| 1.3 Disable MySQL Command History | CIS Oracle MySQL Community Server 8.0 v1.2.0 L2 MySQL RDBMS on Linux Unix | Unix | MEDIA PROTECTION |
| 1.4 Verify That the MYSQL_PWD Environment Variable is Not in Use | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux Unix | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.5 Ensure Interactive Login is Disabled | CIS Oracle MySQL Community Server 8.0 v1.2.0 L2 MySQL RDBMS on Linux Unix | Unix | ACCESS CONTROL |
| 1.6 Verify That 'MYSQL_PWD' is Not Set in Users' Profiles | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux Unix | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.7.3 Ensure GDM disable-user-list option is enabled | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.1.1 Backup Policy in Place | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux Unix | Unix | CONTINGENCY PLANNING |
| 2.1.2 Verify Backups are Good | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux Unix | Unix | CONTINGENCY PLANNING |
| 2.1.3 Secure Backup Credentials | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux Unix | Unix | ACCESS CONTROL, CONTINGENCY PLANNING, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.4 Point-in-Time Recovery | CIS Oracle MySQL Community Server 8.0 v1.2.0 L2 MySQL RDBMS on Linux MySQLDB | MySQLDB | CONTINGENCY PLANNING |
| 2.1.5 Disaster Recovery (DR) Plan | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux Unix | Unix | CONTINGENCY PLANNING |
| 2.2.1 Ensure Binary and Relay Logs are Encrypted | CIS Oracle MySQL Community Server 8.0 v1.2.0 L2 MySQL RDBMS on Linux MySQLDB | MySQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3 Dedicate the Machine Running MySQL | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux Unix | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.19 Ensure FIPS 140-2 OpenSSL Cryptography Is Used | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3 Ensure 'log_error' Has Appropriate Permissions | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux Unix | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.4 Ensure 'slow_query_log' Has Appropriate Permissions | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux Unix | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.5 Ensure 'relay_log_basename' Files Have Appropriate Permissions | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux Unix | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.6 Ensure 'general_log_file' Has Appropriate Permissions | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux Unix | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.7 Ensure SSL Key Files Have Appropriate Permissions | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux Unix | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3 Ensure 'allow-suspicious-udfs' is Set to 'OFF' | CIS Oracle MySQL Community Server 8.0 v1.2.0 L2 MySQL RDBMS on Linux Unix | Unix | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.10 Use MySQL TDE for At-Rest Data Encryption | CIS Oracle MySQL Community Server 8.0 v1.2.0 L2 MySQL RDBMS on Linux MySQLDB | MySQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3 Ensure 'PROCESS' is Not Granted to Non-Administrative Users | CIS Oracle MySQL Community Server 8.0 v1.2.0 L2 MySQL RDBMS on Linux MySQLDB | MySQLDB | ACCESS CONTROL |
| 5.4 Ensure 'SUPER' is Not Granted to Non-Administrative Users | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | ACCESS CONTROL |
| 5.5 Ensure 'SHUTDOWN' is Not Granted to Non-Administrative Users | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | ACCESS CONTROL |
| 5.6 Ensure 'CREATE USER' is Not Granted to Non-Administrative Users | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | ACCESS CONTROL |
| 5.7 Ensure 'GRANT OPTION' is Not Granted to Non-Administrative Users | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | ACCESS CONTROL |
