| 1.1 Ensure packages are obtained from authorized repositories | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.1 Ensure packages are obtained from authorized repositories | CIS PostgreSQL 15 OS v1.1.0 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.3 Ensure Installation of Community Packages | CIS PostgreSQL 10 OS v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.6 Ensure 'SQLNET.ENCRYPTION_CLIENT Is Set To 'REQUIRED' | CIS Oracle Database 23ai v1.0.0 L1 RDBMS On Linux Host OS | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.6 Ensure 'SQLNET.ENCRYPTION_CLIENT Is Set To 'REQUIRED' | CIS Oracle Database 23ai v1.0.0 L1 RDBMS On Windows Server Host OS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.3 Ensure the logging collector is enabled | CIS PostgreSQL 9.5 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.5 Ensure the filename pattern for log files is set correctly | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.11 Ensure the program name for PostgreSQL syslog messages is correct | CIS PostgreSQL 10 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.11 Ensure the program name for PostgreSQL syslog messages is correct | CIS PostgreSQL 11 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.13 Ensure the program name for PostgreSQL syslog messages is correct | CIS PostgreSQL 12 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.13 Ensure the program name for PostgreSQL syslog messages is correct | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.13 Ensure the program name for PostgreSQL syslog messages is correct | CIS PostgreSQL 15 DB v1.1.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 4.1 Ensure sudo is configured correctly | CIS PostgreSQL 15 OS v1.1.0 | Unix | ACCESS CONTROL |
| 4.1 Ensure sudo is configured correctly | CIS PostgreSQL 11 OS v1.0.0 | Unix | ACCESS CONTROL |
| 4.1 Ensure sudo is configured correctly | CIS PostgreSQL 10 OS v1.0.0 | Unix | ACCESS CONTROL |
| 4.1 Ensure sudo is configured correctly | CIS PostgreSQL 16 OS v1.0.0 | Unix | ACCESS CONTROL |
| 4.1 Ensure sudo is configured correctly | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | ACCESS CONTROL |
| 4.1 Ensure sudo is configured correctly - /etc/sudoers.d/postgres | CIS PostgreSQL 12 OS v1.1.0 | Unix | ACCESS CONTROL |
| 4.2 Ensure sudo is configured correctly | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | Unix | ACCESS CONTROL |
| 5.6 Ensure Password Complexity is configured | CIS PostgreSQL 14 DB v 1.2.0 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION |
| 9.6 Configure 'Do not display the reveal password button' | CIS IE 11 v1.0.0 | Windows | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 9.6 Ensure root PATH Integrity - writeable dir in path | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 9.6 Ensure root PATH Integrity - writeable dir in path | CIS Solaris 11 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 9.6 Ensure root PATH Integrity, No '.' In root's $PATH | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
| Buffer overflow protection should be configured 'LimitRequestFieldsize' | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND INFORMATION INTEGRITY |
| CGI-BIN directory should be disabled. 'Directory' | TNS IBM HTTP Server Best Practice Middleware | Unix | CONFIGURATION MANAGEMENT |
| CGI-BIN directory should be disabled. 'LoadModule cgi_module' | TNS IBM HTTP Server Best Practice Middleware | Unix | CONFIGURATION MANAGEMENT |
| CGI-BIN directory should be disabled. 'LoadModule env_module' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| CGI-BIN directory should be disabled. 'ScriptAlias' | TNS IBM HTTP Server Best Practice Middleware | Unix | CONFIGURATION MANAGEMENT |
| Directory access permissions should be restricted. | TNS IBM HTTP Server Best Practice Middleware | Unix | CONFIGURATION MANAGEMENT |
| EPAS-00-009200 - The EDB Postgres Advanced Server must implement cryptographic mechanisms to prevent unauthorized modification of organization-defined information at rest (to include, at a minimum, PII and classified information) on organization-defined information system components. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| EPAS-00-009300 - The EDB Postgres Advanced Server must implement cryptographic mechanisms preventing the unauthorized disclosure of organization-defined information at rest on organization-defined information system components. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi.firewall-restrict-access | VMWare vSphere 6.5 Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-EG-000160 - Exchange Message size restrictions must be controlled on Receive connectors. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000320 - Exchange Message size restrictions must be controlled on Receive connectors. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000320 - Exchange Message size restrictions must be controlled on Receive connectors. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX19-ED-000120 - Exchange Message size restrictions must be controlled on receive connectors. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| HTTP TRACE method should be disabled. 'RewriteLogLevel' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| Huawei: Disable SNMP write access | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| Huawei: Enable AAA authorization | TNS Huawei VRP Best Practice Audit | Huawei | IDENTIFICATION AND AUTHENTICATION |
| Huawei: Set 'login' header | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| Huawei: Set 'shell' header | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| Huawei: Set appropriate 'login' header | TNS Huawei VRP Best Practice Audit | Huawei | ACCESS CONTROL |
| Huawei: Set System Name | TNS Huawei VRP Best Practice Audit | Huawei | CONFIGURATION MANAGEMENT |
| JUSX-AG-000128 - The Juniper SRX Services Gateway Firewall must deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception). | DISA Juniper SRX Services Gateway ALG v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| Logging Directives should be restricted to authorized users. - 'ErrorLog logs/error_log' | TNS IBM HTTP Server Best Practice | Unix | AUDIT AND ACCOUNTABILITY |
| MaxSpareServers parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-010300 - PostgreSQL must only accept end entity certificates issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs) for the establishment of all encrypted sessions. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| User IDs which disclose the privileges associated with it, should not be created. | TNS IBM HTTP Server Best Practice | Windows | ACCESS CONTROL |
| User IDs which disclose the privileges associated with it, should not be created. 'lock' | TNS IBM HTTP Server Best Practice | Unix | ACCESS CONTROL |
