| 1.1.5 (L1) Ensure 'Password must meet complexity requirements' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.5 (L1) Ensure 'Password must meet complexity requirements' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.5 (L1) Ensure 'Password must meet complexity requirements' is set to 'Enabled' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.5 (L1) Ensure 'Password must meet complexity requirements' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.5 (L1) Ensure 'Password must meet complexity requirements' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.1.5 (L1) Ensure 'Password must meet complexity requirements' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.5.2 Ensure address space layout randomization (ASLR) is enabled - config | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.5.2 Ensure address space layout randomization (ASLR) is enabled - config | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.5.2 Ensure address space layout randomization (ASLR) is enabled - sysctl | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.1.1 Backup Policy in Place | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | CONTINGENCY PLANNING |
| 2.1.1 Backup Policy in Place | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | CONTINGENCY PLANNING |
| 2.1.1 Backup Policy in Place | CIS MySQL 5.6 Community Linux OS L1 v2.0.0 | Unix | CONTINGENCY PLANNING |
| 2.1.1 Backup Policy in Place | CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0 | Windows | CONTINGENCY PLANNING |
| 2.1.1 Backup Policy in Place | CIS MySQL 5.7 Community Windows OS L1 v2.0.0 | Windows | CONTINGENCY PLANNING |
| 2.2.17 Ensure 'PDB_OS_CREDENTIAL' is NOT null | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL |
| 2.3.1 Ensure 'ENCRYPTION_SERVER' Is Set to 'REQUIRED' | CIS Oracle Server 18c Linux v1.1.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.20 listener.ora - 'log_file_listener parameter settings' | CIS v1.1.0 Oracle 11g OS L1 | Unix | |
| 4.5 Ensure 'SYS.USER$MIG' Has Been Dropped | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 4.5 Ensure 'SYS.USER$MIG' Has Been Dropped | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 4.5 Ensure 'SYS.USER$MIG' Has Been Dropped | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 5.1.1.2 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "File System" Packages | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.1.2 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "File System" Packages | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.24 Radiuskey - 'Verify and set permissions on radius.key file' | CIS v1.1.0 Oracle 11g OS L1 | Unix | |
| 18.8.4.1 Ensure 'Encryption Oracle Remediation' is set to 'Enabled: Force Updated Clients' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 18.8.4.1 Ensure 'Encryption Oracle Remediation' is set to 'Enabled: Force Updated Clients' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.77.14 (L1) Ensure 'Turn off Windows Defender AntiVirus' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND INFORMATION INTEGRITY |
| ALMA-09-025870 - AlmaLinux OS 9 must be configured so that the rsyslog daemon does not accept log messages from other servers unless the server is being used for log aggregation. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| DG7001-ORACLE11 - The directory assigned to the AUDIT_FILE_DEST parameter must be protected from unauthorized access and must be stored in a dedicated directory or disk partition separate from software or other application files. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| DO0234-ORACLE11 - The directory assigned to the AUDIT_FILE_DEST parameter should be protected from unauthorized access - 'audit_file_dest parameter is configured' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | |
| Encryption Oracle Remediation | MSCT Windows 10 v20H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption Oracle Remediation | MSCT Windows 10 v22H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption Oracle Remediation | MSCT Windows Server v1909 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption Oracle Remediation | MSCT Windows Server 2019 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption Oracle Remediation | MSCT Windows Server 2019 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption Oracle Remediation | MSCT Windows 11 v22H2 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption Oracle Remediation | MSCT Windows 10 1903 v1.19.9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Encryption Oracle Remediation | MSCT Windows 10 1909 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Set SSH Active Server Alive Maximum to Zero | NIST macOS Monterey v1.0.0 - 800-171 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Set SSH Active Server Alive Maximum to Zero | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Set SSH Active Server Alive Maximum to Zero | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| O19C-00-005800 - Oracle Database must off-load audit data to a separate log management facility; this must be continuous and in near-real-time for systems with a network connection to the storage facility, and weekly or more often for stand-alone systems. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| O19C-00-011200 - Network access to Oracle Database must be restricted to authorized personnel. | DISA Oracle Database 19c STIG v1r1 Unix | Unix | CONFIGURATION MANAGEMENT |
| O19C-00-011200 - Network access to Oracle Database must be restricted to authorized personnel. | DISA Oracle Database 19c STIG v1r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| O19C-00-013700 - Oracle Database must ensure users are authenticated with an individual authenticator prior to using a shared authenticator. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O19C-00-016100 - Oracle Database must separate user functionality (including user interface services) from database management functionality. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| O112-BP-025101 - The directory assigned to the AUDIT_FILE_DEST parameter must be protected from unauthorized access and must be stored in a dedicated directory or disk partition separate from software or other application files. | DISA STIG Oracle 11.2g v2r5 Linux | Unix | CONFIGURATION MANAGEMENT |
| O112-BP-025101 - The directory assigned to the AUDIT_FILE_DEST parameter must be protected from unauthorized access and must be stored in a dedicated directory or disk partition separate from software or other application files. | DISA STIG Oracle 11.2g v2r5 Windows | Windows | CONFIGURATION MANAGEMENT |
| O112-C2-014300 - The DBMS must support organizational requirements to enforce password complexity by the number of numeric characters used. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O121-C1-011100 - Oracle software must be evaluated and patched against newly found vulnerabilities. | DISA STIG Oracle 12c v3r2 Database | OracleDB | CONFIGURATION MANAGEMENT |
| WBLC-10-000999 - The version of Oracle WebLogic running on the system must be a supported version. | Oracle WebLogic Server 12c Windows v2r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