| 5.9 Ensure DML/DDL Grants are Limited to Specific Databases and Users | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 6.2 Ensure Log Files are Stored on a Non-System Partition | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 7.1 Ensure default_authentication_plugin is Set to a Secure Option | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.6 Ensure No Users Have Wildcard Hostnames | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 7.7 Ensure No Anonymous Accounts Exist | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | ACCESS CONTROL |
| 8.2 Ensure 'ssl_type' is Set to 'ANY', 'X509', or 'SPECIFIED' for All Remote Users | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2 Ensure 'SOURCE_SSL_VERIFY_SERVER_CERT' is Set to 'YES' or '1' | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | CONFIGURATION MANAGEMENT |
| 9.4 Ensure 'super_priv' is Not Set to 'Y' for Replication Users | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | ACCESS CONTROL |
| 18.9.11.1.8 (BL) Ensure 'Choose how BitLocker-protected fixed drives can be recovered: Configure storage of BitLocker recovery information to AD DS' is set to 'Enabled: Backup recovery passwords and key packages' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | ACCESS CONTROL, CONTINGENCY PLANNING |
| 18.9.11.2.10 (BL) Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Do not enable BitLocker until recovery information is stored to AD DS for operating system drives' is set to 'Enabled: True' | CIS Microsoft Windows 8.1 v2.4.1 L2 Bitlocker | Windows | ACCESS CONTROL, CONTINGENCY PLANNING |
| CIS_Apache_HTTP_Server_2.2_Benchmark_v3.6.0_Level_1.audit from CIS Apache HTTP Server 2.2 Benchark v3.6.0 | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | |
| CIS_Apple_macOS_10.15_Catalina_v3.0.0_L2.audit from CIS Apple macOS 10.15 Catalina Benchmark v3.0.0 | CIS Apple macOS 10.15 Catalina v3.0.0 L2 | Unix | |
| CIS_Fedora_28_Family_Linux_Server_L1_v2.0.0.audit from CIS Fedora 28 Family Linux Benchmark v2.0.0 | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | |
| CIS_Fedora_28_Family_Linux_Workstation_L1_v1.0.0.audit from CIS Fedora 19 Family Linux Benchmark v1.0.0 | CIS Fedora 19 Family Linux Workstation L2 v1.0.0 | Unix | |
| CIS_Microsoft_Office_Excel_2013_v1.0.1.audit from CIS Microsoft Office Excel 2013 Benchmark v1.0.1 | CIS Microsoft Office Excel 2013 v1.0.1 | Windows | |
| CIS_Microsoft_Office_PowerPoint_2016_v1.0.1.audit from CIS Microsoft Office PowerPoint 2016 Benchmark v1.0.1 | CIS Microsoft Office PowerPoint 2016 v1.0.1 | Windows | |
| CIS_Mozilla_Firefox_ESR_GPO_v1.0.0_L2.audit from CIS Mozilla Firefox ESR GPO Benchmark v1.0.0 | CIS Mozilla Firefox ESR GPO v1.0.0 L2 | Windows | |
| CIS_MySQL_5.6_Community_Benchmark_v2.0.0_OS_UNIX_L2.audit from CIS Oracle MySQL 5.6 Community Edition Benchmark | CIS MySQL 5.6 Community Linux OS L2 v2.0.0 | Unix | |
| CIS_MySQL_5.6_Enterprise_Benchmark_v2.0.0_OS_MS_L1.audit from CIS Oracle MySQL 5.6 Enterprise Edition Benchmark | CIS MySQL 5.6 Enterprise Windows OS L2 v2.0.0 | Windows | |
| CIS_MySQL_5.6_Enterprise_Benchmark_v2.0.0_OS_UNIX_L1.audit from CIS Oracle MySQL 5.6 Enterprise Edition Benchmark | CIS MySQL 5.6 Enterprise Linux OS L1 v2.0.0 | Unix | |
| CIS_Red_Hat_EL7_STIG_v2.0.0_L1_Server.audit from CIS Red Hat Enterprise Linux 7 STIG v2.0.0 | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | |
| CIS_Red_Hat_EL7_STIG_v2.0.0_L2_Server.audit from CIS Red Hat Enterprise Linux 7 STIG v2.0.0 | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | |
| CIS_Ubuntu_18.04_LXD_Container_v1.0.0_L1.audit from CIS Ubuntu Linux 18.04 LXD Container Benchmark | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | |
| CIS_Ubuntu_Linux_24.04_LTS_STIG_v1.0.0_CAT_I.audit from CIS Ubuntu Linux 24.04 LTS STIG Benchmark v1.0.0 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT I | Unix | |
| WN25-00-000410 - Windows Server 2025 must not have Windows PowerShell 2.0 installed. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | CONFIGURATION MANAGEMENT |
