| 1.6.1.3 Ensure SELinux policy is configured | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.5 Ensure the SELinux mode is enforcing | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.9 Ensure non-privileged users are prevented from executing privileged functions | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 2.006 - ACLs for system files and directories do not conform to minimum requirements. - 'C:' | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 2.006 - ACLS FOR SYSTEM FILES AND DIRECTORIES DO NOT CONFORM TO MINIMUM REQUIREMENTS. - 'C:\Program Files' | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 2.006 - ACLS FOR SYSTEM FILES AND DIRECTORIES DO NOT CONFORM TO MINIMUM REQUIREMENTS. - 'C:\Windows' | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 5.4.4 Ensure default user umask is 027 or more restrictive - '/etc/bash.bashrc' | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | ACCESS CONTROL |
| 5.4.4 Ensure default user umask is 027 or more restrictive - '/etc/bash.bashrc' | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | ACCESS CONTROL |
| 5.4.4 Ensure default user umask is 027 or more restrictive - '/etc/profile' | CIS Ubuntu Linux 14.04 LTS Server L1 v2.1.0 | Unix | ACCESS CONTROL |
| 5.4.4 Ensure default user umask is 027 or more restrictive - '/etc/profile' | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | ACCESS CONTROL |
| 5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profile | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profile.d/*.sh | CIS Amazon Linux v2.1.0 L1 | Unix | ACCESS CONTROL |
| 5.8 Ensure non-privileged users are prevented from executing privileged functions | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 6.1.11 Ensure no unowned files or directories exist | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 6.1.12 Ensure no ungrouped files or directories exist | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| Big Sur - Allow Administrators to Modify Security Settings and System Attributes | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL |
| Big Sur - Allow Administrators to Promote Other Users to Administrator Status | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL |
| Big Sur - Allow Information Transfer with Other Operating Systems | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL |
| Catalina - Allow Administrators to Modify Security Settings and System Attributes | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL |
| Catalina - Allow Administrators to Promote Other Users to Administrator Status | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL |
| Catalina - Allow Information Transfer with Other Operating Systems | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL |
| DG0009-ORACLE11 - Access to DBMS software files and directories should not be granted to unauthorized users - '/etc/profile umask < 022' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DG0009-ORACLE11 - Access to DBMS software files and directories should not be granted to unauthorized users - 'umask < 0022' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DTOO199 - Office System - Changing permissions on rights managed content for users must be enforced. | DISA STIG Office System 2010 v1r12 | Windows | ACCESS CONTROL |
| DTOO200 - Office System - Office must be configured to not allow read with browsers. | DISA STIG Office System 2010 v1r12 | Windows | ACCESS CONTROL |
| EPAS-00-007300 - The EDB Postgres Advanced Server must enforce discretionary access control policies, as defined by the data owner, over defined subjects and objects. | EnterpriseDB PostgreSQL Advanced Server OS Linux v1r1 | Unix | ACCESS CONTROL |
| GEN001180 - All network services daemon files must have mode 0755 or less permissive - httpd | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN001280 - Manual page files must have mode 0655 or less permissive - /usr/sfw/man/* | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN001280 - Manual page files must have mode 0655 or less permissive - /usr/share/man/* | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN006260 - The /etc/news/hosts.nntp (or equivalent) must have mode 0600 or less permissive. | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN006300 - The /etc/news/nnrp.access (or equivalent) must have mode 0600 or less permissive. | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| MADB-10-006700 - MariaDB must enforce discretionary access control policies, as defined by the data owner, over defined subjects, and objects. | DISA MariaDB Enterprise 10.x v1r3 DB | MySQLDB | ACCESS CONTROL |
| Monterey - Allow Administrators to Modify Security Settings and System Attributes | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |
| Monterey - Allow Administrators to Promote Other Users to Administrator Status | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |
| Monterey - Allow Information Transfer with Other Operating Systems | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |
| MYS8-00-010500 - The MySQL Database Server 8.0 must enforce discretionary access control policies, as defined by the data owner, over defined subjects and objects. | DISA Oracle MySQL 8.0 v1r5 DB | MySQLDB | ACCESS CONTROL |
| OL08-00-010373 - OL 8 must enable kernel parameters to enforce Discretionary Access Control (DAC) on symlinks. | DISA Oracle Linux 8 STIG v1r9 | Unix | ACCESS CONTROL |
| OL08-00-010374 - OL 8 must enable kernel parameters to enforce Discretionary Access Control (DAC) on hardlinks. | DISA Oracle Linux 8 STIG v1r9 | Unix | ACCESS CONTROL |
| RHEL-08-010373 - RHEL 8 must enable kernel parameters to enforce discretionary access control on symlinks. | DISA Red Hat Enterprise Linux 8 STIG v1r14 | Unix | ACCESS CONTROL |
| RHEL-08-010374 - RHEL 8 must enable kernel parameters to enforce discretionary access control on hardlinks. | DISA Red Hat Enterprise Linux 8 STIG v1r14 | Unix | ACCESS CONTROL |
| SQL2-00-008500 - SQL Server must enforce DAC policy allowing users to specify and control sharing by named individuals, groups of individuals, or by both; limiting propagation of access rights; and including or excluding access to the granularity of a single user - 'server permissions' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-008500 - SQL Server must enforce DAC policy allowing users to specify and control sharing by named individuals, groups of individuals, or by both; limiting propagation of access rights; and including or excluding access to the granularity of a single user - 'user defined roles' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-011000 - SQL Server utilizing Discretionary Access Control (DAC) must enforce a policy that limits propagation of access rights. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-011050 - SQL Server utilizing Discretionary Access Control (DAC) must enforce a policy that limits propagation of access rights. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | ACCESS CONTROL |
| WN11-00-000070 - Only accounts responsible for the administration of a system must have Administrator rights on the system. | DISA Windows 11 STIG v1r5 | Windows | ACCESS CONTROL |
| WN11-00-000080 - Only authorized user accounts must be allowed to create or run virtual machines on Windows 11 systems. | DISA Windows 11 STIG v1r5 | Windows | ACCESS CONTROL |
| WN11-00-000095 - Permissions for system files and directories must conform to minimum requirements | DISA Windows 11 STIG v1r5 | Windows | ACCESS CONTROL |
| WN22-00-000140 - Windows Server 2022 permissions for the system drive root directory (usually C:\) must conform to minimum requirements. | DISA Windows Server 2022 STIG v1r5 | Windows | ACCESS CONTROL |
| WN22-00-000150 - Windows Server 2022 permissions for program file directories must conform to minimum requirements. | DISA Windows Server 2022 STIG v1r5 | Windows | ACCESS CONTROL |
| WN22-00-000160 - Windows Server 2022 permissions for the Windows installation directory must conform to minimum requirements. | DISA Windows Server 2022 STIG v1r5 | Windows | ACCESS CONTROL |
