| 1.1 Place Databases on Non-System Partitions | CIS Oracle MySQL Community Server 8.4 v1.1.0 L1 MySQL RDBMS on Linux Unix | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.1 Backup Policy in Place | CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0 | Windows | CONTINGENCY PLANNING |
| 2.1.2 Verify Backups are Good | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | CONTINGENCY PLANNING |
| 2.1.7 Backup of Configuration and Related Files | CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0 | Windows | CONTINGENCY PLANNING |
| 2.4 Configure TCP Wrappers - enable tcp_wrappers for inetd | CIS Solaris 10 L1 v5.2 | Unix | |
| 2.4 Configure TCP Wrappers - enable tcp_wrappers for rpc/bind. Note: This check is recommended by CIS, but not required. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4 Configure TCP Wrappers - Make sure that /etc/hosts.allow does exist. | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
| 2.6 Ensure Non-Default, Unique Cryptographic Material is in Use | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux Unix | Unix | CONFIGURATION MANAGEMENT |
| 2.11 Implement Connection Delays to Limit Failed Login Attempts - CONNECTION_CONTROL | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 2.11 Implement Connection Delays to Limit Failed Login Attempts - connection_control_max_connection_delay | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 2.15 Implement Connection Delays to Limit Failed Login Attempts - CONNECTION_CONTROL | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 2.15 Implement Connection Delays to Limit Failed Login Attempts - connection_control_max_connection_delay | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 2.15 Limit Accepted Transport Layer Security (TLS) Versions | CIS Oracle MySQL Community Server 8.0 v1.2.0 L2 MySQL RDBMS MySQLDB | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.15 Limit Accepted Transport Layer Security (TLS) Versions | CIS Oracle MySQL Enterprise Edition 8.0 v1.5.0 L2 MySQL RDBMS on Linux MySQLDB | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1 Ensure 'datadir' Has Appropriate Permissions | CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.9 Ensure 'audit_log_file' Has Appropriate Permissions - audit_log_file has Appropriate Permissions | CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1 - System Administration Methods - Login Banner | NetApp Security Hardening Guide for ONTAP 9 v1.7.0 | Netapp_API | ACCESS CONTROL |
| 4.1 Ensure 'maxAllowedContentLength' is configured - Applications | CIS IIS 7 L2 v1.8.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 4.1 Ensure 'maxAllowedContentLength' is configured - Default | CIS IIS 10 v1.2.1 Level 2 | Windows | SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure Interactive Login is Disabled | CIS PostgreSQL 13 v1.3.0 L1 Database Unix | Unix | ACCESS CONTROL |
| 4.1 Ensure Interactive Login is Disabled | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | Unix | ACCESS CONTROL |
| 4.1 Ensure sudo is configured correctly | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | ACCESS CONTROL |
| 4.1 Ensure sufficient space for logs | CIS Sybase 15.0 L2 DB v1.1.0 | SybaseDB | |
| 4.4 Capture syslog AUTH Messages - Check if auth.info is set to var/log/authlog | CIS Solaris 10 L1 v5.2 | Unix | |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - /etc/mysql/my.cnf | CIS MySQL 5.6 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - %PROGRAMDATA%\MySQL\MySQL Server 5.6\my.cnf | CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - %WINDIR%\my.cnf | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - C:\my.cnf | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started With '--skip-grant-tables' - MYSQL_INSTALL\my.cnf | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - MYSQL_INSTALL\my.cnf | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 6.4 Ensure 'log-raw' is Set to 'OFF' - %PROGRAMDATA%\MySQL\MySQL Server 5.7\my.cnf | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | MEDIA PROTECTION |
| 6.4 Ensure 'log-raw' is Set to 'OFF' - %WINDIR%\my.ini | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | MEDIA PROTECTION |
| 6.4 Ensure 'log-raw' Is Set to 'OFF' - C:\my.ini | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | MEDIA PROTECTION |
| 6.4 Ensure 'log-raw' Is Set to 'OFF' - MYSQL_INSTALL\my.cnf | CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0 | Windows | MEDIA PROTECTION |
| 6.4 Ensure 'log-raw' is Set to 'OFF' - MYSQL_INSTALL\my.ini | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | MEDIA PROTECTION |
| 6.4 Ensure 'log-raw' Is Set to 'OFF' - SYSCONFDIR/my.cnf | CIS MySQL 5.6 Community Linux OS L1 v2.0.0 | Unix | MEDIA PROTECTION |
| 6.4 Ensure 'log-raw' Is Set to 'OFF' - SYSCONFDIRmy.cnf | CIS MySQL 5.6 Community Linux OS L1 v2.0.0 | Unix | MEDIA PROTECTION |
| 6.8 Ensure 'audit_log_policy' is Set to 'LOGINS' | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 7.2 Ensure Passwords are Not Stored in the Global Configuration - %PROGRAMDATA%\MySQL\MySQL Server 5.7\my.ini | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3 Ensure 'sql_mode' Contains 'NO_AUTO_CREATE_USER' - %PROGRAMDATA%\MySQL\MySQL Server 5.7\my.cnf | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 7.3 Ensure 'sql_mode' Contains 'NO_AUTO_CREATE_USER' - C:\my.ini | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 7.3 Ensure Passwords Are Not Stored in the Global Configuration | CIS MySQL 5.6 Community Linux OS L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3 Ensure Passwords Are Not Stored in the Global Configuration - %PROGRAMDATA%\MySQL\MySQL Server 5.6\my.cnf | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3 Set Strong Password Creation Policies - Check DICTIONLIST is set to /usr/share/lib/dict/words | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.3 Set Strong Password Creation Policies - Check MAXREPEATS is set to 0 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.3 Set Strong Password Creation Policies - Check MINDIFF is set to 3 | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.3 Set Strong Password Creation Policies - WHITESPACE is set to YES | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.8 Set 'mesg n' as Default for All Users in /etc/.login | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
| 8.2 Create Warning Banner for CDE Users - Check if 'Dtlogin*greeting.persLabelString' is set appropriately. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 9.1 Ensure Replication Traffic Is Secured | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
