| 1.8.18 Ensure graphical user interface automounter is disabled - automount | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 1.8.18 Ensure graphical user interface automounter is disabled - automount-open=false | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 1.8.18 Ensure graphical user interface automounter is disabled - automount=false | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 1.8.18 Ensure graphical user interface automounter is disabled - autorun-never | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 1.8.18 Ensure graphical user interface automounter is disabled - autorun-never=true | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.1 Ensure that authentication is enabled for MongoDB databases | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.1 Ensure that authentication is enabled for MongoDB databases | CIS MongoDB 3.4 L1 Unix Audit v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.02 Version/Patches - 'Ensure the latest version of Oracle software is being used, and the latest patches are from Metalink are applied' | CIS v1.1.0 Oracle 11g OS L1 | Unix | |
| 2.6 Ensure aufs storage driver is not used | CIS Docker v1.8.0 L1 OS Linux | Unix | SYSTEM AND SERVICES ACQUISITION |
| 3.3 Ensure that MongoDB is run using a Least Privileges, dedicated service account | CIS MongoDB 3.6 L1 Windows Audit v1.1.0 | Windows | ACCESS CONTROL |
| 3.3 Ensure that MongoDB is run using a non-privileged, dedicated service account | CIS MongoDB 5 L1 OS Linux v1.2.0 | Unix | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - clusterAdmin | CIS MongoDB 3.4 Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - hostManager | CIS MongoDB 3.4 Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - readWriteAnyDatabase | CIS MongoDB 3.6 Database Audit L1 v1.1.0 | MongoDB | ACCESS CONTROL |
| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 4 L2 OS Linux v1.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 5 L2 OS Linux v1.2.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure Weak Protocols are Disabled | CIS MongoDB 4 L1 OS Linux v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.4 Ensure Federal Information Processing Standard (FIPS) is enabled | CIS MongoDB 4 L2 OS Linux v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.4 Ensure images are scanned and rebuilt to include security patches | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 4.5 Ensure Encryption of Data at Rest - enableEncryption | CIS MongoDB 4 L2 OS Linux v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Ensure Encryption of Data at Rest - encryptionKeyFile | CIS MongoDB 4 L2 OS Linux v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2 Ensure that audit filters are configured properly | CIS MongoDB 3.2 L1 Unix Audit v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2 Ensure that audit filters are configured properly | CIS MongoDB 3.4 L1 Windows Audit v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.2 Ensure that audit filters are configured properly | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.2 Ensure that audit filters are configured properly | CIS MongoDB 3.4 L1 Unix Audit v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2 Ensure that audit filters are configured properly | CIS MongoDB 3.6 L1 Windows Audit v1.1.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.2 Ensure that audit filters are configured properly | CIS MongoDB 6 v1.2.0 L2 MongoDB | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2 Ensure that audit filters are configured properly | CIS MongoDB 3.6 L1 Unix Audit v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure that logging captures as much information as possible | CIS MongoDB 4 L2 OS Linux v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.4 Ensure that new entries are appended to the end of the log file | CIS MongoDB 3.4 L2 Windows Audit v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.4 Ensure that new entries are appended to the end of the log file | CIS MongoDB 3.6 L1 Unix Audit v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1 Ensure that MongoDB uses a non-default port | CIS MongoDB 4 L1 OS Linux v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 6.2 Ensure that MongoDB uses a non-default port | CIS MongoDB 3.4 L1 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2 Ensure that operating system resource limits are set for MongoDB | CIS MongoDB 4 L2 OS Linux v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.3 Ensure that server-side scripting is disabled if not needed | CIS MongoDB 4 L2 OS Linux v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 6.3 Ensure that server-side scripting is disabled if not needed | CIS MongoDB 5 L2 OS Linux v1.2.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 7.1 Ensure appropriate key file permissions are set - keyFile | CIS MongoDB 4 L1 OS Linux v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.1 Ensure appropriate key file permissions are set - PEMKeyFile | CIS MongoDB 4 L1 OS Linux v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.1 Ensure that key file permissions are set correctly | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 12.19 Network location of production and development databases - 'Separate' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | |
| AZLX-23-001030 - Amazon Linux 2023 must produce audit records containing information to establish what type of events occurred. | DISA Amazon Linux 2023 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| EX19-ED-000120 - Exchange Message size restrictions must be controlled on receive connectors. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD3X-00-000320 - If DBMS authentication using passwords is employed, MongoDB must enforce the DoD standards for password complexity and lifetime. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| MD4X-00-002400 - The role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (stored procedures, functions, triggers, links to software external to MongoDB, etc.) must be restricted to authorized users. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 DB | MongoDB | CONFIGURATION MANAGEMENT |
| MD4X-00-004900 - MongoDB must allocate audit record storage capacity in accordance with site audit record storage requirements. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | AUDIT AND ACCOUNTABILITY |
| MD7X-00-003000 The role(s)/group(s) used to modify database structure (including but not limited to tables, indexes, storage, etc.) and logic modules (stored procedures, functions, triggers, links to software external to MongoDB, etc.) must be restricted to authorized users. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | MongoDB | CONFIGURATION MANAGEMENT |
| MOTO-09-010800 - Motorola Android Pie devices must have the latest available Motorola Android Pie operating system installed. | MobileIron - DISA Motorola Android Pie.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| WN16-DC-000290 - Domain Controller PKI certificates must be issued by the DoD PKI or an approved External Certificate Authority (ECA). | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-DC-000290 - Windows Server 2019 domain controller PKI certificates must be issued by the DOD PKI or an approved External Certificate Authority (ECA). | DISA Microsoft Windows Server 2019 STIG v3r8 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN25-DC-000290 - Windows Server 2025 domain Controller PKI certificates must be issued by the DOD PKI or an approved External Certificate Authority (ECA). | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
