| 1.8 Audit docker daemon | CIS Docker 1.6 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 2 - Specify file handler in jetty-logging.properties files - org.eclipse.jetty.websocket.LEVEL=DEBUG | TNS Best Practice Jetty 9 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler exists in web application | CIS Apache Tomcat 8 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler exists inin default | CIS Apache Tomcat 8 L1 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in web application | CIS Apache Tomcat 8 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler exists in default | CIS Apache Tomcat 8 L1 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in default | CIS Apache Tomcat 8 L1 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in default | CIS Apache Tomcat 8 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in web application | CIS Apache Tomcat 8 L1 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 20.31 Ensure 'Host-based firewall is installed and enabled' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 20.71 Ensure 'Windows PowerShell 2.0' is 'not installed' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.71 Ensure 'Windows PowerShell 2.0' is 'not installed' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| CISC-ND-001450 - The Cisco switch must be configured to send log data to at least two central log servers for the purpose of forwarding alerts to the administrators and the information system security officer (ISSO). | DISA Cisco NX OS Switch NDM STIG v3r3 | Cisco | AUDIT AND ACCOUNTABILITY |
| DTBI670 - Scripting of Java applets must be disallowed (Restricted Sites zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
| DTBI670-IE11 - Scripting of Java applets must be disallowed (Restricted Sites zone). | DISA STIG IE 11 v2r5 | Windows | CONFIGURATION MANAGEMENT |
| OL6-00-000004 - The system must use a separate file system for the system audit data path. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000005 - The audit system must alert designated staff members when the audit storage volume approaches capacity. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000025 - All device files must be monitored by the system Linux Security Module. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000033 - The /etc/shadow file must be owned by root. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000034 - The /etc/shadow file must be group-owned by root. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000035 - The /etc/shadow file must have mode 0000. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000036 - The /etc/gshadow file must be owned by root. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000046 - Library files must be owned by a system account - '/usr/local/lib64' | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000047 - All system command files must have mode 755 or less permissive - '/usr/bin' | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000048 - All system command files must be owned by root - '/sbin' | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000048 - All system command files must be owned by root - '/usr/sbin' | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000061 - The system must disable accounts after three consecutive unsuccessful logon attempts - password-auth | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000063 - The system must use a FIPS 140-2 approved cryptographic hashing algorithm for generating account password hashes (login.defs) - login.defs. | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000068 - The system boot loader must require authentication. | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000071 - The system must be configured so all network connections associated with a communication session are terminated at the end of the session or after 15 minutes of inactivity from the user at a command prompt, except to fulfill documented and validated mission requirements. | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000079 - The system must limit the ability of processes to have simultaneous write and execute access to memory. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000084 - The system must not accept ICMPv4 redirect packets on any interface. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000090 - The system must not accept ICMPv4 secure redirect packets by default. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000099 - The system must ignore ICMPv6 redirects by default. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000154 - The operating system must produce audit records containing sufficient information to establish what type of events occurred - PROCESS_CHECK | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000161 - The system must rotate audit log files that reach the maximum file size. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000171 - The audit system must be configured to audit all attempts to alter system time through clock_settime - b32 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000174 - The operating system must automatically audit account creation - '/etc/security/opasswd' | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000177 - The operating system must automatically audit account termination - '/etc/security/opasswd' | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000182 - The audit system must be configured to audit modifications to the systems network configuration - '/etc/issue.net' | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000183 - The audit system must be configured to audit modifications to the systems Mandatory Access Control (MAC) configuration (SELinux) - SELinux | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000184 - The audit system must be configured to audit all discretionary access control permission modifications using chmod, fchmod, and fchmodat - b64 auid=0 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000185 - The audit system must be configured to audit all discretionary access control permission modifications using chown, fchown, fchownat, and lchown - b32 auid=0 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000190 - The audit system must be configured to audit all discretionary access control permission modifications using setxattr, lsetxattr, fsetxattr, removexattr, lremovexattr, and fremovexattr - b32 auid=0 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000197 - The audit system must be configured to audit failed attempts to access files and programs - b64 EACCES auid>=500 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000199 - The audit system must be configured to audit successful file system mounts - b64 auid>=500 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLU-70-000006 - Lookup Service must generate log records for system startup and shutdown. | DISA STIG VMware vSphere 7.0 Lookup Service v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCUI-70-000006 - vSphere UI must generate log records for system startup and shutdown. | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-001230 - The WebSphere Application Server default keystore passwords must be changed. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
