| 1.2 Do Not Install a Multi-Use System - chkconfig | CIS BIND DNS v3.0.1 Authoritative Name Server | Unix | CONFIGURATION MANAGEMENT |
| 1.2.4 Disable the rhnsd Daemon | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.5 Disable the rhnsd Daemon | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.2.5 Disable the rhnsd Daemon | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.2.5 Disable the rhnsd Daemon | CIS Red Hat 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.2.5 Disable the rhnsd Daemon | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.5 Installing ISC BIND 9 - bind9 installation | CIS BIND DNS v3.0.1 Caching Only Name Server | Unix | |
| 1.5 Installing ISC BIND 9 - bind9 installation | CIS BIND DNS v3.0.1 Authoritative Name Server | Unix | |
| 1.7.3 Ensure the Standard Mandatory DoD Notice and Consent Banner are configured | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.7.3 Ensure the Standard Mandatory DoD Notice and Consent Banner are configured | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 2.1.2 Remove telnet Clients | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.4 Ensure 'SECURE_REGISTER_' Is Set to 'TCPS' or 'IPC' | CIS Oracle Server 18c Linux v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.4 Ensure 'SECURE_REGISTER_' Is Set to 'TCPS' or 'IPC' | CIS Oracle Server 12c Linux v3.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.4 Ensure 'SECURE_REGISTER_' Is Set to 'TCPS' or 'IPC' | CIS Oracle Server 12c Windows v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.4 Ensure 'SECURE_REGISTER_' Is Set to 'TCPS' or 'IPC' | CIS Oracle Server 18c Windows v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.6 Configure Network Time Protocol (NTP) - OPTIONS=-u ntp:ntp -p /var/run/ntpd.pid | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.6 Configure Network Time Protocol (NTP) - restrict -6 default kod nomodify nopeer notrap noquery | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.6 Configure Network Time Protocol (NTP) - restrict default kod nomodify nopeer notrap noquery | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.6 Configure Network Time Protocol (NTP) - server aaa.bbb.ccc.ddd | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.7 Remove LDAP | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.3.1 Deactivate Wireless Interfaces | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 5.2 Ensure SELinux security options are set, if applicable | CIS Docker Community Edition v1.1.0 L2 Docker | Unix | ACCESS CONTROL |
| 5.3 Ensure that, if applicable, SELinux security options are set | CIS Docker v1.8.0 L2 OS Linux | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.3.3.6.3 Ensure the certificate of the user or group is mapped to the corresponding user or group in the "sssd.conf" file | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.5.1.8 Ensure password expiration is 60 Day maximum for existing passwords | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.3.4 Upgrade Password Hashing Algorithm to SHA-512 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AZLX-23-002610 - Amazon Linux 2023 must implement nonexecutable data to protect its memory from unauthorized code execution. | DISA Amazon Linux 2023 STIG v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Ensure system accounts are non-login | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
| JBOS-AS-000655 - JBoss must be configured to use an approved cryptographic algorithm in conjunction with TLS. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JBOS-AS-000685 - The JRE installed on the JBoss server must be kept up to date. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-06-000275 - The operating system must employ cryptographic mechanisms to protect information in storage. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000276 - The operating system must protect the confidentiality and integrity of data at rest. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-06-000277 - The operating system must employ cryptographic mechanisms to prevent unauthorized disclosure of data at rest unless otherwise protected by alternative physical measures. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000504 - The operating system must conduct backups of user-level information contained in the operating system per organization defined frequency to conduct backups consistent with recovery time and recovery point objectives. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000505 - The operating system must conduct backups of system-level information contained in the information system per organization defined frequency to conduct backups that are consistent with recovery time and recovery point objectives. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-030201 - The Red Hat Enterprise Linux operating system must be configured to off-load audit logs onto a different system or storage media from the system being audited. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-07-030210 - The Red Hat Enterprise Linux operating system must take appropriate action when the remote logging buffer is full. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-07-030211 - The Red Hat Enterprise Linux operating system must label all off-loaded audit logs before sending them to the central log server. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-10-700010 - RHEL 10 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a Secure Shell (SSH) login. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-700510 - RHEL 10 must be configured so that the Secure Shell (SSH) daemon does not allow Generic Security Service Application Program Interface (GSSAPI) authentication. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-700520 - RHEL 10 must be configured so that the Secure Shell (SSH) daemon does not allow Kerberos authentication. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-700530 - RHEL 10 must be configured so that the Secure Shell (SSH) daemon does not allow rhosts authentication. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-10-700540 - RHEL 10 must be configured so that the Secure Shell (SSH) daemon does not allow known hosts authentication. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-10-700560 - RHEL 10 must be configured so that the Secure Shell (SSH) daemon performs strict mode checking of home directory configuration files. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-10-700570 - RHEL 10 must be configured so that the Secure Shell (SSH) daemon displays the date and time of the last successful account login upon an SSH login. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-10-700590 - RHEL 10 must be configured so that Secure Shell (SSH) server configuration files' permissions are not modified. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-700610 - RHEL 10 must be configured so that SSHD does not allow blank passwords. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-700620 - RHEL 10 must not permit direct logins to the root account using remote access via Secure Shell (SSH). | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-700630 - RHEL 10 must not allow a noncertificate trusted host Secure Shell (SSH) login to the system. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-700900 - RHEL 10 must implement nonexecutable data to protect its memory from unauthorized code execution. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
