| 1.3 Ensure Installation of Community Packages | CIS PostgreSQL 11 OS v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 4 - Restrict access to $JETTY_HOME - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 4 - Send logs to a remote server | TNS Best Practice JBoss 7 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 5 - Authentication | TNS Best Practice Jetty 9 Linux | Unix | |
| 7 - SSL implementation - start.jar --module=https | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 10 - Access Control - Security Realms | TNS Best Practice Jetty 9 Linux | Unix | |
| 18 - Restrict access to context.xml - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 18 - Restrict access to context.xml - owner | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 19 - Cluster Authentication | TNS Best Practice JBoss 7 Linux | Unix | ACCESS CONTROL |
| 21 - Restrict access to users.xml - mode | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| 22 - Use secure Realms | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 24 - Remove extraneous files and directories - $JETTY_BASE/webapps/js-examples | TNS Best Practice Jetty 9 Linux | Unix | CONFIGURATION MANAGEMENT |
| 26 - Setup Client-cert Authentication | TNS Best Practice Jetty 9 Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| 30 - Ensure sslProtocol is set to TLS for Secure Connector | TNS Best Practice Jetty 9 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 43 - Do not resolve hosts on logging valves - CONTEXT_XML | TNS Best Practice Jetty 9 Linux | Unix | CONFIGURATION MANAGEMENT |
| 45 - Restrict runtime access to sensitive packages | TNS Best Practice Jetty 9 Linux | Unix | ACCESS CONTROL |
| Adtran : Disable TFTP | TNS Adtran AOS Best Practice Audit | Adtran | CONFIGURATION MANAGEMENT |
| Adtran : Enable firewall syn-flood detection | TNS Adtran AOS Best Practice Audit | Adtran | SYSTEM AND COMMUNICATIONS PROTECTION |
| Adtran : Forward logs to syslog server | TNS Adtran AOS Best Practice Audit | Adtran | AUDIT AND ACCOUNTABILITY |
| Adtran : List enabled interfaces | TNS Adtran AOS Best Practice Audit | Adtran | CONFIGURATION MANAGEMENT |
| Adtran : Set 'exec' Banner | TNS Adtran AOS Best Practice Audit | Adtran | ACCESS CONTROL |
| Adtran : SNMPv3 is used | TNS Adtran AOS Best Practice Audit | Adtran | CONFIGURATION MANAGEMENT |
| Buffer overflow protection should be configured 'LimitRequestBody' | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| CD12-00-007800 - PostgreSQL must produce audit records containing sufficient information to establish the identity of any user/subject or process associated with the event. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| CD12-00-009100 - Access to external executables must be disabled or restricted. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | CONFIGURATION MANAGEMENT |
| CGI-BIN directory should be disabled. 'AddModule mod_env.c' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| CGI-BIN directory should be disabled. 'LoadModule cgi_module' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| CGI-BIN directory should be disabled. 'LoadModule env_module' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| CGI-BIN directory should be disabled. 'ScriptAlias' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| Configuration files should be secured against unauthorized access. | TNS IBM HTTP Server Best Practice | Windows | |
| Configuration files should be secured against unauthorized access. | TNS IBM HTTP Server Best Practice | Unix | |
| File permissions in the root document should only be accessible by administrator | TNS IBM HTTP Server Best Practice | Unix | |
| HTTP TRACE method should be disabled. 'RewriteLogLevel' | TNS IBM HTTP Server Best Practice | Windows | AUDIT AND ACCOUNTABILITY |
| HTTP TRACE method should be disabled. 'TraceEnable' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| Huawei: User Interfaces are Authenticated | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
| Huawei: User Interfaces Configured Inbound SSH | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| Latest Patches/Fixes should be installed | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Latest Patches/Fixes should be installed | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Limit HTTP methods allowed by the Web Server. | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| Logging Directives should be restricted to authorized users. - 'CustomLog logs/access_log combined' | TNS IBM HTTP Server Best Practice | Windows | AUDIT AND ACCOUNTABILITY |
| Logging Directives should be restricted to authorized users. - 'ErrorLog logs/error_log' | TNS IBM HTTP Server Best Practice | Windows | AUDIT AND ACCOUNTABILITY |
| Logging Directives should be restricted to authorized users. - 'LogFormat' | TNS IBM HTTP Server Best Practice | Unix | AUDIT AND ACCOUNTABILITY |
| Logs containing auditing information should be secured at the directory level. | TNS IBM HTTP Server Best Practice | Unix | AUDIT AND ACCOUNTABILITY |
| MaxSpareServers parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| MinSpareServers parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Non-Essential modules should be disabled. 'mod_info' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| Non-Essential modules should be disabled. 'mod_info' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| PGS9-00-007800 - PostgreSQL must produce audit records containing sufficient information to establish the identity of any user/subject or process associated with the event. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| Server version information parameters should be turned off - 'ServerSignature Off' | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| StartServers parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
