| 1.1.1.8 Ensure mounting of FAT filesystems is limited - modprobe | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.20 - MobileIron - Enable SIM Password | MobileIron - CIS Apple iOS 9 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 1.2.7.2 Ensure ask participants for consent when a recording starts is set to enabled | CIS Zoom L1 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 2.2.2 Ensure time set is within appropriate limits | CIS Apple OSX 10.10 Yosemite L1 v1.2.0 | Unix | |
| 4.1 - System Administration Methods - CLI Session Timeout | NetApp Security Hardening Guide for ONTAP 9 v1.7.0 | Netapp_API | |
| 4.2.1.2 Ensure logging is configured | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| Big Sur - Configure the System to Uniquely Identify and Authenticate Non-Organizational Users | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Configure the System to Uniquely Identify and Authenticate Non-Organizational Users | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Configure the System to Uniquely Identify and Authenticate Non-Organizational Users | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| DG0005-ORACLE11 - Only necessary privileges to the host system should be granted to DBA OS accounts - 'No dba account is a member of the root group' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DG0007-ORACLE11 - The database should be secured in accordance with DoD, vendor and/or commercially accepted practices where applicable. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0063-ORACLE11 - DBMS privileges to restore database data or other DBMS configurations, features, or objects should be restricted to authorized DBMS accounts. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0068-ORACLE11 - DBMS tools or applications that echo or require a password entry in clear text should be protected from password display. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0093-ORACLE11 - Remote adminstrative connections to the database should be encrypted - '$ORACLE_HOME/ldap/admin/fips.ora SSLFIPS_140 = true' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DG0095-ORACLE11 - Audit trail data should be reviewed daily or more frequently. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0099-ORACLE11 - Access to external DBMS executables should be disabled or restricted - '$ORACLE_HOME/network/admin/listener.ora PROGRAM=EXTPROC does not exist' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0103-ORACLE11 - Network access to the DBMS must be restricted to authorized personnel - '$ORACLE_HOME/network/admin/cman.ora source and destination addresses are configured' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DG0108-ORACLE11 - The DBMS restoration priority should be assigned. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0115-ORACLE11 - Recovery procedures and technical system features exist to ensure that recovery is done in a secure and verifiable manner. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0118-ORACLE11 - The IAM should review changes to DBA role assignments. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0129-ORACLE11 - Passwords should be encrypted when transmitted across the network. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| DG0152-ORACLE11 - DBMS network communications should comply with PPS usage restrictions - 'Oracle listeners are running on approved ports' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0154-ORACLE11 - The DBMS requires a System Security Plan containing all required information. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0155-ORACLE11 - The DBMS should have configured all applicable settings to use trusted files, functions, features, or other components during startup, shutdown, aborts, or other unplanned interruptions. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0176-ORACLE11 - The DBMS audit logs should be included in backup operations. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0186-ORACLE11 - The database should not be directly accessible from public or unauthorized networks. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0194-ORACLE11 - Privileges assigned to developers on shared production and development DBMS hosts and the DBMS should be monitored every three months or more frequently for unauthorized changes. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG7003-ORACLE11 - A minimum of two Oracle redo log groups/files must be defined and configured to be stored on separate, archived physical disks or archived directories on a RAID device. | DISA STIG Oracle 11 Installation v9r1 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| DO0430-ORACLE11 - The Oracle Management Agent should be uninstalled if not required and authorized or is installed on a database accessible from the Internet. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - 'LOG_FILE_{listener} is configured' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| DO5037-ORACLE11 - Oracle SQLNet and listener log files should not be accessible to unauthorized users - 'TRACE_LEVEL_SERVER' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DO6746-ORACLE11 - The Oracle listener.ora file should specify IP addresses rather than host names to identify hosts - '$ORACLE_HOME/network/admin/listener.ora HOST entroes do not use hostnames' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DO6747-ORACLE11 - Remote administration should be disabled for the Oracle connection manager - '$ORACLE_HOME/network/admin/cman.ora REMOTE_ADMIN = no' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| GEN002280 - Device files and directories must only be writable by users with a system account or as configured by the vendor. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002690 - System audit logs must be group-owned by bin, sys, or system. | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN003602 - The system must not process ICMP timestamp requests. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006570 - The file integrity tool must be configured to verify ACLs. | DISA STIG AIX 5.3 v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GOOG-11-009600 - Google Android 11 must be provisioned as a fully managed device and configured to create a work profile. | MobileIron - DISA Google Android 11 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-011-999999 - All Google Android 11 installations must be removed. | MobileIron - DISA Google Android 11 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-010300 - Google Android 14 must be provisioned as a fully managed device and configured to create a work profile. | AirWatch - DISA Google Android 14 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-010300 - Google Android 14 must be provisioned as a fully managed device and configured to create a work profile. | MobileIron - DISA Google Android 14 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| Management Access Policy - HTTPS - Cipher Configuration | Tenable Cisco ACI | Cisco_ACI | |
| Monterey - Configure the System to Uniquely Identify and Authenticate Non-Organizational Users | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Configure the System to Uniquely Identify and Authenticate Non-Organizational Users | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Configure the System to Uniquely Identify and Authenticate Non-Organizational Users | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
| MOTO-09-009600 - Motorola Android Pie must be provisioned as a fully managed device and configured to create a work profile. | AirWatch - DISA Motorola Android Pie.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| RHEL-09-651020 - RHEL 9 must use a file integrity tool that is configured to use FIPS 140-3-approved cryptographic hashes for validating file contents and directories. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| VCWN-65-000049 - The vCenter Server for Windows must alert administrators on permission deletion operations. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| VCWN-65-000050 - The vCenter Server for Windows must alert administrators on permission update operations. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| WG350 IIS6 - A private web server must have a valid server certificate. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | |
