| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 7 v1.2.0 L1 Unix | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 8 v1.0.0 L1 Unix | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 8 v1.0.0 L1 Windows | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3 Ensure authentication is enabled in the sharded cluster - authenticationMechanisms | CIS MongoDB 4 L1 OS Linux v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster - authenticationMechanisms | CIS MongoDB 4 L1 OS Windows v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster - CAFile | CIS MongoDB 4 L1 OS Linux v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster - clusterAuthMode | CIS MongoDB 4 L1 OS Windows v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster - clusterFile | CIS MongoDB 4 L1 OS Windows v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster - PEMKeyFile | CIS MongoDB 4 L1 OS Linux v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster - PEMKeyFile | CIS MongoDB 4 L1 OS Windows v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.4 Ensure an industry standard authentication mechanism is used - authorization | CIS MongoDB 3.4 L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - authorization | CIS MongoDB L2 Unix Audit v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - clusterAuthMode | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - clusterAuthMode | CIS MongoDB 3.2 L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - mode | CIS MongoDB 3.4 L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - mode | CIS MongoDB 3.2 L2 Unix Audit v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4 Ensure an industry standard authentication mechanism is used - mode | CIS MongoDB 3.4 L2 Unix Audit v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.4 Ensure SQL Authentication is not used in contained databases | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 3.4 Ensure SQL Authentication is not used in contained databases | CIS SQL Server 2012 Database L1 AWS RDS v1.6.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 4.1.4.1 Ensure Audit logs are owned by root and mode 0600 or less permissive | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 7 v1.2.0 L1 Windows | Windows | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 6 v1.2.0 L1 MongoDB | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 6 v1.2.0 L1 MongoDB | Windows | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 7 v1.2.0 L1 Unix | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 8 v1.0.0 L1 Unix | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 3.6 L1 Unix Audit v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 4 L1 OS Linux v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.5.2 (L1) Host SSH daemon, if enabled, must use FIPS 140-2/140-3 validated cryptographic modules | CIS VMware ESXi 8.0 v1.3.0 L1 Unix | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure mod_ssl and/or mod_nss Is Installed | CIS Apache HTTP Server 2.4 v2.3.0 L1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Adtran : Device Info | TNS Adtran AOS Best Practice Audit | Adtran | CONFIGURATION MANAGEMENT |
| Adtran : Device Version | TNS Adtran AOS Best Practice Audit | Adtran | CONFIGURATION MANAGEMENT |
| AS24-W1-000020 - The Apache web server must perform server-side session management - session_module | DISA STIG Apache Server 2.4 Windows Server v3r3 | Windows | ACCESS CONTROL |
| DISA_STIG_Apache_Server-2.4_Windows_v2r3.audit from DISA Apache Server 2.4 Windows Server v2r3 STIG | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | |
| DISA_STIG_Apache_Site-2.4_Windows_v2r2.audit from DISA Apache Server 2.4 Windows Site v2r2 STIG | DISA Apache Server 2.4 Windows Site STIG v2r2 | Windows | |
| DKER-EE-001840 - Experimental features in the Docker Engine - Enterprise component of Docker Enterprise must be disabled. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| EX13-EG-000260 - The Exchange Simple Mail Transfer Protocol (SMTP) Sender filter must be enabled. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX16-ED-000520 - The Exchange Simple Mail Transfer Protocol (SMTP) Sender filter must be enabled. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX19-ED-000139 - The Exchange Simple Mail Transfer Protocol (SMTP) Sender filter must be enabled. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Extreme : Device Info | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | CONFIGURATION MANAGEMENT |
| Extreme : License Info | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | CONFIGURATION MANAGEMENT |
| Extreme : switch Info | TNS Extreme ExtremeXOS Best Practice Audit | Extreme_ExtremeXOS | CONFIGURATION MANAGEMENT |
| Huawei: HTTPS Server is configured | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: HTTPS Server is not configured | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: Review Device Info/Version | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| MD4X-00-000200 - The audit information produced by MongoDB must be protected from unauthorized access. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | AUDIT AND ACCOUNTABILITY |
| MD4X-00-001550 - MongoDB must limit the total number of concurrent connections to the database. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | ACCESS CONTROL |
| MD4X-00-004800 - MongoDB must utilize centralized management of the content captured in audit records generated by all components of MongoDB. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | AUDIT AND ACCOUNTABILITY |
| vCenter: vcenter-8.administration-sso-password-lifetime | VMware vSphere Security Configuration and Hardening Guide | VMware | IDENTIFICATION AND AUTHENTICATION |
| vCenter: vcenter-8.vami-administration-password-expiration | VMware vSphere Security Configuration and Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| WatchGuard : Review ABS Policy Listing | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | ACCESS CONTROL |
