| 1.219 WN19-SO-000120 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 3.3 Ensure 'Orphaned Users' are Dropped From SQL Server Databases | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | ACCESS CONTROL |
| 3.3 Ensure 'Orphaned Users' are Dropped From SQL Server Databases | CIS SQL Server 2016 Database L1 DB v1.4.0 | MS_SQLDB | ACCESS CONTROL |
| 3.3 Ensure 'Orphaned Users' are Dropped From SQL Server Databases | CIS Microsoft SQL Server 2022 v1.2.1 L1 AWS RDS | MS_SQLDB | ACCESS CONTROL |
| 3.3 Ensure 'Orphaned Users' are Dropped From SQL Server Databases | CIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine | MS_SQLDB | ACCESS CONTROL |
| 3.3 Ensure 'Orphaned Users' are Dropped from SQL Server Databases | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | ACCESS CONTROL |
| 3.3 Ensure 'Orphaned Users' are Dropped From SQL Server Databases | CIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDS | MS_SQLDB | ACCESS CONTROL |
| 3.3 Ensure 'Orphaned Users' are Dropped From SQL Server Databases - Orphaned Users are Dropped from SQL Server Databases | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | ACCESS CONTROL |
| 3.3 Ensure 'Orphaned Users' are Dropped From SQL Server Databases - Orphaned Users are Dropped from SQL Server Databases | CIS SQL Server 2014 Database L1 DB v1.5.0 | MS_SQLDB | ACCESS CONTROL |
| 5.2 Ensure 'Default Trace Enabled' Server Configuration Option is set to '1' | CIS SQL Server 2008 R2 DB Engine L1 v1.7.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 7.3 Ensure Database Backups are Encrypted | CIS SQL Server 2016 Database L2 DB v1.4.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure Network Encryption is Configured and Enabled | CIS Microsoft SQL Server 2019 v1.5.2 L2 Database Engine | MS_SQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS_Microsoft_Exchange_Server_2019_v1.0.0_Level_1_Edge.audit from CIS Microsoft Exchange Server 2019 Benchmark v1.0.0 | CIS Microsoft Exchange Server 2019 L1 Edge v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| CIS_Microsoft_Windows_Server_2019_STIG_v4.0.0_DC_CAT_III.audit from CIS Microsoft Windows Server 2019 STIG v4.0.0 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT III | Windows | |
| CIS_Microsoft_Windows_Server_2019_v4.0.0_L1_MS.audit from CIS Microsoft Windows Server 2019 Benchmark v4.0.0 | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | |
| CIS_Microsoft_Windows_Server_2019_v4.0.0_L2_DC.audit from CIS Microsoft Windows Server 2019 Benchmark v4.0.0 | CIS Microsoft Windows Server 2019 v4.0.0 L2 DC | Windows | |
| DO3538-ORACLE11 - The Oracle REMOTE_OS_AUTHENT parameter should be set to FALSE - 'remote_os_authent = false' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | |
| EP11-00-004000 - Access to external executables must be disabled or restricted. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | CONFIGURATION MANAGEMENT |
| EP11-00-006400 - The EDB Postgres Advanced Server and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| F5BI-AP-300008 - To protect against data mining, the F5 BIG-IP appliance providing content filtering must prevent SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields. | DISA F5 BIG-IP TMOS ALG STIG v1r2 | F5 | ACCESS CONTROL |
| F5BI-AS-000165 - To protect against data mining, The BIG-IP ASM module must be configured to detect SQL injection attacks launched against data storage objects, including, at a minimum, databases, database records, and database fields when providing content filtering to virtual servers. | DISA F5 BIG-IP Application Security Manager STIG v2r2 | F5 | ACCESS CONTROL |
| O112-C2-007800 - The DBMS must produce audit records containing sufficient information to establish the outcome (success or failure) of the events. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - APPLICATION_ROLE_CHANGE_PASSWORD_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - DATABASE_OBJECT_ACCESS_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - DATABASE_OPERATION_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - DATABASE_PERMISSION_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 102 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 103 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 105 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 107 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 108 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 112 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 115 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 117 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 118 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 128 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 129 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 130 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 132 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 133 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 152 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 162 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 171 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - Event ID 173 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - LOGIN_CHANGE_PASSWORD_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - SERVER_ROLE_MEMBER_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - SERVER_STATE_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-034000 - SQL Server must produce Trace or Audit records of its enforcement of access restrictions associated with changes to the configuration of the DBMS or database(s) - TRACE_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL6-D0-007400 - Access to Non-Standard extended stored procedures must be disabled or restricted, unless specifically required and approved. | DISA MS SQL Server 2016 Instance STIG v3r6 MS_SQLDB | MS_SQLDB | CONFIGURATION MANAGEMENT |
