| 1 - Application specific logging - ${jetty.base}/start.ini --module=logging | TNS Best Practice Jetty 9 Linux | Unix | |
| 1 - Remove or Disable Example Content - ExampleDS | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| 1.174 WN16-DC-000300 | CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT I | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3 - Audit Logging - Handler | TNS Best Practice JBoss 7 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.7 Ensure 'log_truncate_on_rotation' is enabled | CIS PostgreSQL 9.5 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 4.4 Rebuild the images to include security patches | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 4.5 Ensure The Latest Version of The Password File Is Used | CIS Oracle Database 23ai v1.1.0 L1 RDBMS | OracleDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5 - Granular Log Levels | TNS Best Practice JBoss 7 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 7 - File system permissions of log files | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| 7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databases | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9 - Deployment Scanner | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| 12 - Remove and mask informational headers - JSP Configuration | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 17 - Setup a security domain | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| 18 - Role Based Authentication per queue | TNS Best Practice JBoss 7 Linux | Unix | ACCESS CONTROL |
| Adtran : Disable SSLv2 | TNS Adtran AOS Best Practice Audit | Adtran | CONFIGURATION MANAGEMENT |
| Adtran : Enable NTP | TNS Adtran AOS Best Practice Audit | Adtran | |
| Adtran : Enable service password-encryption | TNS Adtran AOS Best Practice Audit | Adtran | IDENTIFICATION AND AUTHENTICATION |
| Adtran : Encrypt enable password | TNS Adtran AOS Best Practice Audit | Adtran | IDENTIFICATION AND AUTHENTICATION |
| Adtran : Ensure DHCP is Disabled unless needed | TNS Adtran AOS Best Practice Audit | Adtran | CONFIGURATION MANAGEMENT |
| Adtran : Ensure the log level is set at an appropriate setting | TNS Adtran AOS Best Practice Audit | Adtran | AUDIT AND ACCOUNTABILITY |
| Adtran : Set 'login' Banner | TNS Adtran AOS Best Practice Audit | Adtran | ACCESS CONTROL |
| Adtran : SNMP 'PUBLIC' community string not used | TNS Adtran AOS Best Practice Audit | Adtran | IDENTIFICATION AND AUTHENTICATION |
| Adtran : Web Session Timeout <= 900 secs | TNS Adtran AOS Best Practice Audit | Adtran | ACCESS CONTROL |
| Buffer overflow protection should be configured 'LimitRequestBody' | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND INFORMATION INTEGRITY |
| CGI-BIN directory should be disabled. 'Addmodule mod_cgi.c' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| CGI-BIN directory should be disabled. 'ScriptAlias' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| HTTP TRACE method should be disabled. 'RewriteCond' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| HTTP TRACE method should be disabled. 'RewriteEngine' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| HTTP TRACE method should be disabled. 'RewriteRule' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| HTTP TRACE method should be disabled. 'RewriteRule' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| Huawei: Disable FTP IPV4 | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: Disable FTP IPV6 | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: Disable Telnet on IPV6 | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: Require service timestamp | TNS Huawei VRP Best Practice Audit | Huawei | AUDIT AND ACCOUNTABILITY |
| Huawei: SSH Max Retries <= 3 | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| Huawei: User Interfaces are Authenticated | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
| Huawei: User Interfaces Configured Inbound SSH | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Keep Alive setting parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Keep Alive Timeout setting value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Windows | ACCESS CONTROL |
| Logging Directives should be restricted to authorized users. - 'CustomLog logs/access_log combined' | TNS IBM HTTP Server Best Practice | Unix | AUDIT AND ACCOUNTABILITY |
| MaxClients parameter value should be configured to appropriate value. | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Non-Essential modules should be disabled. 'mod_dav' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| O19C-00-013900 - Oracle Database must enforce the DOD standards for password complexity. | DISA Oracle Database 19c STIG v1r3 OracleDB | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O121-C2-013900 - The DBMS must support organizational requirements to enforce minimum password length. | DISA STIG Oracle 12c v3r5 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O121-C2-014200 - The DBMS must support organizational requirements to enforce password complexity by the number of lowercase characters used. | DISA STIG Oracle 12c v3r5 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| Server version information parameters should be turned off - 'ServerSignature Off' | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Server version information parameters should be turned off - 'ServerTokens Prod' | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| StartServers parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Timeout value parameter value should be appropriately configured | TNS IBM HTTP Server Best Practice | Windows | ACCESS CONTROL |
| WN12-PK-000007-DC - PKI certificates associated with user accounts must be issued by the DoD PKI or an approved External Certificate Authority (ECA). | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
