| 1 - Application specific logging - ${jetty.base}/start.ini --module=logging | TNS Best Practice Jetty 9 Linux | Unix | |
| 1 - Remove or Disable Example Content - ExampleDS | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| 1.1 Ensure the appropriate MongoDB software version/patches are installed | CIS MongoDB 7 v1.1.0 L1 MongoDB | Unix | CONFIGURATION MANAGEMENT |
| 1.1 Ensure the appropriate MongoDB software version/patches are installed | CIS MongoDB 6 v1.2.0 L1 MongoDB | Unix | CONFIGURATION MANAGEMENT |
| 1.1 Ensure the appropriate MongoDB software version/patches are installed | CIS MongoDB 7 v1.1.0 L1 MongoDB | Windows | CONFIGURATION MANAGEMENT |
| 1.1 Ensure the appropriate MongoDB software version/patches are installed | CIS MongoDB 3.6 Database Audit L1 v1.1.0 | MongoDB | SYSTEM AND SERVICES ACQUISITION |
| 1.1 Ensure the appropriate MongoDB software version/patches are installed | CIS MongoDB 6 v1.2.0 L1 MongoDB | Windows | CONFIGURATION MANAGEMENT |
| 2 - Specify file handler in jetty-logging.properties files - org.eclipse.jetty.websocket.LEVEL=DEBUG | TNS Best Practice Jetty 9 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 2.1 Ensure Authentication is configured | CIS MongoDB 5 L1 OS Windows v1.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.1 Ensure Authentication is configured | CIS MongoDB 5 L1 OS Linux v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.1 Ensure Authentication is configured | CIS MongoDB 6 v1.2.0 L1 MongoDB | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.2 Ensure that authorization is enabled for Cassandra databases | CIS Apache Cassandra 3.11 L1 Unix Audit v1.0.0 | Unix | ACCESS CONTROL |
| 2.02 Version/Patches - 'Ensure the latest version of Oracle software and patches have been applied' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | |
| 3 - Audit Logging - Handler | TNS Best Practice JBoss 7 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed file deletion events' | CIS Apple macOS 10.13 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed login/logout events' | CIS Apple macOS 10.13 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure that MongoDB only listens for network connections on authorized interfaces | CIS MongoDB 3.4 L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 3.2 Ensure that MongoDB only listens for network connections on authorized interfaces | CIS MongoDB L1 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2 Ensure that MongoDB only listens for network connections on authorized interfaces | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 3.2 Ensure that MongoDB only listens for network connections on authorized interfaces | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 3.8 Ensure 'INACTIVE_ACCOUNT_TIME' Is Less than or Equal to '120' | CIS Oracle Database 23ai v1.0.0 L1 RDBMS | OracleDB | ACCESS CONTROL |
| 3.19 Only enable SNMP if absolutely necessary - Ensure file /etc/rc3.d/S76snmpdx does NOT exist. | CIS Solaris 9 v1.3 | Unix | CONFIGURATION MANAGEMENT |
| 4.1 Ensure Encryption of Data in Transit TLS/SSL (Transport Encryption) | CIS MongoDB 3.6 L1 Windows Audit v1.1.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1 Ensure TLS or SSL protects all network communications | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.6 (L1) Host must enable audit record logging | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | AUDIT AND ACCOUNTABILITY |
| 5 - Granular Log Levels | TNS Best Practice JBoss 7 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 5.7.1 Enable Security Posture | CIS Google Kubernetes Engine (GKE) Autopilot v1.1.0 L2 | GCP | CONFIGURATION MANAGEMENT |
| 7 - File system permissions of log files | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| 7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databases | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databases | CIS SQL Server 2017 Database L1 AWS RDS v1.3.0 | MS_SQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 9 - Deployment Scanner | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| 12 - Remove and mask informational headers - JSP Configuration | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 12.18 Location of development database - 'Separate server from production database' | CIS v1.1.0 Oracle 11g OS L1 | Unix | |
| 12.18 Location of development database - 'Separate server from production database' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | |
| 12.32 Distribution of tnsnames.ora files to clients - 'Include only tnsnames.ora when distributing to clients' | CIS v1.1.0 Oracle 11g OS L1 | Unix | |
| 12.32 Distribution of tnsnames.ora files to clients - 'Include only tnsnames.ora when distributing to clients' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | |
| 13 - Restrict access to temp directory - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 14 - Restrict access to binaries directory - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 15 - Restrict access to web application directory - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 17 - Restrict access to JETTY.properties - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 17 - Setup a security domain | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| 18 - Role Based Authentication per queue | TNS Best Practice JBoss 7 Linux | Unix | ACCESS CONTROL |
| 24 - Remove extraneous files and directories - $JETTY_BASE/webapps/balancer | TNS Best Practice Jetty 9 Linux | Unix | CONFIGURATION MANAGEMENT |
| 24 - Remove extraneous files and directories - $JETTY_BASE/webapps/webdav | TNS Best Practice Jetty 9 Linux | Unix | CONFIGURATION MANAGEMENT |
| 29 - Ensure secure is set to true only for SSL-enabled Connectors | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 31 - Starting with Security Manager | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD3X-00-000630 - MongoDB must provide a warning to appropriate support staff when allocated audit record storage volume reaches 75% of maximum audit record storage capacity. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | AUDIT AND ACCOUNTABILITY |
| MD4X-00-005000 - MongoDB must provide a warning to appropriate support staff when allocated audit record storage volume reaches 75 percent of maximum audit record storage capacity. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-030201 - The Oracle Linux operating system must be configured to off-load audit logs onto a different system or storage media from the system being audited. | DISA Oracle Linux 7 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-07-030201 - The Red Hat Enterprise Linux operating system must be configured to off-load audit logs onto a different system or storage media from the system being audited. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY |
