| 1.5.3 Ensure core dump backtraces are disabled | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.5.3 Ensure core dump backtraces are disabled | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 6.3.1.4 Ensure auditd service is enabled and active | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.1.4 Ensure auditd service is enabled and active | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.20 Ensure the audit configuration is immutable | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.20 Ensure the audit configuration is immutable | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| DG0005-ORACLE11 - Only necessary privileges to the host system should be granted to DBA OS accounts - 'ORA_DBA Group has no unauthorized users' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | ACCESS CONTROL |
| DG0017-ORACLE11 - A production DBMS installation should not coexist on the same DBMS host with other, non-production DBMS installations - 'All Oracle instances are documented and approved' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DG0099-ORACLE11 - Access to external DBMS executables should be disabled or restricted - '%ORACLE_HOME%\bin\extproc.exe does not exist' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DG0099-ORACLE11 - Access to external DBMS executables should be disabled or restricted - '$ORACLE_HOME/bin/extproc does not exist' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0099-ORACLE11 - Access to external DBMS executables should be disabled or restricted - '$ORACLE_HOME/network/admin/tnsnames.ora EXTPROC PROTOCOL=IPC' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0099-ORACLE11 - Access to external DBMS executables should be disabled or restricted - no PROGRAMS = EXTPROC' - tnsnames.ora | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DG0152-ORACLE11 - DBMS network communications should comply with PPS usage restrictions - 'Connection Manager is running on approved ports' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0152-ORACLE11 - DBMS network communications should comply with PPS usage restrictions - PORT = 1521, 1575, 1830, 2481, 2482, 2483 or 2484' - cman.ora | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DG0191-ORACLE11 - Credentials used to access remote databases should be protected by encryption and restricted to authorized users - '%ORACLE_HOME%\database\PWDorcl.ora permissions are correct' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DG0195-ORACLE11 - DBMS production application and data directories should be protected from developers on shared production/development DBMS host systems - 'root is not a mamber of the oracle group' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - '%ORACLE_HOME%\NETWORK\ADMIN\listener.ora LOG_DIRECTORY_{listener} is configured' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | AUDIT AND ACCOUNTABILITY |
| DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - '%ORACLE_HOME%\NETWORK\ADMIN\listener.ora LOG_FILE_{listener} is configured' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | AUDIT AND ACCOUNTABILITY |
| DO6740-ORACLE11 - The Oracle Listener ADMIN_RESTRICTIONS parameter if present should be set to ON - '$ORACLE_HOME/network/admin/listener.ora ADMIN_RESTRICTIONS_{listener} = on' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI030 - Font downloads must be disallowed (Internet zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI032 - Accessing data sources across domains must be disallowed (Internet zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI113 - The Download unsigned ActiveX controls property must be disallowed (Restricted Site zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI115 - ActiveX controls and plug-ins must be disallowed (Restricted Sites zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI122 - Accessing data sources across domains must be disallowed (Restricted Sites zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI775 - Automatic checking for Internet Explorer updates must be disallowed. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WA000-WI030 IIS6 - The IUSR_machinename account must not have read access to the .inc files or their equivalent. - 'global.asa' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | ACCESS CONTROL |
| WA000-WI6028 IIS6 - The Shutdown worker processes Idle Timeout monitor must be enabled. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI6080 IIS6 - The AllowRestrictedChars registry key must be disabled. | DISA STIG IIS 6.0 Server v6r16 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WA000-WI6092 IIS6 - The PercentUAllowed registry entry must be set properly. | DISA STIG IIS 6.0 Server v6r16 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WA000-WI6098 IIS6 - The MaxRequestEntityAllowed metabase value must be defined. - 'IisWebFileSetting' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WA000-WWA020 W22 - The Timeout directive must be properly set. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WA000-WWA022 W22 - The KeepAlive directive must be enabled. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WA000-WWA024 A22 - The KeepAliveTimeout directive must be defined. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | ACCESS CONTROL |
| WA000-WWA026 A22 - The httpd.conf StartServers directive must be set properly. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WA000-WWA050 A22 - All interactive programs must be placed in a designated directory with appropriate permissions - printenv | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WA000-WWA050 W22 - All interactive programs must be placed in a designated directory with appropriate permissions. - 'SetHandler' | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WWA052 A22 - The '-FollowSymLinks' setting must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WA000-WWA056 A22 - The MultiViews directive must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WA000-WWA062 W22 - The HTTP request header fields must be limited. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WWA066 W22 - The HTTP request line must be limited. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG080 IIS6 - A compiler must not be installed on a production web server. - 'Lcc-win32.exe search' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG080 IIS6 - A compiler must not be installed on a production web server. - 'msc.exe search' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG140 IIS6 - A private web sites authentication mechanism must use client certificates. - 'AccessSSLRequireCert Enabled' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG145 IIS6 - The private web server must use an approved DoD certificate validation process. - 'Check W3SVC CertCheckMode' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WG220 A22 - Web administration tools must be restricted to the web manager and the web manager's designees - ResourceConfig | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | ACCESS CONTROL |
| WG310 A22 - A web site must not contain a robots.txt file | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG340 W22 - A private web server must utilize an approved TLS version. - 'SSLEngine' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG342 IIS6 - Public web servers must use TLS if authentication is required. - '128-Bit Encryption Enabled' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG345 A22 - The web server must remove all export ciphers from the cipher suite. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG370 A22 - MIME types for csh or sh shell programs must be disabled - AddHandler | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
