| 1.1.3.10.2 Set 'Network access: Allow anonymous SID/Name translation' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 1.3.3 Ensure cryptographic mechanisms are used to protect the integrity of audit tools | CIS Amazon Linux 2023 Server L1 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.7.1 - Miscellaneous Enhancements - crontab access - 'cron.deny does not exist' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 1.7.2 - Miscellaneous Enhancements - at access - 'at.deny does not exist' | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 2.3.1 - /etc/mail/sendmail.cf - SmtpGreetingMessage - 'SmtpGreetingMessage = mailerready' | CIS AIX 5.3/6.1 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 2.3.10.1 Ensure 'Network access: Allow anonymous SID/Name translation' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 2.3.10.1 Ensure 'Network access: Allow anonymous SID/Name translation' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 2.11.9 - Permissions and Ownership - '/var/adm/cron/at.allow root:sys 400' | CIS AIX 5.3/6.1 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 2.11.10 - Permissions and Ownership - '/var/adm/cron/cron.allow root:sys 400' | CIS AIX 5.3/6.1 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 3.1.3 Require explicit authorization for cataloging - 'catalog_noauth = no' | CIS IBM DB2 OS L2 v1.2.0 | Unix | ACCESS CONTROL |
| 3.4 Ensure that Cassandra is run using a non-privileged, dedicated service account | CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0 | Unix | ACCESS CONTROL |
| 4.07 init.ora - 'os_authent_prefix = NULL String' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | ACCESS CONTROL |
| 6.6.5 Ensure all Custom Login Classes Forbid Shell Access | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | ACCESS CONTROL |
| 6.10.4.1 Ensure NETCONF Rate Limit is Set | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 6.10.5.10 Ensure REST Service Address is Set | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 7.0.1 Establish an administrator group - 'sysadm_group value' | CIS IBM DB2 OS L2 v1.2.0 | Unix | ACCESS CONTROL |
| 7.0.2 Establish system control group - 'sysctrl_group value' | CIS IBM DB2 OS L2 v1.2.0 | Unix | ACCESS CONTROL |
| 7.0.3 Establish system maintenance group - 'sysmaint_group users' | CIS IBM DB2 OS L1 v1.2.0 | Unix | ACCESS CONTROL |
| 7.0.4 Establish system monitoring group - 'sysmon_group users' | CIS IBM DB2 OS L1 v1.2.0 | Unix | ACCESS CONTROL |
| 7.4 Restrict at/cron to authorized users (/var/at/at.allow permissions) | CIS FreeBSD v1.0.5 | Unix | ACCESS CONTROL |
| 7.9 Restrict at/cron To Authorized Users, should pass if /etc/cron.deny does not exist. | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
| 8.5 Remove the toor user. | CIS FreeBSD v1.0.5 | Unix | ACCESS CONTROL |
| 8.5 Verify that no UID 0 accounts exist other than root | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
| ALMA-09-007280 - AlmaLinux OS 9 must audit uses of the "execve" system call. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| Apply UAC restrictions to local accounts on network logon | MSCT Windows 10 1803 v1.0.0 | Windows | ACCESS CONTROL |
| Big Sur - Configure the System to Block Non-Privileged Users from Executing Privileged Functions | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL |
| Big Sur - Configure the System to Block Non-Privileged Users from Executing Privileged Functions | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| Big Sur - Configure the System to Block Non-Privileged Users from Executing Privileged Functions | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL |
| Big Sur - Configure the System to Block Non-Privileged Users from Executing Privileged Functions | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | ACCESS CONTROL |
| Big Sur - Prevent Software From Executing at Higher Privilege Levels than Users Executing The Software | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL |
| Catalina - Configure the System to Block Non-Privileged Users from Executing Privileged Functions | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
| Catalina - Configure the System to Block Non-Privileged Users from Executing Privileged Functions | NIST macOS Catalina v1.5.0 - 800-171 | Unix | ACCESS CONTROL |
| Catalina - Configure the System to Block Non-Privileged Users from Executing Privileged Functions | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL |
| Catalina - Configure the System to Block Non-Privileged Users from Executing Privileged Functions | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| Catalina - Configure the System to Block Non-Privileged Users from Executing Privileged Functions | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL |
| Catalina - Configure the System to Block Non-Privileged Users from Executing Privileged Functions | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | ACCESS CONTROL |
| Catalina - Prevent Software From Executing at Higher Privilege Levels than Users Executing The Software | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL |
| CNTR-R2-001130 - Rancher RKE2 must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. | DISA Rancher Government Solutions RKE2 STIG v2r3 | Unix | ACCESS CONTROL |
| Monterey - Configure the System to Block Non-Privileged Users from Executing Privileged Functions | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL |
| Monterey - Configure the System to Block Non-Privileged Users from Executing Privileged Functions | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| Monterey - Configure the System to Block Non-Privileged Users from Executing Privileged Functions | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | ACCESS CONTROL |
| Monterey - Configure the System to Block Non-Privileged Users from Executing Privileged Functions | NIST macOS Monterey v1.0.0 - 800-171 | Unix | ACCESS CONTROL |
| Monterey - Configure the System to Block Non-Privileged Users from Executing Privileged Functions | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |
| Monterey - Prevent Software From Executing at Higher Privilege Levels than Users Executing The Software | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |
| MSS: (AutoAdminLogon) Enable Automatic Logon (Not Recommended) | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | ACCESS CONTROL |
| MSS: (AutoAdminLogon) Enable Automatic Logon (Not Recommended) | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| OL08-00-030000 - The OL 8 audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-654010 - RHEL 9 must audit uses of the "execve" system call. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| UBTU-20-010211 - The Ubuntu operating system must prevent all software from executing at higher privilege levels than users executing the software and the audit system must be configured to audit the execution of privileged functions. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | ACCESS CONTROL |
| UBTU-22-654230 - Ubuntu 22.04 LTS must prevent all software from executing at higher privilege levels than users executing the software and the audit system must be configured to audit the execution of privileged functions. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | ACCESS CONTROL |
