| 2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG DC & MS only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG DC & MS only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.3.7.10 Ensure 'Interactive logon: Smart card removal behavior' is set to 'Lock Workstation' or 'Force Logoff' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 17.7.2 Ensure 'Audit Audit Policy Change' is set to include 'Success and Failure' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| OL6-00-000004 - The system must use a separate file system for the system audit data path. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000005 - The audit system must alert designated staff members when the audit storage volume approaches capacity. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000025 - All device files must be monitored by the system Linux Security Module. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000033 - The /etc/shadow file must be owned by root. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000034 - The /etc/shadow file must be group-owned by root. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000035 - The /etc/shadow file must have mode 0000. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000036 - The /etc/gshadow file must be owned by root. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000046 - Library files must be owned by a system account - '/usr/local/lib64' | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000047 - All system command files must have mode 755 or less permissive - '/usr/bin' | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000048 - All system command files must be owned by root - '/sbin' | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000048 - All system command files must be owned by root - '/usr/sbin' | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000061 - The system must disable accounts after three consecutive unsuccessful logon attempts - password-auth | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000063 - The system must use a FIPS 140-2 approved cryptographic hashing algorithm for generating account password hashes (login.defs) - login.defs. | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000068 - The system boot loader must require authentication. | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000071 - The system must be configured so all network connections associated with a communication session are terminated at the end of the session or after 15 minutes of inactivity from the user at a command prompt, except to fulfill documented and validated mission requirements. | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000079 - The system must limit the ability of processes to have simultaneous write and execute access to memory. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000084 - The system must not accept ICMPv4 redirect packets on any interface. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000090 - The system must not accept ICMPv4 secure redirect packets by default. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000099 - The system must ignore ICMPv6 redirects by default. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000154 - The operating system must produce audit records containing sufficient information to establish what type of events occurred - PROCESS_CHECK | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000161 - The system must rotate audit log files that reach the maximum file size. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000171 - The audit system must be configured to audit all attempts to alter system time through clock_settime - b32 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000174 - The operating system must automatically audit account creation - '/etc/security/opasswd' | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000177 - The operating system must automatically audit account termination - '/etc/security/opasswd' | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000289 - The netconsole service must be disabled unless required - 'Running' | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000289 - The netconsole service must be disabled unless required - CHKCONFIG | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000293 - Wireless network adapters must be disabled. | DISA STIG Oracle Linux 6 v2r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL6-00-000296 - All accounts on the system must have unique user or account names. | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000305 - The operating system must provide a near real-time alert when any of the organization defined list of compromise or potential compromise indicators occurs. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000313 - The audit system must identify staff members to receive notifications of audit log storage volume capacity issues. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000315 - The Bluetooth kernel module must be disabled - 'bluetooth' | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000337 - All public directories must be owned by a system account. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000341 - The snmpd service must not use a default password. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000344 - The system default umask in /etc/profile must be 077. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000357 - The system must disable accounts after excessive login failures within a 15-minute interval - system-auth fail_interval | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000384 - Audit log files must be owned by root. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000505 - The operating system must conduct backups of system-level information contained in the information system per organization defined frequency to conduct backups that are consistent with recovery time and recovery point objectives. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000508 - The system must allow locking of graphical desktop sessions. | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000516 - The system package management tool must verify ownership on all files and directories associated with packages. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000519 - The system package management tool must verify contents of all files associated with packages. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000524 - The system must provide automated support for account management functions. | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000527 - The login user list must be disabled. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000535 - The Oracle Linux operating system must restrict privilege elevation to authorized personnel - sudoers | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000536 - The Oracle Linux operating system must use the invoking user's password for privilege escalation when using 'sudo' - runaspw | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000537 - The Oracle Linux operating system must require re-authentication when using the 'sudo' command - sudo command. | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000538 - The Oracle Linux operating system must not have accounts configured with blank or null passwords. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
