| 1.134 WN19-CC-000410 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.157 WN19-DC-000110 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT I | Windows | ACCESS CONTROL |
| 2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0' | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| 2.2 Ensure 'CLR Enabled' Server Configuration Option is set to '0' | CIS SQL Server 2016 Database L1 DB v1.4.0 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| 2.14 Ensure 'sa' Login Account is set to 'Disabled' | CIS SQL Server 2008 R2 DB Engine L1 v1.7.0 | MS_SQLDB | ACCESS CONTROL |
| 4.3.37 Restrict Access to SYSIBM.SYSSTMT | CIS IBM DB2 11 v1.2.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.3 Ensure 'Login Auditing' is set to 'failed logins' | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure 'Login Auditing' is set to 'failed logins' | CIS SQL Server 2016 Database L1 DB v1.4.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure 'Login Auditing' is set to 'failed logins' | CIS Microsoft SQL Server 2019 v1.5.2 L1 AWS RDS | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure 'Login Auditing' is set to 'failed logins' | CIS SQL Server 2014 Database L1 DB v1.5.0 | MS_SQLDB | ACCESS CONTROL |
| 5.3 Ensure 'Login Auditing' is set to 'failed logins' | CIS Microsoft SQL Server 2022 v1.2.1 L1 AWS RDS | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure 'Login Auditing' is set to 'failed logins' | CIS Microsoft SQL Server 2022 v1.2.1 L1 Database Engine | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.3.1 Ensure 'DELETE_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 6.1.6 Ensure the 'PUBLIC DATABASE LINK' Audit Option Is Enabled | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.26 Restrict Access to SYSCAT.STATEMENTS | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB | IBM_DB2DB | ACCESS CONTROL |
| 18.9.33.1 Ensure 'Allow Clipboard synchronization across devices' is set to 'Disabled' | CIS Microsoft Windows Server 2022 v5.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.33.1 Ensure 'Allow Clipboard synchronization across devices' is set to 'Disabled' | CIS Microsoft Windows Server 2025 v2.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.33.1 Ensure 'Allow Clipboard synchronization across devices' is set to 'Disabled' | CIS Microsoft Windows Server 2022 Stand-alone v2.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| CD12-00-000900 - PostgreSQL must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | ACCESS CONTROL |
| CIS_Azure_Compute_Microsoft_Windows_Server_2019_v1.0.0_NG_DC.audit from CIS Azure Compute Microsoft Windows Server 2019 Benchmark v1.0.0 | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 NG DC | Windows | |
| CIS_Azure_Compute_Microsoft_Windows_Server_2019_v1.0.0_NG_MS.audit from CIS Azure Compute Microsoft Windows Server 2019 Benchmark v1.0.0 | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 NG MS | Windows | |
| CIS_Microsoft_Windows_Server_2019_Stand-alone_v3.0.0_L1_MS.audit from CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | |
| DO6749-ORACLE11 - The Oracle SEC_MAX_FAILED_LOGIN_ATTEMPTS parameter should be set to an ISSO-approved value between 1 and 3 - 'sec_max_failed_login_attempts < 3' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | |
| EP11-00-005600 - In the event of a system failure, the DBMS must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| O121-C2-007900 - The DBMS must produce audit records containing sufficient information to establish the identity of any user/subject or process associated with the event. | DISA Oracle Database 12c STIG v3r5 OracleDB | OracleDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-001200 - PostgreSQL must limit the number of concurrent sessions to an organization-defined number per user for all accounts and/or account types. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | ACCESS CONTROL |
| SQL2-00-006400 - SQL Server must not grant users direct access to the Authenticate server permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL4-00-033600 - SQL Server must produce time stamps that can be mapped to Coordinated Universal Time (UTC, formerly GMT). | DISA STIG SQL Server 2014 Instance OS Audit v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur - Event ID 82 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur - Event ID 84 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur - Event ID 85 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur - Event ID 87 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur - Event ID 88 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur - Event ID 89 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur - Event ID 90 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur - Event ID 91 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur - Event ID 162 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur - SCHEMA_OBJECT_ACCESS... | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036850 - Trace or Audit records must be generated when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur - Event ID 84 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036850 - Trace or Audit records must be generated when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur - Event ID 85 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036850 - Trace or Audit records must be generated when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur - Event ID 86 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036850 - Trace or Audit records must be generated when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur - Event ID 88 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036850 - Trace or Audit records must be generated when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur - Event ID 89 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036850 - Trace or Audit records must be generated when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur - Event ID 90 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036850 - Trace or Audit records must be generated when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQLI-22-003800 - SQL Server must be configured to use the most-secure authentication method available. | DISA Microsoft SQL Server 2022 Instance STIG v1r3 MS_SQLDB | MS_SQLDB | ACCESS CONTROL |
| SQLI-22-010000 - Access to database files must be limited to relevant processes and to authorized, administrative users. | DISA Microsoft SQL Server 2022 Instance STIG v1r3 MS_SQLDB | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQLI-22-010900 - SQL Server must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements. | DISA Microsoft SQL Server 2022 Instance STIG v1r3 MS_SQLDB | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQLI-22-011000 - SQL Server must provide a warning to appropriate support staff when allocated audit record storage volume reaches 75 percent of maximum audit record storage capacity. | DISA Microsoft SQL Server 2022 Instance STIG v1r3 MS_SQLDB | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
