| 1.2 Use Dedicated Least Privileged Account for MariaDB Daemon/Service | CIS MariaDB 10.11 v1.0.0 L2 MariaDB RDBMS on Linux Unix | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 2.1.2 Verify Backups are Good | CIS MySQL 5.7 Community Linux OS L1 v2.0.0 | Unix | CONTINGENCY PLANNING |
| 2.1.3 Secure Backup Credentials | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, CONTINGENCY PLANNING, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2 Dedicate the Machine Running MySQL | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3 Dedicate the Machine Running MySQL | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux Unix | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3 Dedicate the Machine Running MySQL | CIS Oracle MySQL Community Server 8.4 v1.1.0 L1 MySQL RDBMS Unix | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3 Dedicate the Machine Running MySQL | CIS Oracle MySQL Enterprise Edition 8.4 v1.1.0 L1 MySQL RDBMS Unix | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3 Dedicate the Machine Running MySQL | CIS Oracle MySQL Enterprise Edition 8.4 v1.1.0 L1 MySQL RDBMS on Linux Unix | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3 Do Not Specify Passwords in Command Line | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.12 Limit Accepted Transport Layer Security (TLS) Versions | CIS MySQL 5.7 Community Database L2 v2.0.0 | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.9 Secure MySQL Keyring - keyring_aws_conf_file | CIS MySQL 5.7 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.9 Secure MySQL Keyring - keyring_file_data_path | CIS MySQL 5.7 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.10 Secure MySQL Keyring - keyring_encrypted_file_data_path | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.2 Ensure Example or Test Databases are Not Installed on Production Servers | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure Example or Test Databases are Not Installed on Production Servers | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.3 Enable Auditing of File Metadata Modification Events | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Harden Usage for 'local_infile' on MySQL Clients | CIS Oracle MySQL Enterprise Edition 8.4 v1.1.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | CONFIGURATION MANAGEMENT |
| 4.4 Harden Usage for 'local_infile' on MySQL Clients | CIS Oracle MySQL Community Server 8.4 v1.1.0 L1 MySQL RDBMS MySQLDB | MySQLDB | CONFIGURATION MANAGEMENT |
| 4.5 Ensure 'mysqld' is Not Started With '--skip-grant-tables' - /etc/my.cnf | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started With '--skip-grant-tables' - %PROGRAMDATA%\MySQL\MySQL Server 5.7\my.ini | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started With '--skip-grant-tables' - C:\my.cnf | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started With '--skip-grant-tables' - C:\my.ini | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.6 Ensure Symbolic Links are Disabled | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS MySQLDB | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.6 Ensure Symbolic Links are Disabled | CIS Oracle MySQL Community Server 8.4 v1.1.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.6 Ensure Symbolic Links are Disabled | CIS Oracle MySQL Enterprise Edition 8.4 v1.1.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.6 Ensure Symbolic Links are Disabled | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 5.1 Default Service File Creation Mask | CIS Solaris 11 L1 v1.1.0 | Unix | |
| 5.1 Ensure AppArmor Profile is Enabled | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | ACCESS CONTROL |
| 5.1 Ensure that system activity is audited | CIS MongoDB 3.6 L1 Unix Audit v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 4 L1 OS Linux v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 7 v1.2.0 L1 Windows | Windows | AUDIT AND ACCOUNTABILITY |
| 5.1 MultiStore - 'MultiStore protocol is disabled' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 6.4 Ensure 'log-raw' is Set to 'OFF' - /etc/my.cnf | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | MEDIA PROTECTION |
| 6.4 Ensure 'log-raw' is Set to 'OFF' - /etc/mysql/my.cnf | CIS MySQL 5.7 Community Linux OS L1 v2.0.0 | Unix | MEDIA PROTECTION |
| 6.4 Ensure 'log-raw' is Set to 'OFF' - /etc/mysql/my.cnf | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | MEDIA PROTECTION |
| 6.4 Ensure 'log-raw' is Set to 'OFF' - %PROGRAMDATA%\MySQL\MySQL Server 5.7\my.ini | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | MEDIA PROTECTION |
| 6.4 Ensure 'log-raw' is Set to 'OFF' - %WINDIR%\my.cnf | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | MEDIA PROTECTION |
| 6.4 Ensure 'log-raw' is Set to 'OFF' - MYSQL_INSTALL\my.cnf | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | MEDIA PROTECTION |
| 7.1 Ensure your authentication_policy is Set to a Secure Option | CIS Oracle MySQL Enterprise Edition 8.4 v1.1.0 L1 MySQL RDBMS MySQLDB | MySQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure Passwords are Not Stored in the Global Configuration - %WINDIR%\my.ini | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure Passwords are Not Stored in the Global Configuration - MYSQL_INSTALL\my.cnf | CIS MySQL 5.7 Community Windows OS L1 v2.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure Passwords are Not Stored in the Global Configuration - MYSQL_INSTALL\my.cnf | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure Passwords are Not Stored in the Global Configuration - MYSQL_INSTALL\my.ini | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3 Ensure 'sql_mode' Contains 'NO_AUTO_CREATE_USER' | CIS MySQL 5.7 Community Linux OS L1 v2.0.0 | Unix | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 7.3 Ensure 'sql_mode' Contains 'NO_AUTO_CREATE_USER' - %PROGRAMDATA%\MySQL\MySQL Server 5.7\my.cnf | CIS MySQL 5.7 Community Windows OS L1 v2.0.0 | Windows | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 7.3 Ensure 'sql_mode' Contains 'NO_AUTO_CREATE_USER' - %WINDIR%\my.ini | CIS MySQL 5.7 Community Windows OS L1 v2.0.0 | Windows | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 7.3 Ensure 'sql_mode' Contains 'NO_AUTO_CREATE_USER' - SYSCONFDIR/my.cnf | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 9.3 Ensure 'super_priv' is Not Set to 'Y' for Replication Users | CIS Oracle MySQL Community Server 8.4 v1.1.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | ACCESS CONTROL |
| 9.3 Ensure 'super_priv' is Not Set to 'Y' for Replication Users | CIS Oracle MySQL Enterprise Edition 8.4 v1.1.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | ACCESS CONTROL |
| 9.4 Ensure 'super_priv' is Not Set to 'Y' for Replication Users | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS MySQLDB | MySQLDB | ACCESS CONTROL |
