| 1.174 WN16-DC-000300 | CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT I | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3 - Configure log file size limit - Settings | TNS Best Practice Jetty 9 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.5 Ensure the filename pattern for log files is set correctly | CIS PostgreSQL 14 DB v 1.3.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 7 - SSL implementation - start.ini --module=https | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7 - SSL implementation - start.jar --module=https | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 20 - Restrict access to server.xml - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 24 - Remove extraneous files and directories - $JETTY_BASE/webapps/servlet-example | TNS Best Practice Jetty 9 Linux | Unix | CONFIGURATION MANAGEMENT |
| 32 - Disabling auto deployment of applications | TNS Best Practice Jetty 9 Linux | Unix | CONFIGURATION MANAGEMENT |
| 42 - Do not allow cross context requests | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 43 - Do not resolve hosts on logging valves - CONTEXT_XML | TNS Best Practice Jetty 9 Linux | Unix | CONFIGURATION MANAGEMENT |
| Buffer overflow protection should be configured 'LimitRequestBody' | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| CGI-BIN directory should be disabled. 'AddModule mod_env.c' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| CGI-BIN directory should be disabled. 'AddModule mod_env.c' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| CGI-BIN directory should be disabled. 'ScriptAlias' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| Directory access permissions should be restricted. | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| EPAS-00-001100 - The EDB Postgres Advanced Server must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| HTTP TRACE method should be disabled. 'TraceEnable' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| Huawei: Command Levels Not Changed | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: Device clock = UTC | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: Disable FTP IPV4 | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: Disable Telnet on IPV4 | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: Enable AAA authorization | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
| Huawei: Enable SSH | TNS Huawei VRP Best Practice Audit | Huawei | SYSTEM AND COMMUNICATIONS PROTECTION |
| Huawei: External Syslog server is configured | TNS Huawei VRP Best Practice Audit | Huawei | AUDIT AND ACCOUNTABILITY |
| Huawei: NTP is enabled | TNS Huawei VRP Best Practice Audit | Huawei | AUDIT AND ACCOUNTABILITY |
| Huawei: Set appropriate 'login' header | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| Huawei: Set System Name | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Huawei: Simple Password Authentication is not used. | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
| Huawei: SNMP Community string != public | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
| Huawei: SSH Max Retries <= 3 | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| Keep Alive Timeout setting value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Windows | ACCESS CONTROL |
| Logging Directives should be restricted to authorized users. - 'LogFormat' | TNS IBM HTTP Server Best Practice | Unix | AUDIT AND ACCOUNTABILITY |
| Logs containing auditing information should be secured at the directory level. | TNS IBM HTTP Server Best Practice | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| MaxClients parameter value should be configured to appropriate value. | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MaxSpareServers parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| PPS9-00-002700 - The audit information produced by the EDB Postgres Advanced Server must be protected from unauthorized modification. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-002800 - The audit information produced by the EDB Postgres Advanced Server must be protected from unauthorized deletion. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| PPS9-00-003000 - The EDB Postgres Advanced Server must protect its audit configuration from unauthorized modification. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| Server version information parameters should be turned off - 'ServerTokens Prod' | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| User IDs which disclose the privileges associated with it, should not be created. | TNS IBM HTTP Server Best Practice | Windows | ACCESS CONTROL |
| WatchGuard : Authentication Settings - 'Management User Idle Timeout' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | ACCESS CONTROL |
| WatchGuard : DoS Prevention - Block Port Space Probes | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : DoS Prevention - Drop ICMP Flood Attack | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : DoS Prevention - Drop IPSEC Flood Attack | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |
| WatchGuard : IPS Logging Threat Level Medium - Enabled | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | AUDIT AND ACCOUNTABILITY |
| WatchGuard : LDAP Server Name | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | IDENTIFICATION AND AUTHENTICATION |
| WatchGuard : Logging - Review Remote Logging Server Address | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | AUDIT AND ACCOUNTABILITY |
| WatchGuard : Single Sign-On - 'Enabled' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | IDENTIFICATION AND AUTHENTICATION |
| WatchGuard : SNMP Configuration - community string - 'private' | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | IDENTIFICATION AND AUTHENTICATION |
| WN22-DC-000290 - Windows Server 2022 domain controller PKI certificates must be issued by the DOD PKI or an approved External Certificate Authority (ECA). | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | IDENTIFICATION AND AUTHENTICATION |
