| 1.1.1.8 Ensure mounting of FAT filesystems is limited - modprobe | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.2 Ensure Installation of Binary Packages | CIS PostgreSQL 10 OS v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.2 Ensure Installation of Binary Packages | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.2 Ensure Installation of Binary Packages | CIS PostgreSQL 11 OS v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.2 Ensure Installation of Binary Packages | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.2.4 Ensure Red Hat Network or Subscription Manager connection is configured | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.4 Ensure Red Hat Network or Subscription Manager connection is configured | CIS Red Hat 6 Server L1 v3.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.3 Ensure Apache Is Installed From the Appropriate Binaries | CIS Apache HTTP Server 2.4 v2.2.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.1 Ensure only required modules are installed | CIS NGINX Benchmark v2.1.0 L2 Webserver | Unix | CONFIGURATION MANAGEMENT |
| 2.1.1 Ensure only required modules are installed | CIS NGINX Benchmark v2.1.0 L2 Loadbalancer | Unix | CONFIGURATION MANAGEMENT |
| 2.2 Enable IM groups is set to the organization's needs | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 2.2.2 Ensure time set is within appropriate limits | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | |
| 5.250 - Unsigned gadgets must not be installed. - TurnOffUnsignedGadgets | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 8.1.4 Set 'Allow installation of desktop items' to 'Enabled:Disable' | CIS IE 9 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 8.3.7 Set 'Allow installation of desktop items' to 'Enabled:Disable' | CIS IE 9 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.7.12 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.7.12 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 18.7.12 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT |
| 18.7.12 (L1) Ensure 'Point and Print Restrictions: When updating drivers for an existing connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| AIOS-02-090103 - Apple iOS device must have the latest available iOS operating system installed. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| Big Sur - Configure Automated Flaw Remediation | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Configure Automated Flaw Remediation | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Configure the System to Uniquely Identify and Authenticate Non-Organizational Users | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Configure Automated Flaw Remediation | NIST macOS Catalina v1.5.0 - All Profiles | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Configure Automated Flaw Remediation | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Configure the System to Uniquely Identify and Authenticate Non-Organizational Users | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| DG0099-ORACLE11 - Access to external DBMS executables should be disabled or restricted - '$ORACLE_HOME/network/admin/listener.ora PROGRAM=EXTPROC does not exist' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0103-ORACLE11 - Network access to the DBMS must be restricted to authorized personnel - '$ORACLE_HOME/network/admin/cman.ora source and destination addresses are configured' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DG0108-ORACLE11 - The DBMS restoration priority should be assigned. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0115-ORACLE11 - Recovery procedures and technical system features exist to ensure that recovery is done in a secure and verifiable manner. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0118-ORACLE11 - The IAM should review changes to DBA role assignments. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0129-ORACLE11 - Passwords should be encrypted when transmitted across the network. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| DG0152-ORACLE11 - DBMS network communications should comply with PPS usage restrictions - 'Oracle listeners are running on approved ports' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0154-ORACLE11 - The DBMS requires a System Security Plan containing all required information. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0155-ORACLE11 - The DBMS should have configured all applicable settings to use trusted files, functions, features, or other components during startup, shutdown, aborts, or other unplanned interruptions. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0176-ORACLE11 - The DBMS audit logs should be included in backup operations. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0186-ORACLE11 - The database should not be directly accessible from public or unauthorized networks. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0194-ORACLE11 - Privileges assigned to developers on shared production and development DBMS hosts and the DBMS should be monitored every three months or more frequently for unauthorized changes. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DO0430-ORACLE11 - The Oracle Management Agent should be uninstalled if not required and authorized or is installed on a database accessible from the Internet. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - 'LOG_FILE_{listener} is configured' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - 'TRACE_LEVEL_SERVER' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DO6746-ORACLE11 - The Oracle listener.ora file should specify IP addresses rather than host names to identify hosts - '$ORACLE_HOME/network/admin/listener.ora HOST entroes do not use hostnames' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DO6747-ORACLE11 - Remote administration should be disabled for the Oracle connection manager - '$ORACLE_HOME/network/admin/cman.ora REMOTE_ADMIN = no' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DO6751-ORACLE11 - The SQLNet SQLNET.ALLOWED_LOGON_VERSION parameter must be set to a value of 11 or higher - '$ORACLE_HOME/network/admin/sqlnet.ora SQLNET.ALLOWED_LOGON_VERSION > 11' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure Automated Flaw Remediation | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Configure the System to Uniquely Identify and Authenticate Non-Organizational Users | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCTR-67-000060 - The vCenter Server must enable revocation checking for certificate-based authentication. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-65-000049 - The vCenter Server for Windows must alert administrators on permission deletion operations. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| VCWN-65-000050 - The vCenter Server for Windows must alert administrators on permission update operations. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | SYSTEM AND INFORMATION INTEGRITY |
