| 1 - Application specific logging | TNS Best Practice Jetty 9 Linux | Unix | |
| 1 - Application specific logging - start.jar --module=logging | TNS Best Practice Jetty 9 Linux | Unix | |
| 1.1 Ensure the appropriate MongoDB software version/patches are installed | CIS MongoDB Database Audit L1 v1.0.0 | MongoDB | CONFIGURATION MANAGEMENT |
| 2 - Remove or Disable Example Content - enable-welcome-root | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| 2 - Specify file handler in jetty-logging.properties files - org.eclipse.jetty.LEVEL=INFO | TNS Best Practice Jetty 9 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 2 - Specify file handler in jetty-logging.properties files - org.eclipse.jetty.util.log.class=org.eclipse.jetty.util.log.StrErrLog | TNS Best Practice Jetty 9 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 2 - Specify file handler in jetty-logging.properties files - org.eclipse.jetty.websocket.LEVEL=DEBUG | TNS Best Practice Jetty 9 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 2.1 Ensure Authentication is configured | CIS MongoDB 7 v1.2.0 L1 Unix | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.1 Ensure Authentication is configured | CIS MongoDB 7 v1.2.0 L1 Windows | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3 - Audit Logging - Handler | TNS Best Practice JBoss 7 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 3 - Configure log file size limit - Settings | TNS Best Practice Jetty 9 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed file deletion events' | CIS Apple macOS 10.13 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.8 Ensure 'INACTIVE_ACCOUNT_TIME' Is Less than or Equal to '120' | CIS Oracle Database 23ai v1.1.0 L1 RDBMS | OracleDB | ACCESS CONTROL |
| 4 - Restrict access to $JETTY_HOME - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 4 - Send logs to a remote server | TNS Best Practice JBoss 7 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 5 - Granular Log Levels | TNS Best Practice JBoss 7 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 6 - Encryption | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6 - Run your Instance as non privileged user | TNS Best Practice JBoss 7 Linux | Unix | ACCESS CONTROL |
| 7 - File system permissions of log files | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| 7 - SSL implementation - start.ini --module=https | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7 - SSL implementation - start.jar --module=https | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.23 (L1) Virtual machines must restrict sharing of memory pages with other VMs | CIS VMware ESXi 8.0 v1.3.0 L1 VMware | VMware | CONFIGURATION MANAGEMENT |
| 8 - Secure Datasources | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| 9 - Deployment Scanner | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| 11 - Access Control - JAAS | TNS Best Practice Jetty 9 Linux | Unix | |
| 12 - Restrict access to logs directory - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 13 - Restrict access to temp directory - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 14 - Restrict access to binaries directory - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 14 - Restrict access to binaries directory - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 15 - Authentication | TNS Best Practice JBoss 7 Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| 15 - Restrict access to web application directory - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 15 - Restrict access to web application directory - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 16 - Restrict access to JETTY.policy - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 16 - Restrict access to JETTY.policy - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 17 - Setup a security domain | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| 18 - Restrict access to context.xml - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 19 - Restrict access to logging.properties - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 20 - Enable Encryption | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 20 - Restrict access to server.xml - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 20 - Restrict access to server.xml - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 21 - Restrict access to users.xml - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 24 - Remove extraneous files and directories - $JETTY_BASE/webapps/balancer | TNS Best Practice Jetty 9 Linux | Unix | CONFIGURATION MANAGEMENT |
| 24 - Remove extraneous files and directories - $JETTY_BASE/webapps/servlet-example | TNS Best Practice Jetty 9 Linux | Unix | CONFIGURATION MANAGEMENT |
| 25 - Disable Unused Connectors | TNS Best Practice Jetty 9 Linux | Unix | |
| 26 - Setup Client-cert Authentication | TNS Best Practice Jetty 9 Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| 31 - Starting with Security Manager | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 32 - Disabling auto deployment of applications | TNS Best Practice Jetty 9 Linux | Unix | CONFIGURATION MANAGEMENT |
| 33 - Disable deploy on startup of applications | TNS Best Practice Jetty 9 Linux | Unix | CONFIGURATION MANAGEMENT |
| 42 - Do not allow cross context requests | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 43 - Do not resolve hosts on logging valves - CONTEXT_XML | TNS Best Practice Jetty 9 Linux | Unix | CONFIGURATION MANAGEMENT |
