| 2.10 Ensure Unnecessary SQL Server Protocols are set to 'Disabled' | CIS SQL Server 2012 Database L1 OS v1.6.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.10 Enable 'PUBLIC DATABASE LINK' Audit Option | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| DISA_STIG_Apache_Server-2.4_Unix_v3r2_Middleware.audit from DISA Apache Server 2.4 UNIX Server v3r2 STIG | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | |
| DISA_STIG_Cisco_ASA_FW_v2r1.audit from DISA Cisco ASA Firewall v2r1 STIG | DISA STIG Cisco ASA FW v2r1 | Cisco | |
| DISA_STIG_Cisco_ASA_VPN_v2r2.audit from DISA Cisco ASA VPN v2r2 STIG | DISA STIG Cisco ASA VPN v2r2 | Cisco | |
| DISA_STIG_Microsoft_Excel_2013_v1r8.audit from DISA Microsoft Excel 2013 v1r8 STIG | DISA STIG Microsoft Excel 2013 v1r8 | Windows | |
| DISA_STIG_Microsoft_Excel_2016_v2r1.audit from DISA Microsoft Excel 2016 v2r1 STIG | DISA STIG Microsoft Excel 2016 v2r1 | Windows | |
| DISA_STIG_Microsoft_InfoPath_2013_v1r6.audit from DISA Microsoft InfoPath 2013 v1r6 STIG | DISA STIG Microsoft InfoPath 2013 v1r6 | Windows | |
| DISA_STIG_Microsoft_Lync_2013_v1r5.audit from DISA Microsoft Lync 2013 v1r5 STIG | DISA STIG Microsoft Lync 2013 v1r5 | Windows | |
| DISA_STIG_Microsoft_OneNote_2013_v1r4.audit from DISA Microsoft OneNote 2013 v1r4 STIG | DISA STIG Microsoft OneNote 2013 v1r4 | Windows | |
| DISA_STIG_Microsoft_PowerPoint_2010_v1r11.audit from DISA Microsoft PowerPoint 2010 v1r11 STIG | DISA STIG Office 2010 PowerPoint v1r11 | Windows | |
| DISA_STIG_Microsoft_Project_2010_v1r10.audit from DISA Microsoft Project 2010 v1r10 STIG | DISA STIG Office 2010 Project v1r10 | Windows | |
| DISA_STIG_Microsoft_Project_2013_v1r5.audit from DISA Microsoft Project 2013 v1r5 STIG | DISA STIG Microsoft Project 2013 v1r5 | Windows | |
| DISA_STIG_Microsoft_Publisher_2010_v1r12.audit from DISA Microsoft Publisher 2010 v1r12 STIG | DISA STIG Office 2010 Publisher v1r12 | Windows | |
| DISA_STIG_Microsoft_Publisher_2013_v1r6.audit from DISA Microsoft Publisher 2013 v1r6 STIG | DISA STIG Microsoft Publisher 2013 v1r6 | Windows | |
| DISA_STIG_Oracle_Linux_5_v2r1.audit from DISA Oracle Linux 5 v2r1 STIG | DISA STIG for Oracle Linux 5 v2r1 | Unix | |
| DISA_STIG_Server_2012_and_2012_R2_DC_v3r7.audit from DISA Microsoft Windows Server 2012/2012 R2 Domain Controller v3r7 STIG | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | |
| DISA_STIG_Solaris_10_SPARC_v2r4.audit from DISA Solaris 10 SPARC v2r4 STIG | DISA STIG Solaris 10 SPARC v2r4 | Unix | |
| DISA_STIG_Solaris_10_x86_v2r4.audit from DISA Solaris 10 X86 v2r4 STIG | DISA STIG Solaris 10 X86 v2r4 | Unix | |
| MYS8-00-002500 - The MySQL Database Server 8.0 must generate audit records when unsuccessful attempts to add privileges/permissions occur. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-002600 - The MySQL Database Server 8.0 must generate audit records when privileges/permissions are modified. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-002700 - The MySQL Database Server 8.0 must generate audit records when unsuccessful attempts to modify privileges/permissions occur. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| O112-C2-007400 - The DBMS must produce audit records containing sufficient information to establish what type of events occurred. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| O112-C2-007500 - The DBMS must produce audit records containing sufficient information to establish when (date and time) the events occurred. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| O112-C2-007600 - The DBMS must produce audit records containing sufficient information to establish where the events occurred. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| O112-C2-007700 - The DBMS must produce audit records containing sufficient information to establish the sources (origins) of the events. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| O112-C2-007900 - The DBMS must produce audit records containing sufficient information to establish the identity of any user/subject or process associated with the event. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012000 - SQL Server must produce audit records containing sufficient information to establish where the events occurred - 'Event ID 18' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012000 - SQL Server must produce audit records containing sufficient information to establish where the events occurred - 'Event ID 111' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012000 - SQL Server must produce audit records containing sufficient information to establish where the events occurred - 'Event ID 134' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012000 - SQL Server must produce audit records containing sufficient information to establish where the events occurred - 'Event ID 176' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-020000 - SQL Server must protect the integrity of publicly available information and SQL Servers configuration from unauthorized Securables access. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-016200 - SQL Server must have the publicly available Northwind sample database removed. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-016300 - SQL Server must have the publicly available pubs sample database removed. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-016310 - SQL Server must have the publicly available AdventureWorks sample database removed. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-016835 - SQL Server must have the Data Quality Services software component removed if it is unused. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-017100 - The SQL Server default account [sa] must be disabled. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-035500 - Software updates to SQL Server must be tested before being applied to production systems. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL4-00-037800 - SQL Server must generate Trace or Audit records when unsuccessful attempts to execute privileged activities or other system-level access occur - BACKUP_RESTORE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037800 - SQL Server must generate Trace or Audit records when unsuccessful attempts to execute privileged activities or other system-level access occur - DATABASE_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037800 - SQL Server must generate Trace or Audit records when unsuccessful attempts to execute privileged activities or other system-level access occur - Event ID 47 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037800 - SQL Server must generate Trace or Audit records when unsuccessful attempts to execute privileged activities or other system-level access occur - Event ID 86 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037800 - SQL Server must generate Trace or Audit records when unsuccessful attempts to execute privileged activities or other system-level access occur - Event ID 88 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037800 - SQL Server must generate Trace or Audit records when unsuccessful attempts to execute privileged activities or other system-level access occur - Event ID 89 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037800 - SQL Server must generate Trace or Audit records when unsuccessful attempts to execute privileged activities or other system-level access occur - Event ID 171 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037800 - SQL Server must generate Trace or Audit records when unsuccessful attempts to execute privileged activities or other system-level access occur - SCHEMA_OBJECT_PERMISSION_CHANGE... | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037800 - SQL Server must generate Trace or Audit records when unsuccessful attempts to execute privileged activities or other system-level access occur - SERVER_OBJECT_OWNERSHIP_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037800 - SQL Server must generate Trace or Audit records when unsuccessful attempts to execute privileged activities or other system-level access occur - SERVER_STATE_CHANGE_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL6-D0-016200 - The SQL Server default account [sa] must be disabled. | DISA STIG SQL Server 2016 Instance DB Audit v3r4 | MS_SQLDB | ACCESS CONTROL |
| SQL6-D0-017800 - The SQL Server Browser service must be disabled unless specifically required and approved. | DISA STIG SQL Server 2016 Instance OS Audit v3r4 | Windows | CONFIGURATION MANAGEMENT |
