| 2.2.12 Ensure 'SEC_PROTOCOL_ERROR_TRACE_ACTION' Is Set to 'LOG' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 2.2.12 Ensure 'SEC_PROTOCOL_ERROR_TRACE_ACTION' Is Set to 'LOG' | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 2.2.12 Ensure 'SEC_PROTOCOL_ERROR_TRACE_ACTION' Is Set to 'LOG' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 2.2.14 Ensure 'SEC_PROTOCOL_ERROR_TRACE_ACTION' Is Set to 'LOG' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 2.3.10 Ensure 'SEC_PROTOCOL_ERROR_TRACE_ACTION' Is Set To 'LOG' | CIS Oracle Database 23ai v1.1.0 L1 RDBMS | OracleDB | AUDIT AND ACCOUNTABILITY |
| 2.6 Ensure 'Remote Access' Server Configuration Option is set to '0' | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6 Ensure 'Remote Access' Server Configuration Option is set to '0' | CIS SQL Server 2016 Database L1 DB v1.4.0 | MS_SQLDB | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6 Ensure 'Remote Access' Server Configuration Option is set to '0' | CIS SQL Server 2017 Database L1 AWS RDS v1.3.0 | MS_SQLDB | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.12 Ensure the 'SYSADMIN' Role is Limited to Administrative or Built-in Accounts | CIS Microsoft SQL Server 2019 v1.5.0 L1 Database Engine | MS_SQLDB | ACCESS CONTROL |
| 18.9.77.10.2 (L1) Ensure 'Turn on e-mail scanning' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-000 - The McAfee VirusScan Enterprise for Linux Web interface must be disabled unless the system is on a segregated network. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | CONFIGURATION MANAGEMENT |
| DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvclean.dat | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-003 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to enable On-Access scanning. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-004 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to decompress archives when scanning. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-006 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find unknown macro viruses. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-008 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to scan files when being written to disk. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-008 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to scan files when being written to disk. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-011 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner maximum scan time must not be less than 45 seconds - default.scanMaxTmo | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-011 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner maximum scan time must not be less than 45 seconds - scanMaxTmo | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-012 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must only be configured with exclusions that are documented and approved by the ISSO/ISSM/AO. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-012 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must only be configured with exclusions which are documented and approved by the ISSO/ISSM/AO. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-013 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Clean as first action when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-014 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Quarantine if first action fails when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-015 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Clean infected files automatically as first action when programs and jokes are found. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-016 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Move infected files to the quarantine directory if first action fails when programs and jokes are found. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-100 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to run a scheduled On-Demand scan at least once a week. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-105 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to scan all file types. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-105 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to scan all file types. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-108 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must only be configured with exclusions which are documented and approved by the ISSO/ISSM/AO. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-109 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x Web UI must be disabled. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | CONFIGURATION MANAGEMENT |
| DTAVSEL-112 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to decode MIME encoded files. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-112 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to decode MIME encoded files. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-113 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to include all local drives and their sub-directories. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-201 - The McAfee VirusScan Enterprise must be configured to receive all patches, service packs and updates from a DoD-managed source. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | CONFIGURATION MANAGEMENT |
| DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - SMTP host | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - trojansAlert | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - VirusDetected | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-301 - Access to the McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x Web UI must be enforced by firewall rules. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | CONFIGURATION MANAGEMENT |
| Microsoft network client: Digitally sign communications (always) | MSCT Windows Server 2016 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Microsoft network client: Digitally sign communications (always) | MSCT Windows 10 1903 v1.19.9 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Microsoft network client: Digitally sign communications (always) | MSCT Windows 10 v2004 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Microsoft network client: Digitally sign communications (always) | MSCT Windows 11 v24H2 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Microsoft network client: Digitally sign communications (always) | MSCT Windows 11 v23H2 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Microsoft network client: Digitally sign communications (always) | MSCT Windows 10 v21H1 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Microsoft network client: Digitally sign communications (always) | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Microsoft network client: Digitally sign communications (always) | MSCT Windows Server 2019 MS v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Microsoft network client: Digitally sign communications (always) | MSCT Windows Server 2022 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Microsoft network client: Digitally sign communications (always) | MSCT Windows 10 v1507 v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Microsoft network server: Digitally sign communications (if client agrees) | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| VCWN-06-000029 - The system must enable all tasks to be shown to Administrators in the Web Client. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | CONFIGURATION MANAGEMENT |
