| 4.1.4.1 Ensure Audit logs are owned by root and mode 0600 or less permissive | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| AIX7-00-002013 - Audit logs on the AIX system must be owned by root. | DISA STIG AIX 7.x v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-011130 - AlmaLinux OS 9 library files must have mode 755 or less permissive. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-011900 - AlmaLinux OS 9 cron configuration files directory must be owned by root. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-018500 - AlmaLinux OS 9 must not accept router advertisements on all IPv6 interfaces. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-024990 - AlmaLinux OS 9 system accounts must not have an interactive login shell. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-025320 - AlmaLinux OS 9 must use a separate file system for /var/log. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-052050 - AlmaLinux OS 9 must allocate audit record storage capacity to store at least one week's worth of audit records. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-057110 - AlmaLinux OS 9 audit system must protect auditing rules from unauthorized change. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| AOSX-13-000570 - The macOS system must implement NSA-approved cryptography to protect classified information in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-15-003020 - The macOS system must use multifactor authentication for local and network access to privileged and non-privileged accounts, the establishment of nonlocal maintenance and diagnostic sessions, and authentication for remote access to privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access - ChallengeResponseAuthentication | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| CIS Control 2 (2.1(b)) Maintain and Inventory of Authorized Software | CAS Implementation Group 1 Audit File | Unix | CONFIGURATION MANAGEMENT |
| CIS Control 8 (8.5) Configure Devices to Not Auto Run Content | CAS Implementation Group 1 Audit File | Unix | |
| CIS Security Benchmark For Microsoft IIS 7.0/7.5 v1.8.0 Level II. | CIS IIS 7 L2 v1.8.0 | Windows | |
| CIS_Microsoft_Intune_for_Windows_10_v4.0.0_L2.audit from CIS Microsoft Intune for Windows 10 Benchmark v4.0.0 | CIS Microsoft Intune for Windows 10 v4.0.0 L2 | Windows | |
| CIS_Microsoft_Windows_10_Stand-alone_v4.0.0_L1_NG.audit from CIS Microsoft Windows 10 Stand-alone Benchmark v4.0.0 | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | |
| CIS_Microsoft_Windows_11_Stand-alone_v4.0.0_BL.audit from CIS Microsoft Windows 11 Stand-alone Benchmark v4.0.0 | CIS Microsoft Windows 11 Stand-alone v4.0.0 BL | Windows | |
| CIS_Microsoft_Windows_11_Stand-alone_v4.0.0_L2_BL.audit from CIS Microsoft Windows 11 Stand-alone Benchmark v4.0.0 | CIS Microsoft Windows 11 Stand-alone v4.0.0 L2 BL | Windows | |
| CIS_Microsoft_Windows_Server_2019_STIG_v3.0.0_Next_Generation_Windows_Security_-_Member_Server.audit from CIS Microsoft Windows Server 2019 STIG Benchmark v3.0.0 | CIS Microsoft Windows Server 2019 STIG v3.0.0 NG MS | Windows | |
| CIS_MS_Windows_Server_2008_R2_DC_Level_2_v3.3.1.audit from CIS MS Windows Server 2008 R2 Benchmark v3.3.1 | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 2 v3.3.1 | Windows | |
| CIS_Oracle_Server_11g_R2_Unix_v2.2.0.audit from CIS Oracle Database Server 11g R2 benchmark v2.2.0 | CIS Oracle Server 11g R2 Unix v2.2.0 | Unix | |
| CIS_Oracle_Server_11g_R2_Windows_v2.2.0.audit from CIS Oracle Database Server 11g R2 benchmark v2.2.0 | CIS Oracle Server 11g R2 Windows v2.2.0 | Windows | |
| CIS_Red_Hat_EL8_Workstation_L1_v3.0.0.audit from CIS Red Hat Enterprise Linux 8 Benchmark v3.0.0 | CIS Red Hat EL8 Workstation L1 v3.0.0 | Unix | |
| DISA_STIG_Apple_OS_X_10.13_v2r5.audit from DISA Apple OS X 10.13 v2r5 STIG | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | |
| OL07-00-030690 - The Oracle Linux operating system must audit all uses of the sudo command. | DISA Oracle Linux 7 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030301 - OL 8 must generate audit records for any use of the "umount" command. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030330 - OL 8 must generate audit records for any use of the "setfacl" command. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030340 - OL 8 must generate audit records for any use of the "pam_timestamp_check" command. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| PHTN-30-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | ACCESS CONTROL, MAINTENANCE |
| PHTN-40-000133 The Photon operating system must require users to reauthenticate for privilege escalation. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-030200 - The RHEL 8 audit system must be configured to audit any usage of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030400 - Successful/unsuccessful uses of the crontab command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010440 - The operating system must protect audit information from unauthorized access. | DISA STIG Solaris 11 X86 v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SRG-OS-99999-ESXI5-000137 - The system must disable the Managed Object Browser (MOB) - MOB | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| UBTU-24-100650 - Ubuntu 24.04 LTS must have the "SSSD" package installed. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-24-100660 - Ubuntu 24.04 LTS must use the "SSSD" package for multifactor authentication services. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WN16-00-000180 - Permissions for the Windows installation directory must conform to minimum requirements. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | ACCESS CONTROL |
| WN16-AU-000310 - Windows Server 2016 must be configured to audit Policy Change - Audit Policy Change successes. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN16-AU-000330 - Windows Server 2016 must be configured to audit Policy Change - Authentication Policy Change successes. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN16-AU-000380 - Windows Server 2016 must be configured to audit System - IPsec Driver failures. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN16-DC-000240 - Windows Server 2016 must be configured to audit DS Access - Directory Service Access successes. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-00-000150 - Windows Server 2019 permissions for program file directories must conform to minimum requirements. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL |
| WN19-AU-000270 - Windows Server 2019 must be configured to audit Policy Change - Audit Policy Change failures. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-AU-000380 - Windows Server 2019 must be configured to audit System - System Integrity successes. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-AU-000390 - Windows Server 2019 must be configured to audit System - System Integrity failures. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-DC-000260 - Windows Server 2019 must be configured to audit DS Access - Directory Service Changes successes. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-00-000140 - Windows Server 2022 permissions for the system drive root directory (usually C:\) must conform to minimum requirements. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL |
| WN22-AU-000350 - Windows Server 2022 must be configured to audit System - Other System Events failures. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-AU-000390 - Windows Server 2022 must be configured to audit System - System Integrity failures. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-SO-000120 - Windows Server 2022 machine inactivity limit must be set to 15 minutes or less, locking the system with the screen saver. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL |
