| 1.3 Ensure Data Cluster Initialized Successfully | CIS PostgreSQL 12 OS v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.4 Ensure Data Cluster Initialized Successfully | CIS PostgreSQL 14 OS v 1.3.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.4 Ensure Data Cluster Initialized Successfully | CIS PostgreSQL 15 v1.2.0 L1 OS Linux Unix | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.4 Ensure Data Cluster Initialized Successfully | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.4 Ensure Data Cluster Initialized Successfully | CIS PostgreSQL 16 v1.1.0 L1 OS Linux Unix | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.5 Ensure Data Cluster Initialized Successfully | CIS PostgreSQL 10 OS v1.0.0 | Unix | ACCESS CONTROL |
| 1.5 Ensure Data Cluster Initialized Successfully | CIS PostgreSQL 11 OS v1.0.0 | Unix | ACCESS CONTROL |
| 2.1.1 Ensure 'extproc' Is Not Enabled | CIS Oracle Database 19c v2.0.0 L1 RDBMS On Host OS Windows | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.10 Ensure the correct syslog facility is selected | CIS PostgreSQL 9.6 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.12 Ensure the correct messages are written to the server log | CIS PostgreSQL 9.6 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.18 Ensure 'log_connections' is enabled | CIS PostgreSQL 9.6 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.19 Ensure 'log_disconnections' is enabled | CIS PostgreSQL 9.6 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled - audit.log | CIS PostgreSQL 9.6 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure the PostgreSQL Audit Extension (pgAudit) is enabled - pgaudit installed | CIS PostgreSQL 9.6 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 4.3 Ensure excessive function privileges are revoked | CIS PostgreSQL 9.6 DB v1.0.0 | PostgreSQLDB | ACCESS CONTROL |
| 4.4 Ensure excessive DML privileges are revoked | CIS PostgreSQL 9.6 DB v1.0.0 | PostgreSQLDB | ACCESS CONTROL |
| 6.1 Ensure 'Attack Vectors' Runtime Parameters are Configured | CIS PostgreSQL 9.6 DB v1.0.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 6.3 Ensure 'Postmaster' Runtime Parameters are Configured | CIS PostgreSQL 9.6 DB v1.0.0 | PostgreSQLDB | SYSTEM AND SERVICES ACQUISITION |
| 6.9 Ensure the pgcrypto extension is installed and configured correctly | CIS PostgreSQL 9.6 DB v1.0.0 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.5 Ensure streaming replication parameters are configured correctly | CIS PostgreSQL 9.6 DB v1.0.0 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.4 Ensure miscellaneous configuration settings are correct | CIS PostgreSQL 9.6 DB v1.0.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| ACLs: Filter for RFC 1918 addresses (192.168.0.0/16) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| ACLs: Filter for RFC 3330 addresses (127.0.0.0/8) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| ACLs: Filter for RFC 3330 addresses (192.0.0.0/24) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| ACLs: Filter for RFC 3330 addresses (192.42.172.0/24) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| ACLs: Filter for RFC 3330 addresses (198.18.0.0/15) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| ACLs: Filter for RFC 3330 addresses (203.0.113.0/24) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| ACLs: Filter for RFC 3330 addresses (240.0.0.0/4) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| Authentication: use a remote authentication server | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | ACCESS CONTROL |
| CIS_PostgreSQL_9.6_v1.0.0_L1_OS_Linux.audit from CIS Benchmark for PostgreSQL 9.6 | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | |
| DNS: A trusted primary DNS server is configured | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| DNS: A trusted secondary DNS server is configured | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| Fortigate - Admin password lockout >= 300 seconds | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | ACCESS CONTROL |
| Fortigate - Admin SCP - 'disabled' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | ACCESS CONTROL |
| Fortigate - Disable insecure services - TELNET | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | CONFIGURATION MANAGEMENT |
| Fortigate - Disable SSHv1 admin access | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | CONFIGURATION MANAGEMENT |
| Fortigate - DNS - primary server | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
| ICMP: Do not return unreachable messages | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| Login: ssh - limit consecutive logins to 16 or less | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | ACCESS CONTROL |
| Login: ssh - v2 and later is enabled | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | CONFIGURATION MANAGEMENT |
| Login: SSH is enabled | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | CONFIGURATION MANAGEMENT |
| Password Complexity: Require a minimum length of 8 characters | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | IDENTIFICATION AND AUTHENTICATION |
| Password Complexity: Require at least one special character | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | IDENTIFICATION AND AUTHENTICATION |
| Require Password Encryption | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | IDENTIFICATION AND AUTHENTICATION |
| SNMP: configure access groups to use privacy | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | IDENTIFICATION AND AUTHENTICATION |
| SNMP: configure community strings | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | IDENTIFICATION AND AUTHENTICATION |
| Time: Disable Daylight Savings Time adjustment | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | AUDIT AND ACCOUNTABILITY |
| Time: NTP servers use an authentication key | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | AUDIT AND ACCOUNTABILITY |
| Time: Set system clock to UTC | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | AUDIT AND ACCOUNTABILITY |
| TiMOS/SR-OS : OS Version is up to date | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | CONFIGURATION MANAGEMENT |
