '/etc/hosts.allow' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005560 - The system must be configured with a default gateway for IPv4 if the system uses IPv4, unless the system is a router. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN006620 - The system's access control program must be configured to grant or deny system access to specific hosts - '/etc/hosts.allow' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN007850 - The DHCP client must not send dynamic DNS updates - 'updateDNS exists in /etc/dhcpcd.ini' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN007950 - The system must not respond to ICMPv6 echo requests sent to a broadcast address. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN008640 - The system must not use removable media as the boot loader - 'both' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN008640 - The system must not use removable media as the boot loader - 'normal' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN008640 - The system must not use removable media as the boot loader - 'service' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| Monterey - Configure Gatekeeper to Disallow End User Override | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure Sudoers to Authenticate Users on a Per -tty Basis | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Disable Unattended or Automatic Logon to the System | NIST macOS Monterey v1.0.0 - 800-171 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
