| 1.2 Ensure the latest version of Java is installed | CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.2 Ensure the latest version of Java is installed | CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.3 Ensure the latest version of Python is installed | CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 2.1 Ensure that authentication is enabled for Cassandra databases | CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0 | Unix | ACCESS CONTROL |
| 4.1 Ensure that logging is enabled. - logback.xml | CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2 Ensure auditd is installed | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| EP11-00-000100 - The EDB Postgres Advanced Server must limit the number of concurrent sessions to an organization-defined number per user for all accounts and/or account types. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | ACCESS CONTROL |
| EP11-00-000800 - The EDB Postgres Advanced Server must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | ACCESS CONTROL |
| EP11-00-000900 - The EDB Postgres Advanced Server must protect against a user falsely repudiating by ensuring all accounts are individual, unique, and not shared. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EP11-00-001000 - The EDB Postgres Advanced Server must be configured to provide audit record generation capability for DoD-defined auditable events within all EDB Postgres Advanced Server/database components. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EP11-00-001200 - The EDB Postgres Advanced Server must generate audit records for DoD-defined auditable events. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| EP11-00-001400 - The EDB Postgres Advanced Server must initiate support of session auditing upon startup. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EP11-00-002200 - The EDB Postgres Advanced Server must include additional, more detailed, organization-defined information in the audit records for audit events identified by type, location, or subject. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EP11-00-003300 - The EDB Postgres Advanced Server software installation account must be restricted to authorized users. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| EP11-00-003700 - Default, demonstration and sample databases, database objects, and applications must be removed. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| EP11-00-004100 - The EDB Postgres Advanced Server must be configured to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| EP11-00-004300 - If passwords are used for authentication, the EDB Postgres Advanced Server must store only hashed, salted representations of passwords. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION |
| EP11-00-004810 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION |
| EP11-00-005100 - The EDB Postgres Advanced Server must separate user functionality (including user interface services) from database management functionality. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| EP11-00-005600 - In the event of a system failure, the DBMS must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| EP11-00-005900 - Database contents must be protected from unauthorized and unintended information transfer by enforcement of a data-transfer policy. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| EP11-00-006300 - The EDB Postgres Advanced Server and associated applications must reserve the use of dynamic code execution for situations that require it. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| EP11-00-006600 - The EDB Postgres Advanced Server must reveal detailed error messages only to the ISSO, ISSM, SA, and DBA. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| EP11-00-006900 - The EDB Postgres Advanced Server must associate organization-defined types of security labels having organization-defined security label values with information in storage. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | ACCESS CONTROL |
| EP11-00-007800 - The EDB Postgres Advanced Server must provide centralized configuration of the content to be captured in audit records generated by all components of the EDB Postgres Advanced Server. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EP11-00-007900 - The EDB Postgres Advanced Server must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EP11-00-008100 - The EDB Postgres Advanced Server must provide an immediate real-time alert to appropriate support staff of all audit failure events requiring real-time alerts. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EP11-00-009700 - When invalid inputs are received, the EDB Postgres Advanced Server must behave in a predictable and documented manner that reflects organizational and system objectives. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| EP11-00-012600 - The EDB Postgres Advanced Server must generate audit records for all direct access to the database(s). | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EP11-00-013000 - The EDB Postgres Advanced Server must off-load audit data to a separate log management facility; this must be continuous and in near real time for systems with a network connection to the storage facility and weekly or more often for stand-alone systems. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-002300 - The EDB Postgres Advanced Server must by default shut down upon audit failure, to include the unavailability of space for more audit log records; or must be configurable to shut down upon audit failure. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-003400 - Database software, including EDB Postgres Advanced Server configuration files, must be stored in dedicated directories, separate from the host OS and other applications. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | CONFIGURATION MANAGEMENT |
| PPS9-00-003800 - Unused database components, EDB Postgres Advanced Server software, and database objects must be removed. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | CONFIGURATION MANAGEMENT |
| PPS9-00-004000 - Access to external executables must be disabled or restricted. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | CONFIGURATION MANAGEMENT |
| PPS9-00-008000 - The EDB Postgres Advanced Server must provide a warning to appropriate support staff when allocated audit record storage volume reaches 75% of maximum audit record storage capacity. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-008500 - The EDB Postgres Advanced Server must enforce access restrictions associated with changes to the configuration of the EDB Postgres Advanced Server or database(s). | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | CONFIGURATION MANAGEMENT |
| PPS9-00-009100 - The EDB Postgres Advanced Server must only accept end entity certificates issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs) for the establishment of all encrypted sessions. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PPS9-00-009300 - The EDB Postgres Advanced Server must implement cryptographic mechanisms preventing the unauthorized disclosure of organization-defined information at rest on organization-defined information system components. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PPS9-00-013200 - The EDB Postgres Advanced Server must be configured on a platform that has a NIST certified FIPS 140-2 ior 140-3 nstallation of OpenSSL. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PPS9-00-013300 - EDB Postgres Advanced Server products must be a version supported by the vendor. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | SYSTEM AND SERVICES ACQUISITION |
| SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 90 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 91 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - SUCCESSFUL_LOGIN_GROUP | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-038200 - SQL Server must generate Trace or Audit records when unsuccessful accesses to designated objects occur. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL6-D0-000400 - SQL Server must protect against a user falsely repudiating by ensuring only clearly unique Active Directory user accounts can connect to the database. | DISA STIG SQL Server 2016 Database Audit v3r2 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL6-D0-000500 - SQL Server must protect against a user falsely repudiating by use of system-versioned tables (Temporal Tables). | DISA STIG SQL Server 2016 Database Audit v3r2 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL6-D0-001100 - SQL Server must limit privileges to change software modules, to include stored procedures, functions, and triggers. | DISA STIG SQL Server 2016 Database Audit v3r2 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL6-D0-001400 - The role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (stored procedures, functions, triggers, links to software external to SQL Server, etc.) must be restricted to authorized users. | DISA STIG SQL Server 2016 Database Audit v3r2 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL6-D0-002100 - SQL Server must check the validity of all data inputs except those specifically identified by the organization. | DISA STIG SQL Server 2016 Database Audit v3r2 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL6-D0-002600 - SQL Server must associate organization-defined types of security labels having organization-defined security label values with information in process. | DISA STIG SQL Server 2016 Database Audit v3r2 | MS_SQLDB | ACCESS CONTROL |
