| 1.55 WN19-AC-000080 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.166 WN19-DC-000200 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.213 WN19-SO-000060 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.270 WN19-UR-000170 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 1.270 WN19-UR-000170 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 2.11 Ensure Unnecessary SQL Server Protocols are set to 'Disabled' - 'Named Pipes protocol is disabled' | CIS SQL Server 2008 R2 DB OS L1 v1.7.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.11 Ensure Unnecessary SQL Server Protocols are set to 'Disabled' - 'Shared Memory protocol is enabled' | CIS SQL Server 2008 R2 DB OS L1 v1.7.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.11 Ensure Unnecessary SQL Server Protocols are set to 'Disabled' - 'VIA protocol is disabled' | CIS SQL Server 2008 R2 DB OS L1 v1.7.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 3.1 Ensure 'Server Authentication' Property is set to 'Windows Authentication Mode' - Windows Authentication mode | CIS SQL Server 2014 Database L1 DB v1.5.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 4.2 Ensure Example or Test Databases are Not Installed on Production Servers | CIS Oracle MySQL Community Server 8.4 v1.1.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure Example or Test Databases are Not Installed on Production Servers | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure Example or Test Databases are Not Installed on Production Servers | CIS Oracle MySQL Enterprise Edition 8.0 v1.5.0 L1 MySQL RDBMS MySQLDB | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure Example or Test Databases are Not Installed on Production Servers | CIS Oracle MySQL Community Server 8.4 v1.1.0 L1 MySQL RDBMS MySQLDB | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure Example or Test Databases are Not Installed on Production Servers | CIS Oracle MySQL Enterprise Edition 8.4 v1.1.0 L1 MySQL RDBMS MySQLDB | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 6.1 Ensure Database and Application User Input is Sanitized | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 6.1 Ensure Database and Application User Input is Sanitized | CIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine | MS_SQLDB | SYSTEM AND SERVICES ACQUISITION |
| 6.1 Ensure Database and Application User Input is Sanitized | CIS SQL Server 2008 R2 DB Engine L1 v1.7.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 6.1 Ensure Database and Application User Input is Sanitized | CIS SQL Server 2014 Database L1 DB v1.5.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 6.7 Ensure That Cloud SQL Database Instances Are Configured With Automated Backups | CIS Google Cloud Platform Foundation v4.0.0 L1 | GCP | CONTINGENCY PLANNING |
| EP11-00-009700 - When invalid inputs are received, the EDB Postgres Advanced Server must behave in a predictable and documented manner that reflects organizational and system objectives. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL2-00-019600 - SQL Server databases in the classified environment, containing classified or sensitive information, must be encrypted using approved cryptography. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-022500 - SQL Server must check the validity of data inputs. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL4-00-022500 - SQL Server must check the validity of all data inputs except those specifically identified by the organization. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL4-00-035700 - SQL Server must produce Trace or Audit records when unsuccessful attempts to access security objects occur - Event ID 42 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-035700 - SQL Server must produce Trace or Audit records when unsuccessful attempts to access security objects occur - Event ID 43 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-035700 - SQL Server must produce Trace or Audit records when unsuccessful attempts to access security objects occur - Event ID 87 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-035700 - SQL Server must produce Trace or Audit records when unsuccessful attempts to access security objects occur - Event ID 90 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-035700 - SQL Server must produce Trace or Audit records when unsuccessful attempts to access security objects occur - Event ID 162 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-035700 - SQL Server must produce Trace or Audit records when unsuccessful attempts to access security objects occur. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 103 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 105 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 172 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 87 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 89 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 90 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036900 - SQL Server must generate Trace or Audit records when privileges/permissions are deleted - Event ID 91 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - DB_OBJECT_OWNERSHIP_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 82 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 102 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 110 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 171 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - Event ID 177 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - SERVER_OBJECT_OWNERSHIP_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur - SERVER_OBJECT_PERMISSION_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037000 - SQL Server must generate Trace or Audit records when unsuccessful attempts to delete privileges/permissions occur. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 82 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 91 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL6-D0-001500 - In the event of a system failure, hardware loss or disk failure, SQL Server must be able to restore necessary databases with least disruption to mission processes. | DISA MS SQL Server 2016 Database STIG v3r4 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQLD-22-003100 - SQL Server must enforce access restrictions associated with changes to the configuration of the database(s). | DISA Microsoft SQL Server 2022 Database STIG v1r3 | MS_SQLDB | CONFIGURATION MANAGEMENT |
