| 1.1.1.3 Ensure hfsplus kernel module is not available | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.2.1.2 Ensure nodev option set on /tmp partition | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.2.2.3 Ensure nosuid option set on /dev/shm partition | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.2.7.1 Ensure separate partition exists for /var/log/audit | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 1.2.1 (L2) Ensure 'AllowedExtensions' is configured | CIS Visual Studio Code GPO v1.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 1.4.1.1 Ensure SELinux is installed | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.5.8 Ensure kernel.randomize_va_space is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1 Ensure message of the day is configured properly | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.8 Ensure message access server services are not in use | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.11 Ensure print server services are not in use | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.16 Ensure tftp server services are not in use | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.17 Ensure web proxy server services are not in use | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.22 Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Microsoft Windows Server 2022 Stand-alone v2.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.23 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.28 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | AUDIT AND ACCOUNTABILITY |
| 2.2.29 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | AUDIT AND ACCOUNTABILITY |
| 2.2.30 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.30 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.30 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.30 Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE, RESTRICTED SERVICES\PrintSpoolerService' | CIS Microsoft Windows Server 2025 v2.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.31 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Microsoft Windows Server 2016 v4.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.31 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' | CIS Microsoft Windows Server 2019 v4.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.3.3 Ensure nis client is not installed | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.3.5 Ensure tftp client is not installed | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.1.1 Ensure IPv6 status is identified | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.3.1.1 Ensure net.ipv4.ip_forward is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.3.2.3 Ensure net.ipv6.conf.all.accept_redirects is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.3.2.4 Ensure net.ipv6.conf.default.accept_redirects is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 5.2.4 Ensure sshd access is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.5 Ensure sshd Banner is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 5.2.16 Ensure sshd MaxAuthTries is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3.3 Ensure sudo log file exists | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.4.2.2.5 Ensure password same consecutive characters is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.2.3.3 Ensure password history is enforced for the root user | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.5.1.3 Ensure password expiration warning days is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.5.3.3 Ensure default user umask is configured | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 7.12 Ensure TLS Cipher Suite ordering is Configured | CIS IIS 10 v1.2.1 Level 2 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.4.15 (L2) Ensure Unity is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.20 (L2) Ensure memSchedFakeSampleStats is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 18.9.25.1 (L1) Ensure 'EMET 5.52' or higher is installed | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.25.1 (L1) Ensure 'EMET 5.52' or higher is installed | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| ALMA-09-054030 - AlmaLinux OS 9 audit system must take appropriate action when an error writing to the audit storage volume occurs. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-054250 - AlmaLinux OS 9 must take appropriate action when a critical audit processing failure occurs. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| CISC-ND-000090 - The Cisco switch must be configured to automatically audit account creation. | DISA Cisco NX OS Switch NDM STIG v3r6 | Cisco | ACCESS CONTROL |
| CISC-ND-000110 - The Cisco switch must be configured to automatically audit account disabling actions. | DISA Cisco NX OS Switch NDM STIG v3r6 | Cisco | ACCESS CONTROL |
| Configuration files should be secured against unauthorized access. | TNS IBM HTTP Server Best Practice Middleware | Unix | |
| Configuration files should be secured against unauthorized access. | TNS IBM HTTP Server Best Practice | Windows | |
| Logs containing auditing information should be secured at the directory level. | TNS IBM HTTP Server Best Practice | Unix | AUDIT AND ACCOUNTABILITY |
| Logs containing auditing information should be secured at the directory level. | TNS IBM HTTP Server Best Practice Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| OH12-1X-000232 - A public OHS server must use TLS if authentication is required to host web sites - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
