| 1.1.1.2 Ensure mounting of squashfs filesystems is disabled | CIS CentOS Linux 8 Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.4 Ensure overlay kernel module is not available | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure overlay kernel module is not available | CIS Red Hat Enterprise Linux 8 v4.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure overlay kernel module is not available | CIS Ubuntu Linux 22.04 LTS v3.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure overlay kernel module is not available | CIS AlmaLinux OS 10 v1.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure overlay kernel module is not available | CIS Debian Linux 13 v1.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure overlay kernel module is not available | CIS Debian Linux 13 v1.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure overlay kernel module is not available | CIS Ubuntu Linux 22.04 LTS v3.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure overlay kernel module is not available | CIS Red Hat Enterprise Linux 10 v1.0.1 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure overlay kernel module is not available | CIS Rocky Linux 10 v1.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure overlay kernel module is not available | CIS Linux Mint 22 v1.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure overlay kernel module is not available | CIS Rocky Linux 8 v3.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure overlay kernel module is not available | CIS Rocky Linux 10 v1.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure overlay kernel module is not available | CIS Oracle Linux 10 v1.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure overlay kernel module is not available | CIS Oracle Linux 10 v1.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure overlay kernel module is not available | CIS Rocky Linux 8 v3.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure overlay kernel module is not available | CIS AlmaLinux OS 8 v4.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure overlay kernel module is not available | CIS Oracle Linux 8 v4.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure overlay kernel module is not available | CIS Oracle Linux 8 v4.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure overlay kernel module is not available | CIS Red Hat Enterprise Linux 8 v4.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure overlay kernel module is not available | CIS AlmaLinux OS 10 v1.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.7 Ensure squashfs kernel module is not available | CIS Debian Linux 12 v1.1.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.7 Ensure squashfs kernel module is not available | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.7 Set default ulimit as appropriate - default-ulimit | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.10 Set default ulimit as appropriate '--default-ulimit' | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.4.4.1.2 Ensure nftables is not installed | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.1.1 Ensure ufw is installed | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.6.1.1 Ensure Uncomplicated Firewall is installed | CIS Debian Family Server L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.6.1.1 Ensure Uncomplicated Firewall is installed | CIS Debian Family Workstation L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.1.4 Ensure rsyslog is configured to send logs to a remote log host | CIS Debian 9 Server L1 v1.0.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.6 Ensure rsyslog is configured to send logs to a remote log host | CIS CentOS Linux 8 Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.6 Ensure rsyslog is configured to send logs to a remote log host | CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.6 Ensure rsyslog is configured to send logs to a remote log host | CIS Debian Linux 10 v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.2.5 Ensure rsyslog is configured to send logs to a remote log host | CIS Amazon Linux 2 v4.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.2.6 Ensure rsyslog is configured to send logs to a remote log host | CIS AlmaLinux OS 8 v4.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.2.6 Ensure rsyslog is configured to send logs to a remote log host | CIS Rocky Linux 8 v3.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.2.6 Ensure rsyslog is configured to send logs to a remote log host | CIS Oracle Linux 8 v4.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.2.6 Ensure rsyslog is configured to send logs to a remote log host | CIS AlmaLinux OS 8 v4.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 7.7 Ensure Firewall is active - iptables | CIS Debian Linux 7 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.7 Ensure Firewall is active - iptables-persistent | CIS Debian Linux 7 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.7 Ensure Firewall is active - iptables-persistent run level 3 | CIS Debian Linux 7 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.7 Ensure Firewall is active - iptables-persistent run level 4 | CIS Debian Linux 7 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.7 Ensure Firewall is active - iptables-persistent run level 5 | CIS Debian Linux 7 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AZLX-23-002020 - Amazon Linux 2023 must use a separate file system for the system audit data path. | DISA Amazon Linux 2023 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| AZLX-23-002455 - Amazon Linux 2023 must automatically lock an account when three unsuccessful logon attempts occur. | DISA Amazon Linux 2023 STIG v1r2 | Unix | ACCESS CONTROL |
| AZLX-23-002590 - Amazon Linux 2023 must mount /dev/shm with the nosuid option. | DISA Amazon Linux 2023 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| Ensure mounting of squashfs filesystems is disabled - lsmod | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN000360 - Group Identifiers (GIDs) reserved for system accounts must not be assigned to non-system groups. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000080 - The Photon operating system must initiate session audits at system startup. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-40-000182 - The Photon operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
