1.1 Ensure packages are obtained from authorized repositories | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
1.1 Ensure packages are obtained from authorized repositories | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
1.3 Ensure Data Cluster Initialized Successfully | CIS PostgreSQL 15 OS v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
1.5 Ensure Data Cluster Initialized Successfully | CIS PostgreSQL 10 OS v1.0.0 | Unix | ACCESS CONTROL |
1.5 Ensure Data Cluster Initialized Successfully | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | ACCESS CONTROL |
2.1 Ensure the file permissions mask is correct | CIS PostgreSQL 10 OS v1.0.0 | Unix | ACCESS CONTROL |
2.1 Ensure the file permissions mask is correct | CIS PostgreSQL 13 OS v1.2.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
2.1 Ensure the file permissions mask is correct | CIS PostgreSQL 16 OS v1.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
2.1 Ensure the file permissions mask is correct | CIS PostgreSQL 11 OS v1.0.0 | Unix | ACCESS CONTROL |
2.2 Ensure extension directory has appropriate ownership and permissions | CIS PostgreSQL 13 OS v1.2.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
2.2 Ensure the PostgreSQL pg_wheel group membership is correct - /etc/group | CIS PostgreSQL 11 OS v1.0.0 | Unix | ACCESS CONTROL |
2.2 Ensure the PostgreSQL pg_wheel group membership is correct - /etc/passwd | CIS PostgreSQL 10 OS v1.0.0 | Unix | ACCESS CONTROL |
2.2 Ensure the PostgreSQL pg_wheel group membership is correct - /etc/passwd | CIS PostgreSQL 11 OS v1.0.0 | Unix | ACCESS CONTROL |
2.2 Ensure the PostgreSQL pg_wheel group membership is correct - /etc/passwd | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | ACCESS CONTROL |
2.2 Ensure the PostgreSQL pg_wheel group membership is correct - /etc/passwd | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | ACCESS CONTROL |
2.4 Ensure Passwords are Not Stored in the service file | CIS PostgreSQL 13 OS v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
3.1.3 Ensure the logging collector is enabled | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
4.3 Ensure excessive function privileges are revoked | CIS PostgreSQL 10 OS v1.0.0 | Unix | ACCESS CONTROL |
4.3 Ensure excessive function privileges are revoked | CIS PostgreSQL 11 OS v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly | CIS PostgreSQL 15 OS v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly | CIS PostgreSQL 10 OS v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly - local UNIX Domain Socket is configured correctly | CIS PostgreSQL 12 OS v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
5.2 Ensure login via 'host' TCP/IP Socket is configured correctly | CIS PostgreSQL 16 OS v1.0.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
5.2 Ensure login via 'host' TCP/IP Socket is configured correctly | CIS PostgreSQL 15 OS v1.1.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
5.2 Ensure login via 'host' TCP/IP Socket is configured correctly | CIS PostgreSQL 10 OS v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.2 Ensure PostgreSQL is Bound to an IP Address | CIS PostgreSQL 17 v1.0.0 L1 PostgreSQL | PostgreSQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used | CIS PostgreSQL 15 OS v1.1.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - fips_enabled | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl version | CIS PostgreSQL 12 OS v1.1.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl version | CIS PostgreSQL 10 OS v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl version | CIS PostgreSQL 11 OS v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
6.10 Ensure Weak SSL/TLS Ciphers Are Disabled | CIS PostgreSQL 13 OS v1.2.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
7.3 Ensure base backups are configured and functional | CIS PostgreSQL 16 OS v1.0.0 | Unix | CONTINGENCY PLANNING |
7.3 Ensure WAL archiving is configured and functional - archive_command | CIS PostgreSQL 10 OS v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
7.3 Ensure WAL archiving is configured and functional - archive_command | CIS PostgreSQL 11 OS v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
7.3 Ensure WAL archiving is configured and functional - archive_mode | CIS PostgreSQL 10 OS v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
7.3 Ensure WAL archiving is configured and functional - archive_mode | CIS PostgreSQL 11 OS v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
7.4 Ensure WAL archiving is configured and functional - archive_command | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
7.4 Ensure WAL archiving is configured and functional - archive_mode | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
7.4 Ensure WAL archiving is configured and functional- archive_command | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
8.2 Ensure the backup and restore tool, 'pgBackRest', is installed and configured - pgBackRest, is installed and configured | CIS PostgreSQL 12 OS v1.1.0 | Unix | CONTINGENCY PLANNING |
EX16-ED-000550 - Exchange must have antispam filtering configured. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
EX16-ED-000760 - The application must be configured to block and quarantine malicious code upon detection, then send an immediate alert to appropriate individuals. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 14' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 15' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 20' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 110' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 118' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 129' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
SQL2-00-001600 - SQL Server must ensure that remote sessions that access an organization-defined list of security functions and security-relevant information are audited - 'Event ID 132' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |