| 1.5 Ensure that VDS Netflow traffic is only being sent to authorized collector IP Addresses | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 1.6 Restrict port-level configuration overrides on vDS | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 2.2 Dedicate the Machine Running MySQL | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.1 Ensure Binary and Relay Logs are Encrypted | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L2 Database | MySQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4 Do not use default self-signed certificates for ESXi communication | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 2.5 Enable SSL for Network File copy (NFC) | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.9 Require Current Password for Password Reset | CIS Oracle MySQL Community Server 8.4 v1.0.0 L2 Database | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.9 Require Current Password for Password Reset | CIS MySQL 8.0 Community Database L2 v1.1.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.9 Require Current Password for Password Reset | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L2 Database | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 3.4 Configure remote logging for ESXi hosts | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_ACCEPT : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_ACCEPT : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_ACCEPT : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_CONNECT : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_CONNECT : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_CONNECT : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_inetd_connect : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_inetd_connect : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_SOCKACCEPT : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_SOCKACCEPT : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_SOCKACCEPT : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_SOCKCONNECT : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_SOCKCONNECT : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Use Active Directory for local user authentication - Review Domain | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | IDENTIFICATION AND AUTHENTICATION |
| 4.8 Ensure the 'secure_file_priv' is Configured Correctly | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L1 Database | MySQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1 Disable DCUI to prevent local administrative control | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 5.1 Ensure redundant NTP servers are configured appropriately | CIS F5 Networks v1.0.0 L1 | F5 | AUDIT AND ACCOUNTABILITY |
| 5.1 Set Sticky Bit on World Writable Directories | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL |
| 5.1 Specify a Secure Connection Authentication Type (SRVCON_AUTH) | CIS IBM DB2 11 v1.1.0 Windows OS Level 1 | Windows | ACCESS CONTROL |
| 5.3 Disable SSH | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 6.7 Ensure That Cloud SQL Database Instances Are Configured With Automated Backups | CIS Google Cloud Platform v3.0.0 L1 | GCP | CONTINGENCY PLANNING |
| 7.1 Ensure default_authentication_plugin is Set to a Secure Option | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1.1 Disable VDS network healthcheck if not used | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 7.1.3 Ensure that the Promiscuous Mode policy is set to reject | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1.5 Ensure that VDS Port Mirror traffic is only being sent to authorized collector ports or VLANs | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | |
| 8.2.5 Disconnect unauthorized devices - USB Devices | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | MEDIA PROTECTION |
| 8.2.6 Prevent unauthorized removal, connection, and modification of devices | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | ACCESS CONTROL |
| 8.4.1 Control access to VMs through the dvfilter network APIs | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | ACCESS CONTROL |
| 8.4.7 Disable Guest Host Interaction Protocol Handler | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.10 Disable Unity Window Contents | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.25 Disable VM Console Copy operations | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.27 Disable VM Console and Paste GUI Options | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 8.6.1 Avoid using nonpersistent disks | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | AUDIT AND ACCOUNTABILITY |
| 8.7.2 Disable VIX messages from the VM | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | CONFIGURATION MANAGEMENT |
| 8.7.3 Do not send host information to guests | CIS VMware ESXi 5.1 v1.0.1 Level 1 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 10.1 Ensure All Group Replication Traffic is Secured | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L1 Database | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS VMware ESXi 5.5 v1.2.0 Level 2 | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | |
| ESXi : config-snmp - 'snmp.receiver.X.enabled' | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| MYS8-00-000100 - MySQL Database Server 8.0 must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | ACCESS CONTROL |
| MYS8-00-005200 - If passwords are used for authentication, the MySQL Database Server 8.0 must transmit only encrypted representations of passwords. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
