| 1.8.15 Ensure graphical user interface automounter is disabled | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | MEDIA PROTECTION |
| 2.1 Ensure that authentication is enabled for MongoDB databases | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 3.4 L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 3.2 L1 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 3.4 L1 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.6 Turn off TRACE | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 2.6 Turn off TRACE | CIS Apache Tomcat 10.1 v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.3 Ensure that MongoDB is run using a non-privileged, dedicated service account | CIS MongoDB L1 Unix Audit v1.0.0 | Unix | ACCESS CONTROL |
| 3.3 Ensure that MongoDB is run using a non-privileged, dedicated service account | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | |
| 3.5 Review User-Defined Roles | CIS MongoDB Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - userAdmin | CIS MongoDB Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 4.2 Enable stack protection - Check if 'noexec_user_stack' is set to 1 in /etc/system (Solaris 2.6 or later) | CIS Solaris 9 v1.3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 4.4 Rebuild the images to include security patches | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 4.4 Scan and rebuild the images to include security patches | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 4.5 Ensure The Latest Version of The Password File Is Used | CIS Oracle Database 23ai v1.0.0 L1 RDBMS | OracleDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2 Ensure that audit filters are configured properly | CIS MongoDB 7 v1.1.0 L2 MongoDB | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2 Ensure that audit filters are configured properly | CIS MongoDB 6 v1.2.0 L2 MongoDB | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure that logging captures as much information as possible | CIS MongoDB L2 Unix Audit v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1 Ensure that the HTTP status interface is disabled | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.2 Ensure that MongoDB uses a non-default port | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.5 Ensure that the HTTP interface is disabled | CIS MongoDB L2 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.5 Ensure that the HTTP interface is disabled | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.7 Ensure that the REST API is disabled | CIS MongoDB L2 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databases | CIS SQL Server 2014 Database L1 DB v1.5.0 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databases | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databases | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databases | CIS Microsoft SQL Server 2019 v1.5.0 L1 Database Engine | MS_SQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure that key file permissions are set correctly | CIS MongoDB L1 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 7.2 Ensure that database file permissions are set correctly | CIS MongoDB L1 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.19 Check for Presence of User .netrc Files | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.20 Check for Presence of User .forward Files | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.21 Check for Presence of User .forward Files | CIS Solaris 11 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.21 Check for Presence of User .forward Files | CIS Solaris 11.1 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| MD3X-00-000220 - MongoDB must protect its audit features from unauthorized access. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | AUDIT AND ACCOUNTABILITY |
| MD4X-00-000100 - MongoDB must provide audit record generation for DoD-defined auditable events within all DBMS/database components. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| MD4X-00-000400 - Unused database components that are integrated in MongoDB and cannot be uninstalled must be disabled. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | CONFIGURATION MANAGEMENT |
| MD4X-00-000500 - Unused database components that are integrated in MongoDB and cannot be uninstalled must be disabled. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | CONFIGURATION MANAGEMENT |
| MD7X-00-002300 MongoDB must protect its audit features from unauthorized access. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| MD7X-00-002700 MongoDB software installation account must be restricted to authorized users. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| MD7X-00-007800 MongoDB must enforce access restrictions associated with changes to the configuration of MongoDB or database(s). | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | MongoDB | CONFIGURATION MANAGEMENT |
| O19C-00-010800 - The Oracle Database data files, transaction logs and audit files must be stored in dedicated directories or disk partitions separate from software or other application files. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O121-BP-025100 - The DBMS data files, transaction logs and audit files must be stored in dedicated directories or disk partitions separate from software or other application files. | DISA STIG Oracle 12c v3r2 Database | OracleDB | CONFIGURATION MANAGEMENT |
| OL08-00-030580 - OL 8 must generate audit records for any use of the "kmod" command. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| TNS_Best_Practices_Jetty_9_v1.0.0.audit | TNS Best Practice Jetty 9 Linux | Unix | |
| vCenter : monitor-admin-assignment | VMWare vSphere 5.X Hardening Guide | VMware | |
| vCenter: vcenter-8.administration-sso-password-policy | VMware vSphere Security Configuration and Hardening Guide | VMware | IDENTIFICATION AND AUTHENTICATION |
| VM Tools: guest-8.tools-deactivate-containerinfo | VMware vSphere Security Configuration and Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| WN12-PK-000007-DC - PKI certificates associated with user accounts must be issued by the DoD PKI or an approved External Certificate Authority (ECA). | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
