| 3.1 Ensure 'Server Authentication' Property is set to 'Windows Authentication Mode' | CIS SQL Server 2008 R2 DB Engine L1 v1.7.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 3.6 Ensure Relational Database Service Instances have Auto Minor Version Upgrade Enabled | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | SYSTEM AND INFORMATION INTEGRITY |
| 5.3 Ensure 'Login Auditing' is set to 'failed logins' | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | ACCESS CONTROL |
| 6.1.3 Ensure That the 'Local_infile' Database Flag for a Cloud SQL MySQL Instance Is Set to 'Off' | CIS Google Cloud Platform Foundation v4.0.0 L1 | GCP | CONFIGURATION MANAGEMENT |
| 7.5 Ensure Databases are Encrypted with TDE | CIS Microsoft SQL Server 2022 v1.2.1 L2 Database Engine | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS_Microsoft_SQL_Server_2012_Database_v1.6.0_Level_1_OS.audit from Microsoft SQL Server 2012 Database, version 1.6.0 | CIS SQL Server 2012 Database L1 OS v1.6.0 | Windows | |
| CIS_Microsoft_Windows_Server_2019_STIG_v4.0.0_MS_CAT_I.audit from CIS Microsoft Windows Server 2019 STIG Benchmark v4.0.0 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT I | Windows | |
| CIS_Microsoft_Windows_Server_2019_STIG_v4.0.0_MS_CAT_III.audit from CIS Microsoft Windows Server 2019 STIG Benchmark v4.0.0 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT III | Windows | |
| MYS8-00-007300 - The MySQL Database Server 8.0 must check the validity of all data inputs except those specifically identified by the organization. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | SYSTEM AND INFORMATION INTEGRITY |
| O19C-00-016700 - Oracle Database must preserve any organization-defined system state information in the event of a system failure. | DISA Oracle Database 19c STIG v1r3 OracleDB | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| O112-BP-022000 - The Oracle REMOTE_OS_ROLES parameter must be set to FALSE. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O121-C2-018200 - The DBMS must preserve any organization-defined system state information in the event of a system failure. | DISA STIG Oracle 12c v3r5 Database | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-004400 - SQL Server must not grant users direct access to the View Any Database permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL2-00-005900 - SQL Server must not grant users direct access to the Create any database permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-008200 - SQL Server must not grant users direct access to the Alter any database permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-016500 - SQL Server must have the SQL Server Data Tools (SSDT) software component removed from SQL Server if SSDT is unused. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | CONFIGURATION MANAGEMENT |
| SQL2-00-022700 - SQL Server must identify potential security-relevant error conditions. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-013000 - Unless it has been determined that availability is paramount, SQL Server must shut down upon the failure of an Audit, or a Trace used for auditing purposes, to include the unavailability of space for more audit/trace log records. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-030300 - SQL Server authentication and identity management must be integrated with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | ACCESS CONTROL |
| SQL4-00-035700 - SQL Server must produce Trace or Audit records when unsuccessful attempts to access security objects occur - Event ID 85 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-035700 - SQL Server must produce Trace or Audit records when unsuccessful attempts to access security objects occur - Event ID 87 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-035700 - SQL Server must produce Trace or Audit records when unsuccessful attempts to access security objects occur - Event ID 90 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-035800 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is accessed. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 82 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 85 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 87 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 104 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036000 - SQL Server must generate Trace or Audit records when privileges/permissions are added - Event ID 111 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - DATABASE_OBJECT_OWNERSHIP_CH... | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - DATABASE_PERMISSION_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - Event ID 43 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - Event ID 82 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - Event ID 84 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - Event ID 87 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - Event ID 91 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - Event ID 102 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - Event ID 109 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - Event ID 171 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - Event ID 172 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - Event ID 173 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - SCHEMA_OBJECT_PERMISSION_CHA... | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - SERVER_OBJECT_OWNERSHIP_CHAN... | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur - SERVER_OBJECT_PERMISSION_CHA... | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036100 - SQL Server must generate Trace or Audit records when unsuccessful attempts to add privileges/permissions occur. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 43 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 83 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 87 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 88 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 89 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL6-D0-003600 - SQL Server must limit the number of concurrent sessions to an organization-defined number per user for all accounts and/or account types. | DISA STIG SQL Server 2016 Instance DB Audit v3r5 | MS_SQLDB | ACCESS CONTROL |
