| 1.3 Verify no unauthorized kernel modules are loaded on the host | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 2.1 Configure NTP time synchronization | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | AUDIT AND ACCOUNTABILITY |
| 2.1.2 Verify Backups are Good | CIS MySQL 5.6 Enterprise Linux OS L1 v2.0.0 | Unix | CONTINGENCY PLANNING |
| 2.1.4 The Backups Should be Properly Secured | CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0 | Windows | CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.4 The Backups Should be Properly Secured | CIS MySQL 5.6 Enterprise Linux OS L1 v2.0.0 | Unix | CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2 Configure the ESXi host firewall to restrict access to services running on the host | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | ACCESS CONTROL |
| 2.2 Dedicate the Machine Running MySQL | CIS MySQL 5.6 Enterprise Linux OS L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.9 Require Current Password for Password Reset | CIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L2 MySQL RDBMS | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 3.1 Configure a centralized location to collect ESXi host core dumps | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 3.2 Configure Host Profiles to monitor and alert on configuration changes | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 4.3 Enable Auditing of File Metadata Modification Events - AUE_FACLSET : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 Enable Auditing of File Metadata Modification Events - AUE_FCHMOD : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 Enable Auditing of File Metadata Modification Events - AUE_FCHOWN : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 Enable Auditing of File Metadata Modification Events - AUE_FCHOWN : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 Establish a password policy for password complexity | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | IDENTIFICATION AND AUTHENTICATION |
| 4.4 Use Active Directory for local user authentication - Enabled = 'true' | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | IDENTIFICATION AND AUTHENTICATION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - --skip-grant-tables | CIS MySQL 5.6 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - /etc/my.cnf | CIS MySQL 5.6 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - /etc/mysql/my.cnf | CIS MySQL 5.6 Enterprise Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - %PROGRAMDATA%\MySQL\MySQL Server 5.6\my.ini Exists | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - %WINDIR%\my.ini | CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - C:\my.cnf | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - C:\my.cnf | CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - MYSQL_INSTALL\my.cnf | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - MYSQL_INSTALL\my.ini | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - SYSCONFDIR/my.cnf | CIS MySQL 5.6 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Verify Active Directory group membership for the 'ESX Admins' group | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | ACCESS CONTROL |
| 5.4 Enable lockdown mode to restrict remote access | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 5.5 Remove keys from SSH authorized_keys file | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 6.2 Ensure uniqueness of CHAP authentication secrets | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 6.4 Ensure 'log-raw' Is Set to 'OFF' - /etc/my.cnf | CIS MySQL 5.6 Community Linux OS L1 v2.0.0 | Unix | MEDIA PROTECTION |
| 6.4 Ensure 'log-raw' Is Set to 'OFF' - MYSQL_INSTALL\my.ini | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | MEDIA PROTECTION |
| 6.6 Ensure ALL Events are Audited | CIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L2 MySQL RDBMS | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 7.1 Ensure default_authentication_plugin is Set to a Secure Option | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3 Ensure 'sql_mode' Contains 'NO_AUTO_CREATE_USER' - %PROGRAMDATA%\MySQL\MySQL Server 5.7\my.cnf | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 7.3 Ensure Passwords Are Not Stored in the Global Configuration | CIS MySQL 5.6 Community Linux OS L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3 Ensure Passwords Are Not Stored in the Global Configuration - %PROGRAMDATA%\MySQL\MySQL Server 5.6\my.ini | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3 Ensure Passwords Are Not Stored in the Global Configuration - %PROGRAMDATA%\MySQL\MySQL Server 5.6\my.ini | CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3.1 Ensure that the vSwitch Forged Transmits policy is set to reject | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3.1 Disable unnecessary or superfluous functions inside VMs | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 8.4.2 Control VMsafe Agent Address | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.3 Control VMsafe Agent Port | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.6 Disable BIOS BBS | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.9 Disable Unity Active | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.11 Disable Unity Push Update | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.16 Disable Trash Folder State | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.18 Disable Unity | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.22 Disable Guest Host Interaction Launch Menu | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.5.1 Prevent virtual machines from taking over resources - Num CPU Shares | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| MYS8-00-009000 - The MySQL Database Server 8.0 must disable network functions, ports, protocols, and services deemed by the organization to be nonsecure, in accord with the Ports, Protocols, and Services Management (PPSM) guidance. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | CONFIGURATION MANAGEMENT |
