| 1.15 WN19-00-000150 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 1.15 WN19-00-000150 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | ACCESS CONTROL |
| 1.176 WN19-DC-000310 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.215 WN19-SO-000080 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.219 WN19-SO-000120 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 2.3.1 Ensure 'ENCRYPTION_SERVER' Is Set to 'REQUIRED' | CIS Oracle Server 19c Windows v1.2.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.1 Ensure 'ENCRYPTION_SERVER' Is Set to 'REQUIRED' | CIS Oracle Server 18c Linux v1.1.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.2 Ensure 'SQLNET.CRYPTO_CHECKSUM_SERVER' Is Set to 'REQUIRED' | CIS Oracle Server 18c Linux v1.1.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.2 Ensure 'SQLNET.CRYPTO_CHECKSUM_SERVER' Is Set to 'REQUIRED' | CIS Oracle Server 19c Linux v1.2.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.2 Ensure 'SQLNET.CRYPTO_CHECKSUM_SERVER' Is Set to 'REQUIRED' | CIS Oracle Server 19c Windows v1.2.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.1 Set an appropriate default database for all users | CIS Sybase 15.0 L1 DB v1.1.0 | SybaseDB | |
| 5.2 Ensure 'Default Trace Enabled' Server Configuration Option is set to '1' | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 7.3 Ensure Database Backups are Encrypted | CIS SQL Server 2016 Database L2 DB v1.4.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| DO3538-ORACLE11 - The Oracle REMOTE_OS_AUTHENT parameter should be set to FALSE - 'remote_os_authent = false' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | |
| EP11-00-006400 - The EDB Postgres Advanced Server and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| PPS9-00-003700 - Default, demonstration and sample databases, database objects, and applications must be removed. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| SQL2-00-039100 - The SQL Server Browser service must be disabled if its use is not necessary. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | CONFIGURATION MANAGEMENT |
| SQL4-00-030410 - Where SQL Server Audit is in use, SQL Server must generate audit records when unsuccessful attempts to retrieve privileges/permissions occur. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - APPLICATION_ROLE_CHANGE_PASSWORD_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - AUDIT_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - DATABASE_OBJECT_PERMISSION_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - DATABASE_OPERATION_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - DATABASE_PERMISSION_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - DATABASE_PRINCIPAL_IMPERSONATION_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - DBCC_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 102 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 104 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 108 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 111 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 116 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 117 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 131 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 132 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 133 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 135 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 162 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 171 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 172 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 176 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 177 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - LOGIN_CHANGE_PASSWORD_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - SCHEMA_OBJECT_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - SERVER_OBJECT_OWNERSHIP_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - SERVER_OBJECT_PERMISSION_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - SERVER_ROLE_MEMBER_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - TRACE_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-038000 - SQL Server must generate Trace or Audit records when concurrent logons/connections by the same user from different workstations occur - SUCCESSFUL_LOGIN_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQLI-22-012600 - When invalid inputs are received, the SQL Server must behave in a predictable and documented manner that reflects organizational and system objectives. | DISA Microsoft SQL Server 2022 Instance STIG v1r1 MS_SQLDB | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQLI-22-014800 - SQL Server must generate audit records when successful and unsuccessful logons or connection attempts occur. | DISA Microsoft SQL Server 2022 Instance STIG v1r1 MS_SQLDB | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
