| 1.1.1.6 Ensure squashfs kernel module is not available | CIS AlmaLinux OS 9 v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure squashfs kernel module is not available | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure squashfs kernel module is not available | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure squashfs kernel module is not available | CIS Oracle Linux 9 v2.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.7 Ensure squashfs kernel module is not available | CIS SUSE Linux Enterprise 15 v2.0.1 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.1.1.2 Set version 2 for 'ip ssh version' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.3 Ensure iptables is installed | CIS Debian 8 Server L1 v2.0.2 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.5.3 Ensure iptables is installed | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.6.1.1 Ensure iptables is installed | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.6.1.1 Ensure iptables is installed | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.4 Ensure SSH Protocol is set to 2 | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.2 Ensure SSH Protocol is set to 2 | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | CONFIGURATION MANAGEMENT |
| 5.2.4 Ensure SSH Protocol is set to 2 | CIS Debian 9 Workstation L1 v1.0.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3 Restrict Linux Kernel Capabilities within containers | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | ACCESS CONTROL |
| 5.3.4 Ensure SSH Protocol is set to 2 | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.4 Ensure SSH Protocol is set to 2 | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.10.1.2 Ensure SSH is Restricted to Version 2 | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 7.2 Set Strong Password Creation Policies - MINALPHA = 2 | CIS Solaris 11.2 L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AZLX-23-002200 - Amazon Linux 2023 audit tools must be group-owned by root. | DISA Amazon Linux 2023 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| AZLX-23-002480 - Amazon Linux 2023 must insure all interactive users have a primary group that exists. | DISA Amazon Linux 2023 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-000510 - RHEL 10 must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information on local disk partitions that requires at-rest protection. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-000570 - RHEL 10 must use a separate file system for "/var/tmp". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-001040 - RHEL 10 must check the GNU Privacy Guard (GPG) signature of locally installed software packages before installation. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-001050 - RHEL 10 must have GNU Privacy Guard (GPG) signature verification enabled for all software repositories. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-200090 - RHEL 10 must not have a File Transfer Protocol (FTP) server package installed. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-200561 - RHEL 10 must have the USBGuard package enabled. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-200562 - RHEL 10 must block unauthorized peripherals before establishing a connection. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-200580 - RHEL 10 must have the "policycoreutils-python-utils" package installed. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-200611 - RHEL 10 must have the "pcscd" service set to active. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-200620 - RHEL 10 must have the "opensc" package installed. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-200632 - RHEL 10 must use a file integrity tool that is configured to use FIPS 140-3-approved cryptographic hashes for validating file contents and directories. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-200641 - RHEL 10 must have the rsyslog service set to active. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-10-200645 - RHEL 10 must encrypt the transfer of audit records off-loaded onto a different system or media from the system being audited via rsyslog. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-10-200662 - RHEL 10 must have the "audispd-plugins" package installed. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-10-200720 - RHEL 10 must have a Secure Shell (SSH) server installed for all networked systems. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-200721 - RHEL 10 must, for all networked systems, have and implement Secure Shell (SSH) to protect the confidentiality and integrity of transmitted and received information. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-200730 - RHEL 10 must have the "pkcs11-provider" package installed. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-200740 - RHEL 10 must have the "gnutls-utils" package installed. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-300000 - RHEL 10 must have the "crypto-policies" package installed. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-300010 - RHEL 10 must implement a FIPS 140-3-compliant systemwide cryptographic policy. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-300060 - RHEL 10 must be configured so that Secure Shell (SSH) servers use only DOD-approved Message Authentication Codes (MACs) employing FIPS 140-3-validated cryptographic hash algorithms to protect the confidentiality of SSH server connections. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL, MAINTENANCE |
| RHEL-10-400000 - RHEL 10 must be configured so that the "/etc/group" file is owned by root. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400040 - RHEL 10 must be configured so that the "/etc/passwd" file is owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400055 - RHEL 10 must be configured so that the "/etc/passwd-" file is group-owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400060 - RHEL 10 must be configured so that the "/etc/shadow" file is owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400070 - RHEL 10 must be configured so that the "/etc/shadow-" file is owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400090 - RHEL 10 must be configured so that the "/var/log/"messages file is owned by root. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-10-400105 - RHEL 10 must be configured so that system commands are group-owned by root or a system account. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| SQL6-D0-001900 - SQL Server must isolate security functions from non-security functions. | DISA MS SQL Server 2016 Database STIG v3r4 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| Word 2 and earlier binary documents and templates | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
