| 1.1.16 Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate | CIS Kubernetes 1.8 Benchmark v1.2.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.17 Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.18 Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.2.20 Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | AUDIT AND ACCOUNTABILITY |
| 1.2.23 Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | AUDIT AND ACCOUNTABILITY |
| 1.13 Audit Docker files and directories - /etc/docker/daemon.json | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 2.1 Secure the DB2 Runtime Library | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Linux | Unix | |
| 3.1.8 Secure all diagnostic logs | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.8 Secure all diagnostic logs | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows | Windows | |
| 3.1.8 Secure all diagnostic logs | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.8 Secure all diagnostic logs | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Windows | Windows | |
| 3.1.12 Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.17 Secure permissions for the primary archive log location - LOGARCHMETH1 OS Permissions | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | |
| 3.1.17 Secure permissions for the primary archive log location - LOGARCHMETH1 OS Permissions | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 3.1.17 Secure permissions for the primary archive log location - LOGARCHMETH1 OS Permissions | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | |
| 3.1.17 Secure permissions for the primary archive log location - LOGARCHMETH1 OS Permissions | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 3.1.17 Secure permissions for the primary archive log location - LOGARCHMETH1 Setting | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | AUDIT AND ACCOUNTABILITY |
| 3.1.18 Secure permissions for the secondary archive log location - LOGARCHMETH2 OS Permission | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | |
| 3.1.18 Secure permissions for the secondary archive log location - LOGARCHMETH2 OS Permission | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | |
| 3.1.18 Secure permissions for the secondary archive log location - LOGARCHMETH2 OS Permissions | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 3.1.18 Secure permissions for the secondary archive log location - LOGARCHMETH2 Setting | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | AUDIT AND ACCOUNTABILITY |
| 3.1.18 Secure permissions for the secondary archive log location - LOGARCHMETH2 Setting | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.18 Secure permissions for the secondary archive log location - LOGARCHMETH2 Setting | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | AUDIT AND ACCOUNTABILITY |
| 3.1.18 Secure permissions for the secondary archive log location - LOGARCHMETH2 Setting | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2.7 Secure permissions for the log mirror location | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2.7 Secure permissions for the log mirror location | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows | Windows | AUDIT AND ACCOUNTABILITY |
| 3.2.7 Secure permissions for the log mirror location | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB | IBM_DB2DB | |
| 3.2.7 Secure permissions for the log mirror location - FILE_PERMISSIONS | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 4.8 (L1) Host must store one week of audit records | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | AUDIT AND ACCOUNTABILITY |
| 5.3.22 Ensure SSH MaxStartups is configured - sshd | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.22 Ensure SSH MaxStartups is configured - sshd | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.22 Ensure SSH MaxStartups is configured - sshd | CIS Red Hat 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.3.22 Ensure SSH MaxStartups is configured - sshd_config | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.22 Ensure SSH MaxStartups is configured - sshd_config | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.22 Ensure SSH MaxStartups is configured - sshd_config | CIS CentOS 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.22 Ensure SSH MaxStartups is configured - sshd_config | CIS Red Hat 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| APPL-15-001100 - The macOS system must disable root login for SSH. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| ARST-RT-000080 - The Arista Multicast Source Discovery Protocol (MSDP) router must be configured to filter source-active multicast advertisements to external MSDP peers to avoid global visibility of local-only multicast sources and groups. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| DTAVSEL-100 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to run a scheduled On-Demand scan at least once a week. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Out-of-Band Management port | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-07-010030 - The Red Hat Enterprise Linux operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting local or remote access to the system via a graphical user logon. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-010040 - The Red Hat Enterprise Linux operating system must display the approved Standard Mandatory DoD Notice and Consent Banner before granting local or remote access to the system via a graphical user logon. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-010050 - The Red Hat Enterprise Linux operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting local or remote access to the system via a command line user logon. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-010120 - The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed or new passwords are established, the new password must contain at least one upper-case character. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010150 - The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed or new passwords are established, the new password must contain at least one special character. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010483 - Red Hat Enterprise Linux operating systems version 7.2 or newer booted with a BIOS must have a unique name for the grub superusers account when booting into single-user and maintenance modes. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-020720 - The Red Hat Enterprise Linux operating system must be configured so that all local interactive user initialization files executable search paths contain only paths that resolve to the users home directory. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-031010 - The Red Hat Enterprise Linux operating system must be configured so that the rsyslog daemon does not accept log messages from other servers unless the server is being used for log aggregation. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-040720 - The Red Hat Enterprise Linux operating system must be configured so that if the Trivial File Transfer Protocol (TFTP) server is required, the TFTP daemon is configured to operate in secure mode. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| VCENTER-000021 - The use of Linux-based clients must be restricted. | DISA STIG VMWare ESXi vCenter 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
