| 1.1 Place Databases on Non-System Partitions | CIS MySQL 8.0 Enterprise Linux OS L1 v1.4.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.1 Backup Policy in Place | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | CONTINGENCY PLANNING |
| 2.1.1 Backup Policy in Place | CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 OS Linux on Linux | Unix | CONTINGENCY PLANNING |
| 2.1.1 Backup Policy in Place | CIS MySQL 5.6 Community Linux OS L1 v2.0.0 | Unix | CONTINGENCY PLANNING |
| 2.1.1 Backup Policy in Place | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | CONTINGENCY PLANNING |
| 2.3 Dedicate the Machine Running MySQL | CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 OS Linux on Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3 Dedicate the Machine Running MySQL | CIS MySQL 8.0 Community Linux OS L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.12 Limit Accepted Transport Layer Security (TLS) Versions | CIS MySQL 5.7 Community Database L2 v2.0.0 | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.12 Limit Accepted Transport Layer Security (TLS) Versions | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.7 Ensure SSL Key Files Have Appropriate Permissions | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.9 Secure MySQL Keyring - keyring_aws_conf_file | CIS MySQL 5.7 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.9 Secure MySQL Keyring - keyring_encrypted_file_data_path | CIS MySQL 5.7 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.9 Secure MySQL Keyring - keyring_file_data_path | CIS MySQL 5.7 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.10 Secure MySQL Keyring | CIS MySQL 8.0 Enterprise Linux OS L1 v1.4.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.10 Secure MySQL Keyring - keyring_aws_conf_file | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.10 Secure MySQL Keyring - keyring_encrypted_file_data_path | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.10 Secure MySQL Keyring - keyring_file_data_path | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.10 Secure MySQL Keyring - keyring_okv_path | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1 - System Administration Methods - Login Banner | NetApp Security Hardening Guide for ONTAP 9 v1.7.0 | Netapp_API | ACCESS CONTROL |
| 4.1 Configure Local Configuration Backup Schedule | CIS Cisco NX-OS v1.2.0 L1 | Cisco | CONTINGENCY PLANNING |
| 4.1 Ensure 'maxAllowedContentLength' is configured - Applications | CIS IIS 10 v1.2.1 Level 2 | Windows | SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure 'maxAllowedContentLength' is configured - Applications | CIS IIS 7 L2 v1.8.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 4.1 Ensure 'maxAllowedContentLength' is configured - Default | CIS IIS 10 v1.2.1 Level 2 | Windows | SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure 'maxAllowedContentLength' is configured - Default | CIS IIS 7 L2 v1.8.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 4.1 Ensure Interactive Login is Disabled | CIS PostgreSQL 13 OS v1.2.0 | Unix | ACCESS CONTROL |
| 4.1 Ensure Interactive Login is Disabled | CIS PostgreSQL 14 OS v 1.2.0 | Unix | ACCESS CONTROL |
| 4.1 Ensure Interactive Login is Disabled | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | Unix | ACCESS CONTROL |
| 4.1 Ensure sudo is configured correctly | CIS PostgreSQL 15 OS v1.1.0 | Unix | ACCESS CONTROL |
| 4.1 Ensure sudo is configured correctly | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | ACCESS CONTROL |
| 4.1 Ensure sudo is configured correctly | CIS PostgreSQL 10 OS v1.0.0 | Unix | ACCESS CONTROL |
| 4.1 Ensure sudo is configured correctly | CIS PostgreSQL 16 OS v1.0.0 | Unix | ACCESS CONTROL |
| 4.1 Ensure sudo is configured correctly | CIS PostgreSQL 11 OS v1.0.0 | Unix | ACCESS CONTROL |
| 4.1 Ensure sufficient space for logs | CIS Sybase 15.0 L2 DB v1.1.0 | SybaseDB | |
| 4.1 Restrict Core Dumps - 'fs.suid.dumpable = 0' | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | ACCESS CONTROL |
| 4.3 Ensure 'allow-suspicious-udfs' is Set to 'OFF' | CIS Oracle MySQL Community Server 8.4 v1.0.0 L2 OS Linux | Unix | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.4 Harden Usage for 'local_infile' on MySQL Clients | CIS MySQL 8.4 Enterprise v1.0.0 L1 Database | MySQLDB | CONFIGURATION MANAGEMENT |
| 4.6 Ensure Symbolic Links are Disabled | CIS MySQL 8.0 Community Database L1 v1.1.0 | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.6 Ensure Symbolic Links are Disabled | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.6 Ensure Symbolic Links are Disabled | CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 Database | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.6 Ensure Symbolic Links are Disabled | CIS MySQL 8.4 Enterprise v1.0.0 L1 Database | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.7 Ensure the 'daemon_memcached' Plugin Is Disabled | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | CONFIGURATION MANAGEMENT |
| 5.1 Default Service File Creation Mask | CIS Solaris 11 L1 v1.1.0 | Unix | |
| 5.1 Ensure Java is disabled | CIS Sybase 15.0 L1 DB v1.1.0 | SybaseDB | CONFIGURATION MANAGEMENT |
| 6.9 Harden host operating system | CIS Sybase 15.0 L1 DB v1.1.0 | SybaseDB | |
| 7.8 Ensure No Anonymous Accounts Exist | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 9.4 Ensure 'super_priv' is Not Set to 'Y' for Replication Users | CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 Database | MySQLDB | ACCESS CONTROL |
| 9.4 Ensure 'super_priv' is Not Set to 'Y' for Replication Users | CIS MySQL 8.4 Enterprise v1.0.0 L1 Database | MySQLDB | ACCESS CONTROL |
| GOOG-13-007200 - Google Android 13 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | AirWatch - DISA Google Android 13 COPE v2r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-14-707200 - Google Android 14 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | AirWatch - DISA Google Android 14 BYOAD v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| KNOX-07-003300 - The Samsung must be configured to disable authentication mechanisms providing user access to protected data - Password | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
