| 1.10.6 Ensure 'logging history severity level' is set to greater than or equal to '5' | CIS Cisco Firewall ASA 9 L1 v4.1.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 2.2.1 Enable 'Set time and date automatically' | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.1 Enable 'Set time and date automatically' | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - /sbin/modprobe | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - /sbin/rmmod | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl /sbin/insmod | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl /sbin/insmod | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl /sbin/rmmod | CIS Debian 8 Server L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl insmod | CIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl insmod | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl insmod | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl modprobe | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl rmmod | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - init_module | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - init_module/delete_module (32-bit) | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - insmod | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - modprobe | CIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - modprobe | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - rmmod | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 (L1) Ensure previous 5 passwords are prohibited | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | IDENTIFICATION AND AUTHENTICATION |
| 4.8 Ensure Billing Alerts are enabled for increments of X spend | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | CONFIGURATION MANAGEMENT |
| 5.2.1 Configure account lockout threshold | CIS Apple macOS 10.13 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 5.2.1 Ensure Password Account Lockout Threshold Is Configured | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | ACCESS CONTROL |
| 7.10 Repairing permissions is no longer needed with 10.11 | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | |
| 9.1.1 Enable cron Daemon - anacron run level 5 | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.1.1 Enable cron Daemon - cron run level 5 | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| BIND-9X-001600 - The BIND 9.x name server software must run with restricted privileges. | DISA BIND 9.x STIG v3r1 | Unix | CONFIGURATION MANAGEMENT |
| CASA-ND-000690 - The Cisco ASA must be configured to terminate all network connections associated with a device management session at the end of the session, or the session must be terminated after five minutes of inactivity except to fulfill documented and validated mission requirements. | DISA STIG Cisco ASA NDM v2r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000240 - The Cisco perimeter router must be configured to deny network traffic by default and allow network traffic by exception. | DISA Cisco IOS Router RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000320 - The Cisco perimeter router must be configured to filter traffic destined to the enclave in accordance with the guidelines contained in DoD Instruction 8551.1. | DISA Cisco IOS Router RTR STIG v3r4 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| Console inactivity timer | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | ACCESS CONTROL |
| DTAVSEL-008 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to scan files when being written to disk. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-008 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to scan files when being written to disk. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-011 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner maximum scan time must not be less than 45 seconds - default.scanMaxTmo | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-011 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner maximum scan time must not be less than 45 seconds - default.scanMaxTmo | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-011 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner maximum scan time must not be less than 45 seconds - scanMaxTmo | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-113 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to include all local drives and their sub-directories. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| IBM i : Required Difference in Passwords (QPWDRQDDIF) - '<=5' | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Required Difference in Passwords (QPWDRQDDIF) - '<=5' | IBM System i Security Reference for V7R2 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Required Difference in Passwords (QPWDRQDDIF) - '<=5' | IBM System i Security Reference for V7R3 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| KNOX-07-012100 - The Samsung Android 7 with Knox must implement the management setting: Enable CC mode. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-012100 - The Samsung Android 7 with Knox must implement the management setting: Enable CC mode. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| SLEM-05-611040 - SLEM 5 must require the change of at least eight of the total number of characters when passwords are changed. | DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLEM-05-653015 - SLEM 5 audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events. | DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLEM-05-653035 - SLEM 5 audit system must take appropriate action when the audit storage volume is full. | DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| SLEM-05-654010 - SLEM 5 must generate audit records for all uses of the "chacl" command. | DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| SonicWALL - User Inactivity Timeout - 5 minutes or less | TNS SonicWALL v5.9 | SonicWALL | ACCESS CONTROL |
| VCLU-70-000012 - Lookup Service must have Multipurpose Internet Mail Extensions (MIMEs) that invoke operating system shell programs disabled - MIMEs that invoke operating system shell programs disabled. | DISA STIG VMware vSphere 7.0 Lookup Service v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCPF-70-000012 - Performance Charts must have Multipurpose Internet Mail Extensions (MIMEs) that invoke operating system shell programs disabled. | DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1 | Unix | CONFIGURATION MANAGEMENT |
| VCUI-70-000012 - vSphere UI must have Multipurpose Internet Mail Extensions (MIME) that invoke operating system shell programs disabled. | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | CONFIGURATION MANAGEMENT |
