| 1.7.10 Ensure XDMCP is not enabled | CIS CentOS Linux 7 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.7.10 Ensure XDMCP is not enabled | CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.8.10 Ensure XDMCP is not enabled | CIS SUSE Linux Enterprise 15 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.8.10 Ensure XDMCP is not enabled | CIS Oracle Linux 8 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.8.10 Ensure XDMCP is not enabled | CIS Red Hat EL8 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.8.10 Ensure XDMCP is not enabled | CIS Red Hat EL8 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.4 Ensure excessive function privileges are revoked | CIS PostgreSQL 9.5 DB v1.1.0 | PostgreSQLDB | ACCESS CONTROL |
| 5.3.3 Ensure password reuse is limited | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | ACCESS CONTROL |
| 5.3.3 Ensure password reuse is limited | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | ACCESS CONTROL |
| 5.3.3 Ensure password reuse is limited | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3 Ensure password reuse is limited | CIS Debian 8 Server L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.3.3 Ensure password reuse is limited | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | ACCESS CONTROL |
| 5.3.3.1.1 Ensure password failed attempts lockout is configured | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Server | Unix | ACCESS CONTROL |
| 5.3.3.1.1 Ensure password failed attempts lockout is configured | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation | Unix | ACCESS CONTROL |
| 5.3.3.1.1 Ensure password failed attempts lockout is configured | CIS Debian Linux 11 v2.0.0 L1 Server | Unix | ACCESS CONTROL |
| 5.3.3.1.1 Ensure password failed attempts lockout is configured | CIS Debian Linux 12 v1.1.0 L1 Server | Unix | ACCESS CONTROL |
| 5.3.3.1.1 Ensure password failed attempts lockout is configured | CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Workstation | Unix | ACCESS CONTROL |
| 5.4.3 Ensure password reuse is limited - password-auth | CIS Red Hat 6 Server L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.3 Ensure password reuse is limited - password-auth | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.3 Ensure password reuse is limited - system-auth | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.3 Ensure password reuse is limited - system-auth | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.3 Ensure password reuse is limited - system-auth | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.3 Ensure password reuse is limited - system-auth | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.4 Ensure password reuse is limited | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.4 Ensure password reuse is limited | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.1.1 Audit system file permissions | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | ACCESS CONTROL |
| 6.12 Ensure all HTTP Header Logging options are enabled - User-Agent | CIS Palo Alto Firewall 9 v1.1.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.7 App Store Automatically download apps purchased on other Macs Considerations | CIS Apple OSX 10.9 L2 v1.3.0 | Unix | |
| ALMA-09-022240 - AlmaLinux OS 9 must have the gnutls-utils package installed. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| Big Sur - Enforce Session Lock After Screen Saver is Started | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | ACCESS CONTROL |
| Big Sur - Prohibit Password Reuse for a Minimum of Five Generations | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Prohibit Password Reuse for a Minimum of Five Generations | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| BIND-9X-001055 - A BIND 9.x server implementation must prohibit recursion on authoritative name servers. | DISA BIND 9.x STIG v2r3 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Enforce Session Lock After Screen Saver is Started | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| CISC-RT-000270 - The Cisco perimeter router must be configured to block inbound packets with source Bogon IP address prefixes. | DISA STIG Cisco IOS XE Router RTR v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTAVSEL-016 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Move infected files to the quarantine directory if first action fails when programs and jokes are found. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN000700 - User passwords must be changed at least every 60 days. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN007960 - The ldd command must be disabled unless it protects against the execution of untrusted files - ldd command must be disabled unless it protects against the execution of untrusted files. | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| Monterey - Enforce Session Lock After Screen Saver is Started | NIST macOS Monterey v1.0.0 - 800-171 | Unix | ACCESS CONTROL |
| Monterey - Enforce Session Lock After Screen Saver is Started | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| Monterey - Enforce Session Lock After Screen Saver is Started | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
| Monterey - Enforce Session Lock After Screen Saver is Started | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |
| Monterey - Prohibit Password Reuse for a Minimum of Five Generations | NIST macOS Monterey v1.0.0 - 800-171 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000025 - OHS must have a SSL log format defined to allow generated information to be used by external applications or entities to monitor and control remote access in accordance with the categorization of data hosted by the web server. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | ACCESS CONTROL |
| OH12-1X-000052 - OHS must have a SSL log format defined for log records generated to capture sufficient information to establish what type of events occurred. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| OH12-1X-000055 - OHS must have a SSL log format defined for log records generated to capture sufficient information to establish when an event occurred. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| OH12-1X-000058 - OHS must have a SSL log format defined for log records that allow the establishment of where within OHS the events occurred. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| OH12-1X-000067 - OHS must have a SSL log format defined to produce log records that contain sufficient information to establish the outcome (success or failure) of events. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| OH12-1X-000070 - OHS must have a SSL log format defined to produce log records containing sufficient information to establish the identity of any user/subject or process associated with an event. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000274 - The system must prohibit the reuse of passwords within five iterations - password-auth | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
