| 1 - Application specific logging | TNS Best Practice Jetty 9 Linux | Unix | |
| 2.02 Version/Patches - 'Ensure the latest version of Oracle software is being used, and the latest patches are from Metalink are applied' | CIS v1.1.0 Oracle 11g OS L1 | Unix | |
| 3 - Configure log file size limit - org.eclipse.jetty.server.handler.RequestLogHandler | TNS Best Practice Jetty 9 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 4 - Restrict access to $JETTY_HOME - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 7 - SSL implementation - start.jar --module=deploy | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8 - Secure Datasources | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| 10 - Enable SSL Connector | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 11 - Access Control - JAAS | TNS Best Practice Jetty 9 Linux | Unix | |
| 12 - Remove and mask informational headers - Server Property Override | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 12.19 Network location of production and development databases - 'Separate' | CIS v1.1.0 Oracle 11g OS L1 | Unix | |
| 12.19 Network location of production and development databases - 'Separate' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | |
| 13 - Disable stacktrace in response body | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 13 - Restrict access to temp directory - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 14 - SSL Encryption - WSDL Secure Port | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 16 - ORB Subsystem - Security-Domain Set | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 16 - Restrict access to JETTY.policy - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 21 - Restrict access to users.xml - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 28 - Ensure scheme is set accurately | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 37 - Configure maxHttpHeaderSize | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 41 - Do not run applications as privileged | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| Brocade - Bottleneck alerts must be enabled | Tenable Best Practices Brocade FabricOS | Brocade | AUDIT AND ACCOUNTABILITY |
| Brocade - Bottleneck detection must be enabled | Tenable Best Practices Brocade FabricOS | Brocade | CONFIGURATION MANAGEMENT |
| Brocade - Configures filters for a specified audit class | Tenable Best Practices Brocade FabricOS | Brocade | AUDIT AND ACCOUNTABILITY |
| Brocade - Disable HTTP IPv4 | Tenable Best Practices Brocade FabricOS | Brocade | CONFIGURATION MANAGEMENT |
| Brocade - Disable HTTP IPv6 | Tenable Best Practices Brocade FabricOS | Brocade | CONFIGURATION MANAGEMENT |
| Brocade - Disable TFTP IPv6 | Tenable Best Practices Brocade FabricOS | Brocade | CONFIGURATION MANAGEMENT |
| Brocade - Enable SSH IPv6 | Tenable Best Practices Brocade FabricOS | Brocade | SYSTEM AND COMMUNICATIONS PROTECTION |
| Brocade - Enforce signature validation for firmware | Tenable Best Practices Brocade FabricOS | Brocade | SYSTEM AND INFORMATION INTEGRITY |
| Brocade - FIPS Mode is enabled | Tenable Best Practices Brocade FabricOS | Brocade | SYSTEM AND COMMUNICATIONS PROTECTION |
| Brocade - Forward all error logs to syslog daemon | Tenable Best Practices Brocade FabricOS | Brocade | AUDIT AND ACCOUNTABILITY |
| Brocade - lockout threshold set to 3 | Tenable Best Practices Brocade FabricOS | Brocade | ACCESS CONTROL |
| Brocade - minimum number of numeric digits set to 1 | Tenable Best Practices Brocade FabricOS | Brocade | IDENTIFICATION AND AUTHENTICATION |
| Brocade - MOTD Text | Tenable Best Practices Brocade FabricOS | Brocade | ACCESS CONTROL |
| Brocade - Review Enabled Accounts | Tenable Best Practices Brocade FabricOS | Brocade | ACCESS CONTROL |
| Brocade - SNMPv3 trap targets are configured properly | Tenable Best Practices Brocade FabricOS | Brocade | AUDIT AND ACCOUNTABILITY |
| DTAVSEL-011 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner maximum scan time must not be less than 45 seconds - default.scanMaxTmo | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-011 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner maximum scan time must not be less than 45 seconds - scanMaxTmo | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-013 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Clean as first action when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-015 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Clean as first action when programs and jokes are found. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-017 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to deny access to the file if an error occurs during scanning. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Ensure that database instances do not allow root access | Tenable Best Practices RackSpace v2.0.0 | Rackspace | ACCESS CONTROL |
| Rackspace Active Servers | Tenable Best Practices RackSpace v2.0.0 | Rackspace | CONFIGURATION MANAGEMENT |
| Rackspace Inactive Servers | Tenable Best Practices RackSpace v2.0.0 | Rackspace | CONFIGURATION MANAGEMENT |
| Rackspace Server Images | Tenable Best Practices RackSpace v2.0.0 | Rackspace | CONFIGURATION MANAGEMENT |
| Review the list of Current Rackspace Users | Tenable Best Practices RackSpace v2.0.0 | Rackspace | ACCESS CONTROL |
| Review the list of Rackspace Database Flavors | Tenable Best Practices RackSpace v2.0.0 | Rackspace | CONFIGURATION MANAGEMENT |
| Review the list of Rackspace Tenants | Tenable Best Practices RackSpace v2.0.0 | Rackspace | ACCESS CONTROL |
| Time: System has a secondary NTP server set | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | AUDIT AND ACCOUNTABILITY |
| WN16-DC-000300 - PKI certificates associated with user accounts must be issued by the DoD PKI or an approved External Certificate Authority (ECA). | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-DC-000300 - Windows Server 2019 PKI certificates associated with user accounts must be issued by a DoD PKI or an approved External Certificate Authority (ECA). | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
