| 1.2 Use Dedicated Least Privileged Account for MariaDB Daemon/Service | CIS MariaDB 10.6 on Linux L1 v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 2.1.1 Backup Policy in Place | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | CONTINGENCY PLANNING |
| 2.1.1 Backup Policy in Place | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | CONTINGENCY PLANNING |
| 2.12 Limit Accepted Transport Layer Security (TLS) Versions | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.8 Ensure Plugin Directory Has Appropriate Permissions | CIS Oracle MySQL Community Server 8.4 v1.1.0 L1 MySQL RDBMS on Linux Unix | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.10 Secure MySQL Keyring | CIS Oracle MySQL Enterprise Edition 8.0 v1.5.0 L1 MySQL RDBMS on Linux Unix | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1 - System Administration Methods - CLI Session Timeout | NetApp Security Hardening Guide for ONTAP 9 v1.7.0 | Netapp_API | |
| 4.1 Create a user for the container | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | ACCESS CONTROL |
| 4.1 Create a user for the container | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | ACCESS CONTROL |
| 4.1 Ensure All Default Passwords Are Changed | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 4.1 Ensure All Default Passwords Are Changed | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 4.1 Ensure Bonjour Advertising Services Is Disabled | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure Bonjour Advertising Services Is Disabled | CIS Apple macOS 14.0 Sonoma v3.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure Bonjour Advertising Services Is Disabled | CIS Apple macOS 13.0 Ventura v4.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure Bonjour Advertising Services Is Disabled | CIS Apple macOS 15.0 Sequoia v2.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure Bonjour Advertising Services Is Disabled | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure device is not obviously jailbroken | MobileIron - CIS Apple iOS 12 v1.0.0 Institution Owned L1 | MDM | ACCESS CONTROL |
| 4.1 Ensure device is not obviously jailbroken | AirWatch - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.1 Ensure device is not obviously jailbroken | MobileIron - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.1 Ensure device is not obviously jailbroken | MobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | ACCESS CONTROL |
| 4.1 Ensure device is not obviously jailbroken | MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.1 Ensure device is not obviously jailbroken | AirWatch - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.1 Ensure device is not obviously jailbroken | MobileIron - CIS Apple iOS 14 and iPadOS 14 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 4 L2 OS Windows v1.0.0 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 5 L2 OS Linux v1.2.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 5 L2 OS Windows v1.2.0 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 7 v1.2.0 L2 Windows | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 8 v1.0.0 L2 Windows | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure that logging is enabled. - logback.xml | CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Harden Usage for 'local_infile' on MySQL Clients | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | CONFIGURATION MANAGEMENT |
| 4.4 Harden Usage for 'local_infile' on MySQL Clients | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS MySQLDB | MySQLDB | CONFIGURATION MANAGEMENT |
| 4.4 Harden Usage for 'local_infile' on MySQL Clients | CIS Oracle MySQL Enterprise Edition 8.4 v1.1.0 L1 MySQL RDBMS MySQLDB | MySQLDB | CONFIGURATION MANAGEMENT |
| 4.6 Ensure Symbolic Links are Disabled | CIS Oracle MySQL Community Server 8.0 v1.2.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.6 Ensure Symbolic Links are Disabled | CIS Oracle MySQL Enterprise Edition 8.0 v1.5.0 L1 MySQL RDBMS MySQLDB | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.6 Ensure Symbolic Links are Disabled | CIS Oracle MySQL Enterprise Edition 8.0 v1.5.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.6 Ensure Symbolic Links are Disabled | CIS Oracle MySQL Enterprise Edition 8.4 v1.1.0 L1 MySQL RDBMS MySQLDB | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 5.1 Ensure that system activity is audited | CIS MongoDB 5 L1 OS Linux v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure unauthorized API calls are monitored | CIS Amazon Web Services Foundations v7.0.0 L2 | amazon_aws | AUDIT AND ACCOUNTABILITY |
| 7.8 Ensure No Anonymous Accounts Exist | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 9.4 Ensure 'super_priv' is Not Set to 'Y' for Replication Users | CIS Oracle MySQL Enterprise Edition 8.0 v1.5.0 L1 MySQL RDBMS MySQLDB | MySQLDB | ACCESS CONTROL |
| GOOG-13-007200 - Google Android 13 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | AirWatch - DISA Google Android 13 COPE STIG v2r3 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-14-007200 - Google Android 14 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | AirWatch - DISA Google Android 14 COBO STIG v2r3 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-14-707200 - Google Android 14 must be configured to disable trust agents - NOTE: This requirement is not applicable (NA) for specific biometric authentication factors included in the product's Common Criteria evaluation. | AirWatch - DISA Google Android 14 BYOAD v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| HONW-13-007200 - Honeywell Android 13 must be configured to disable trust agents. | AirWatch - DISA Honeywell Android 13 COPE STIG v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| KNOX-07-003300 - The Samsung must be configured to disable authentication mechanisms providing user access to protected data - Password | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| MYS8-00-003600 - The MySQL Database Server 8.0 must generate audit records when categories of information (e.g., classification levels/security levels) are deleted. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| ZEBR-10-002300 - Zebra Android 10 must be configured to disable trust agents - NA for specific biometric authentication factors included in the products Common Criteria evaluation. | AirWatch - DISA Zebra Android 10 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-10-002300 - Zebra Android 10 must be configured to disable trust agents - NA for specific biometric authentication factors included in the products Common Criteria evaluation. | AirWatch - DISA Zebra Android 10 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-11-002300 - Zebra Android 11 must be configured to disable trust agents - NA for specific biometric authentication factors included in the products Common Criteria evaluation. | MobileIron - DISA Zebra Android 11 COBO STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
