| 5.4.2 Ensure Control Plane Authorized Networks is Enabled | CIS Google Kubernetes Engine (GKE) Autopilot v1.1.0 L2 | GCP | ACCESS CONTROL, MEDIA PROTECTION |
| 5.6.3 Ensure Control Plane Authorized Networks is Enabled | CIS Google Kubernetes Engine (GKE) v1.7.0 L2 | GCP | ACCESS CONTROL, MEDIA PROTECTION |
| 7.7 Enable Extension Block List | CIS Mozilla Firefox 102 ESR Linux L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.7.1.1 (BL) Ensure 'Prevent installation of devices that match any of these device IDs' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | MEDIA PROTECTION |
| 18.9.7.1.1 (BL) Ensure 'Prevent installation of devices that match any of these device IDs' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | MEDIA PROTECTION |
| 18.9.7.1.4 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | MEDIA PROTECTION |
| 18.9.7.1.4 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 BL | Windows | MEDIA PROTECTION |
| 18.9.7.1.4 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 BL | Windows | MEDIA PROTECTION |
| 18.9.7.1.4 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | MEDIA PROTECTION |
| 18.9.7.1.11 (L1) Ensure 'Prevent installation of removable devices' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | MEDIA PROTECTION |
| DG0009-ORACLE11 - Access to DBMS software files and directories should not be granted to unauthorized users - 'umask < 0022' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DG0010-ORACLE11 - Database executable and configuration files should be monitored for unauthorized modifications. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0017-ORACLE11 - A production DBMS installation should not coexist on the same DBMS host with other, non-production DBMS installations. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0025-ORACLE11 - DBMS cryptography must be NIST FIPS 140-2 validated - '$ORACLE_HOME/network/admin/sqlnet.ora SQLNET.SSLFIPS_140 = true' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DG0050-ORACLE11 - Database software, applications and configuration files should be monitored to discover unauthorized changes. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0052-ORACLE11 - All applications that access the database should be logged in the audit trail. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0054-ORACLE11 - The audit logs should be periodically monitored to discover DBMS access using unauthorized applications. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0086-ORACLE11 - DBA roles should be periodically monitored to detect assignment of unauthorized or excess privileges. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0097-ORACLE11 - Plans and procedures for testing DBMS installations, upgrades and patches should be defined and followed prior to production implementation. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0099-ORACLE11 - Access to external DBMS executables should be disabled or restricted - '$ORACLE_HOME/rdbms/admin/externaljob.ora run_group = nobody' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0099-ORACLE11 - Access to external DBMS executables should be disabled or restricted - '$ORACLE_HOME/rdbms/admin/externaljob.ora SET EXTPROC_DLLS=ONLY' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0187-ORACLE11 - DBMS software libraries should be periodically backed up - '$ORACLE_BASE files are being backed up' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONTINGENCY PLANNING |
| DG0187-ORACLE11 - DBMS software libraries should be periodically backed up - '$ORACLE_HOME files are being backed up' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONTINGENCY PLANNING |
| DG0195-ORACLE11 - DBMS production application and data directories should be protected from developers on shared production/development DBMS host systems - 'root is not a mamber of the oracle group' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DG7001-ORACLE11 - The directory assigned to the AUDIT_FILE_DEST parameter must be protected from unauthorized access and must be stored in a dedicated directory or disk partition separate from software or other application files. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG7002-ORACLE11 - A minimum of two Oracle control files must be defined and configured to be stored on separate, archived disks (physical or virtual) or archived partitions on a RAID device. | DISA STIG Oracle 11 Installation v9r1 Database | OracleDB | |
| DO0145-ORACLE11 - OS DBA group membership should be restricted to authorized accounts. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DO0360-ORACLE11 - Connections by mid-tier web and application systems to the Oracle DBMS should be protected, encrypted and authenticated according to database, web, application, enclave and network requirements. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - '$ORACLE_HOME/network/admin/listener.ora DIAG_ADR_ENABLED_{listener} = on' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - '$ORACLE_HOME/network/log/listener.log mode 640' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - 'LOG_DIRECTORY_{listener} is configured' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - 'LOG_DIRECTORY_SERVER = $ORACLE_BASElog' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| FireEye - AAA tries local authentication first | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| FireEye - Boot manager password is set | TNS FireEye | FireEye | SYSTEM AND INFORMATION INTEGRITY |
| FireEye - Custom SNORT rules are enabled | TNS FireEye | FireEye | SYSTEM AND INFORMATION INTEGRITY |
| FireEye - FENet security content updates are applied automatically | TNS FireEye | FireEye | |
| FireEye - IPMI should be connected to a restricted management network | TNS FireEye | FireEye | |
| FireEye - LDAP encryption certificates are verified | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| FireEye - SNMP trap hosts that use community override use a secure community string | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| FireEye - SNMP traps use a secure community string | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| FireEye - SNMP v3 users have passwords | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - SNMP v3 uses AES instead of DES | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - SSH users are logged out after 15 minutes of inactivity or less | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - The appliance uses a trusted DNS server | TNS FireEye | FireEye | SYSTEM AND COMMUNICATIONS PROTECTION |
| FireEye - USB media is not auto-mounted | TNS FireEye | FireEye | MEDIA PROTECTION |
| FireEye - User connections are limited by subnet or VLAN | TNS FireEye | FireEye | SYSTEM AND COMMUNICATIONS PROTECTION |
| FireEye - Web interface does not use the system self-signed certificate | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| Review the list of Domains | Tenable Best Practices RackSpace v2.0.0 | Rackspace | CONFIGURATION MANAGEMENT |
| SOL-11.1-020190 - The operating system must employ automated mechanisms, per organization-defined frequency, to detect the addition of unauthorized components/devices into the operating system. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SPLK-CL-000130 - Splunk Enterprise must be configured to retain the DoD-defined attributes of the log records sent by the devices and hosts. | DISA STIG Splunk Enterprise 8.x for Linux v2r2 STIG REST API | Splunk | AUDIT AND ACCOUNTABILITY |
