| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 3.6 L1 Windows Audit v1.1.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3 Ensure authentication is enabled in the sharded cluster | CIS MongoDB 6 v1.2.0 L2 MongoDB | Windows | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster | CIS MongoDB 7 v1.2.0 L2 Unix | Unix | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster - CAFile | CIS MongoDB 4 L1 OS Windows v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster - CAFile | CIS MongoDB 5 L2 OS Linux v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster - clusterAuthMode | CIS MongoDB 4 L1 OS Linux v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster - clusterFile | CIS MongoDB 4 L1 OS Linux v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4 Ensure an industry standard authentication mechanism is used - authenticationMechanisms | CIS MongoDB 3.4 L2 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.4 Ensure an industry standard authentication mechanism is used - authenticationMechanisms | CIS MongoDB 3.2 L2 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4 Ensure an industry standard authentication mechanism is used - authenticationMechanisms | CIS MongoDB 3.2 L2 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.4 Ensure an industry standard authentication mechanism is used - authorization | CIS MongoDB 3.2 L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - clusterAuthMode | CIS MongoDB 3.4 L2 Unix Audit v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - clusterAuthMode | CIS MongoDB 3.4 L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - clusterAuthMode | CIS MongoDB L2 Unix Audit v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - clusterAuthMode | CIS MongoDB 3.2 L2 Unix Audit v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - mode | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - mode | CIS MongoDB 3.2 L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - mode | CIS MongoDB L2 Unix Audit v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3 Ensure Auto-Scaling Launch Configuration for Web-Tier is configured to use an approved Amazon Machine Image | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | CONFIGURATION MANAGEMENT |
| 3.4 Ensure Auto-Scaling Launch Configuration for App-Tier is configured to use an approved Amazon Machine Image | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | CONFIGURATION MANAGEMENT |
| 3.9 Ensure Windows BUILTIN groups are not SQL Logins | CIS Microsoft SQL Server 2022 v1.2.1 L1 AWS RDS | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.9 Ensure Windows BUILTIN groups are not SQL Logins | CIS Microsoft SQL Server 2019 v1.5.2 L1 Database Engine | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.9 Ensure Windows BUILTIN groups are not SQL Logins | CIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.9 Ensure Windows BUILTIN groups are not SQL Logins | CIS Microsoft SQL Server 2025 v1.0.0 L1 Database Engine MS_SQLDB | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.9 Ensure Windows BUILTIN groups are not SQL Logins | CIS Microsoft SQL Server 2025 v1.0.0 L1 AWS RDS MS_SQLDB | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.9 Ensure Windows BUILTIN groups are not SQL Logins | CIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDS | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3 Ensure Encryption of Data in Transit TLS or SSL (Transport Encryption) | CIS MongoDB 8 v1.0.0 L1 Windows | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Ensure Encryption of Data in Transit TLS or SSL (Transport Encryption) | CIS MongoDB 6 v1.2.0 L1 MongoDB | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Ensure Encryption of Data in Transit TLS or SSL (Transport Encryption) | CIS MongoDB 7 v1.2.0 L1 Windows | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Ensure Encryption of Data in Transit TLS or SSL (Transport Encryption) | CIS MongoDB 5 L1 OS Windows v1.2.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1 Ensure that system activity is audited | CIS MongoDB 5 L1 OS Linux v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 3.4 L1 Unix Audit v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 3.2 L1 Unix Audit v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 3.6 L1 Windows Audit v1.1.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 4 L1 OS Windows v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 8 v1.0.0 L1 Windows | Windows | AUDIT AND ACCOUNTABILITY |
| 12.03 Unix root group members on host - 'Disallow 'oracle' as a member of root group' | CIS v1.1.0 Oracle 11g OS L1 | Unix | ACCESS CONTROL |
| 81.11 (L1) Ensure 'LxssManager (LxssManager)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| AS24-W1-000020 - The Apache web server must perform server-side session management - session_module | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | ACCESS CONTROL |
| AS24-W1-000020 - The Apache web server must perform server-side session management - usertrack_module | DISA STIG Apache Server 2.4 Windows Server v3r3 | Windows | ACCESS CONTROL |
| AS24-W1-000020 - The Apache web server must perform server-side session management - usertrack_module | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | ACCESS CONTROL |
| DG0007-ORACLE11 - The database should be secured in accordance with DoD, vendor and/or commercially accepted practices where applicable. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| DG0007-ORACLE11 - The database should be secured in accordance with DoD, vendor and/or commercially accepted practices where applicable. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DKER-EE-001880 - The Docker Enterprise self-signed certificates in Docker Trusted Registry (DTR) must be replaced with DoD trusted, signed certificates. | DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-001890 - The option in Universal Control Plane (UCP) allowing users and administrators to schedule containers on all nodes, including UCP managers and Docker Trusted Registry (DTR) nodes must be disabled in Docker Enterprise. | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2 | Unix | CONFIGURATION MANAGEMENT |
| MD3X-00-000620 - MongoDB must allocate audit record storage capacity in accordance with site audit record storage requirements. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | AUDIT AND ACCOUNTABILITY |
| MD4X-00-002200 - Database software, including DBMS configuration files, must be stored in dedicated directories, or DASD pools, separate from the host OS and other applications. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | CONFIGURATION MANAGEMENT |
| MD7X-00-002800 Database software, including DBMS configuration files, must be stored in dedicated directories, or DASD pools, separate from the host OS and other applications. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
