| 2.2.2 Ensure 'AUDIT_TRAIL' Is Set to 'OS', 'DB', 'XML', 'DB,EXTENDED', or 'XML,EXTENDED' | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | |
| 2.8.3 Ensure the OS is not Activate When Resuming from Sleep - Intel standbydelayhigh | CIS Apple macOS 10.15 Catalina v3.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.1.6 Ensure No World Writable Folders Exist in the System Folder | CIS Apple macOS 13.0 Ventura v3.1.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.3.18 Collect Kernel Module Loading and Unloading - /sbin/insmod | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 6.3.3 Use pam_deny.so to Deny Services - auth requisite pam_deny.so /etc/pam.d/* | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows Server 2022 v4.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 (L2) Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows Server 2019 v4.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.2 Ensure 'Allow upload of User Activities' is set to 'Disabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| ALMA-09-002880 - All AlmaLinux OS 9 remote access methods must be monitored. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| ALMA-09-011350 - AlmaLinux OS 9 must disable acquiring, saving, and processing core dumps. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-012780 - AlmaLinux OS 9 /etc/group- file must be owned by root. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-016410 - AlmaLinux OS 9 /etc/passwd file must be owned by root. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-016740 - AlmaLinux OS 9 /etc/shadow- file must be owned by root. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-019600 - AlmaLinux OS 9 must have the nss-tools package installed. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-027630 - AlmaLinux OS 9 must mount /var/log with the noexec option. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-027740 - AlmaLinux OS 9 must mount /var/log with the nosuid option. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-027960 - AlmaLinux OS 9 must mount /var/tmp with the nodev option. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-028730 - AlmaLinux OS 9 must not have the iprutils package installed. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-036980 - AlmaLinux OS 9 must require the maximum number of repeating characters of the same character class be limited to four when passwords are changed. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-053150 - The rsyslog service on AlmaLinux OS 9 must be active. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-000057 The macOS system must limit SSH to FIPS-compliant connections. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPNET0064 - .Net applications that invoke NetFx40_LegacySecurityPolicy must apply previous versions of .NET STIG guidance. | DISA STIG for Microsoft Dot Net Framework 4.0 v2r6 | Windows | CONFIGURATION MANAGEMENT |
| ARST-RT-000040 - The Arista BGP router must be configured to reject inbound route advertisements from a customer edge (CE) router for prefixes that are not allocated to that customer. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| Automatically open downloaded MHT or MHTML files from the web in Internet Explorer mode | MSCT Edge v117 v1.0.0 | Windows | |
| Automatically open downloaded MHT or MHTML files from the web in Internet Explorer mode | MSCT Edge v128 v1.0.0 | Windows | |
| Automatically open downloaded MHT or MHTML files from the web in Internet Explorer mode | MSCT Edge v133 v1.0.0 | Windows | |
| CIS_AlmaLinux_OS_9_v2.0.0_L1_Server.audit from CIS AlmaLinux OS 9 Benchmark v2.0.0 | CIS AlmaLinux OS 9 v2.0.0 L1 Server | Unix | |
| CIS_AlmaLinux_OS_9_v2.0.0_L2_Workstation.audit from CIS AlmaLinux OS 9 Benchmark v2.0.0 | CIS AlmaLinux OS 9 v2.0.0 L2 Workstation | Unix | |
| JUEX-RT-000040 - The Juniper BGP router must be configured to reject inbound route advertisements from a customer edge (CE) router for prefixes that are not allocated to that customer. | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| PHTN-67-000010 - The Photon operating system must configure auditd to log to disk. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000114 - The Photon OS must not have the xinetd service enabled. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-020290 - The SUSE operating system must generate audit records for all uses of the mount command. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020310 - The SUSE operating system must generate audit records for all uses of the ssh-agent command. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020320 - The SUSE operating system must generate audit records for all uses of the ssh-keysign command. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-12-020760 - The SUSE operating system must generate audit records for all modifications to the faillog file. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030330 - The SUSE operating system must generate audit records for all uses of the sudoedit command. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030430 - The SUSE operating system must generate audit records for all uses of the setfacl command. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SRG-OS-000056-ESXI5 - The system must use time sources local to the enclave. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| SRG-OS-000092-ESXI5 - The system must enable lockdown mode to restrict remote access. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| UBTU-16-020090 - Audit logs must have a mode of 0600 or less permissive to prevent unauthorized read access. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| UBTU-16-020120 - Audit logs must be group-owned by root to prevent unauthorized read access. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| VCEM-67-000028 - ESX Agent Manager must set the secure flag for cookies. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | CONFIGURATION MANAGEMENT |
| WA000-WWA050 W22 - All interactive programs must be placed in a designated directory with appropriate permissions. - 'AddHandler' | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WBLC-03-000127 - Oracle WebLogic must adhere to the principles of least functionality by providing only essential capabilities. | Oracle WebLogic Server 12c Windows v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN12-AU-000105 - Windows Server 2012/2012 R2 must be configured to audit System - Other System Events successes. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000105 - Windows Server 2012/2012 R2 must be configured to audit System - Other System Events successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000106 - Windows Server 2012/2012 R2 must be configured to audit System - Other System Events failures. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-SO-000130 - Windows Server 2019 required legal notice must be configured to display before console logon. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL |
| WN22-SO-000130 - Windows Server 2022 required legal notice must be configured to display before console logon. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL |
