| 1.174 WN22-DC-000290 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT I | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2 Ensure that authorization is enabled for Cassandra databases | CIS Apache Cassandra 3.11 L2 Unix Audit v1.0.0 | Unix | ACCESS CONTROL |
| 2.2 Ensure that authorization is enabled for Cassandra databases | CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0 | Unix | ACCESS CONTROL |
| 3.1 (L1) Host should deactivate SSH | CIS VMware ESXi 8.0 v1.2.0 L1 VMware | VMware | CONFIGURATION MANAGEMENT |
| 3.1.2 Ensure the log destinations are set correctly | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.2 Ensure the log destinations are set correctly | CIS PostgreSQL 14 DB v 1.3.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.2 Ensure the log destinations are set correctly | CIS PostgreSQL 13 v1.3.0 L1 Database PostgreSQLDB | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.2 Ensure the log destinations are set correctly | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.12 Ensure syslog messages are not lost due to size | CIS PostgreSQL 13 v1.3.0 L1 Database PostgreSQLDB | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.12 Ensure syslog messages are not lost due to size | CIS PostgreSQL 15 v1.2.0 L1 OS Linux PostgreSQLDB | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.12 Ensure syslog messages are not lost due to size | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.8 Ensure 'INACTIVE_ACCOUNT_TIME' Is Less than or Equal to '120' | CIS Oracle Database 23ai v1.1.0 L1 RDBMS | OracleDB | ACCESS CONTROL |
| 3.8 Ensure 'INACTIVE_ACCOUNT_TIME' Is Less Than Or Equal To '120' | CIS Oracle Database 19c v2.0.0 L1 RDBMS | OracleDB | ACCESS CONTROL |
| 7.23 (L1) Virtual machines must restrict sharing of memory pages with other VMs | CIS VMware ESXi 8.0 v1.2.0 L1 VMware | VMware | CONFIGURATION MANAGEMENT |
| 9.1 Apply Applicable Updates | CIS BIND DNS v1.0.0 L1 Authoritative Name Server | Unix | RISK ASSESSMENT |
| 9.1 Check for Remote Consoles | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.1 Check for Remote Consoles | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL |
| 9.24 Find Files and Directories with Extended Attributes | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.24 Find Files and Directories with Extended Attributes | CIS Solaris 11.2 L1 v1.1.0 | Unix | |
| 9.25 Find Files and Directories with Extended Attributes | CIS Solaris 11.1 L1 v1.0.0 | Unix | |
| 9.25 Find Files and Directories with Extended Attributes | CIS Solaris 11 L1 v1.1.0 | Unix | |
| 12.22 Developer access to production databases - 'Disallow' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | |
| 12.22 Developer access to production databases - 'Disallow' | CIS v1.1.0 Oracle 11g OS L1 | Unix | |
| chrony is not installed - User | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure password creation requirements are configured - /etc/pam.d/* lcredit | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
| Ensure password creation requirements are configured - pwquality.conf minlen | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
| Ensure password expiration is 365 days or less | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
| Ensure password expiration warning days is 7 or more | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
| Ensure password fields are not empty | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
| Ensure permissions on /etc/cron.monthly are configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure permissions on /etc/cron.weekly are configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure permissions on /etc/crontab are configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure permissions on /etc/gshadow are configured - User and group | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure permissions on /etc/motd are configured | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure root login is restricted to system console | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
| Ensure rsync service is not enabled | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure secure ICMP redirects are not accepted - /etc/sysctl ipv4 default secure | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure separate partition exists for /tmp | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure separate partition exists for /var/log | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| Ensure session initiation information is collected - auditctl wtmp | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure successful file system mounts are collected - b32 | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure system administrator actions (sudolog) are collected | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure system is disabled when audit logs are full - 'admin_space_left_action = halt' | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure telnet client is not installed - dpkg | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure tftp server is not enabled | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure the MCS Translation Service (mcstrans) is not installed - rpm | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure time services are not enabled | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure unsuccessful unauthorized file access attempts are collected - b64 EPERM | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure users' .netrc Files are not group or world accessible | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| WN19-DC-000300 - Windows Server 2019 PKI certificates associated with user accounts must be issued by a DoD PKI or an approved External Certificate Authority (ECA). | DISA Microsoft Windows Server 2019 STIG v3r8 | Windows | IDENTIFICATION AND AUTHENTICATION |
