| 2.2.6 Ensure 'SQLNET.ENCRYPTION_CLIENT Is Set To 'REQUIRED' | CIS Oracle Database 23ai v1.0.0 L1 RDBMS On Linux Host OS | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.6 Ensure 'SQLNET.ENCRYPTION_CLIENT Is Set To 'REQUIRED' | CIS Oracle Database 23ai v1.0.0 L1 RDBMS On Windows Server Host OS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3 Ensure that MongoDB is run using a non-privileged, dedicated service account | CIS MongoDB 4 L1 OS Linux v1.0.0 | Unix | ACCESS CONTROL |
| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 4 L2 OS Linux v1.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.1 Ensure legacy TLS protocols are disabled | CIS MongoDB 5 L2 OS Linux v1.2.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.2 Ensure Weak Protocols are Disabled | CIS MongoDB 5 L1 OS Linux v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2 Ensure Weak Protocols are Disabled | CIS MongoDB 4 L1 OS Linux v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.4 Ensure Federal Information Processing Standard (FIPS) is enabled | CIS MongoDB 4 L2 OS Linux v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.4 Ensure Federal Information Processing Standard (FIPS) is enabled | CIS MongoDB 5 L2 OS Linux v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Ensure Encryption of Data at Rest - enableEncryption | CIS MongoDB 4 L2 OS Linux v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Ensure Encryption of Data at Rest - enableEncryption | CIS MongoDB 5 L2 OS Linux v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Ensure Encryption of Data at Rest - encryptionKeyFile | CIS MongoDB 5 L2 OS Linux v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3 Ensure that logging captures as much information as possible | CIS MongoDB 4 L2 OS Linux v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure that logging captures as much information as possible | CIS MongoDB 5 L2 OS Linux v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.4 Ensure that new entries are appended to the end of the log file | CIS MongoDB 4 L2 OS Linux v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.4 Ensure that new entries are appended to the end of the log file | CIS MongoDB 5 L2 OS Linux v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1 Ensure that MongoDB uses a non-default port | CIS MongoDB 4 L1 OS Linux v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 6.1 Ensure that MongoDB uses a non-default port | CIS MongoDB 5 L1 OS Linux v1.2.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 6.2 Ensure that operating system resource limits are set for MongoDB | CIS MongoDB 5 L2 OS Linux v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.2 Ensure that operating system resource limits are set for MongoDB | CIS MongoDB 4 L2 OS Linux v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.3 Ensure that server-side scripting is disabled if not needed | CIS MongoDB 4 L2 OS Linux v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 6.3 Ensure that server-side scripting is disabled if not needed | CIS MongoDB 5 L2 OS Linux v1.2.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 7.1 Ensure appropriate key file permissions are set - CAFile | CIS MongoDB 5 L1 OS Linux v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.1 Ensure appropriate key file permissions are set - keyFile | CIS MongoDB 5 L1 OS Linux v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.1 Ensure appropriate key file permissions are set - PEMKeyFile | CIS MongoDB 5 L1 OS Linux v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 9.3 Check That Defined Home Directories Exist | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 9.7 Check Permissions on User Home Directories | CIS Solaris 11.1 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.8 Check Permissions on User '.' (Hidden) Files | CIS Solaris 11.1 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 9.9 Check Permissions on User Home Directories | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 9.10 Check for Presence of User .rhosts Files | CIS Solaris 11.1 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.11 Check Groups in passwd(4) | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL |
| 9.11 Check Permissions on User .netrc Files | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 9.14 Check User Home Directory Ownership | CIS Solaris 11.1 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.16 Check for Duplicate UIDs | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 9.22 Find World Writable Files | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL |
| ALMA-09-018720 - The firewalld service on AlmaLinux OS 9 must be active. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| ALMA-09-031700 - AlmaLinux OS 9 must have the firewalld package installed. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Buffer overflow protection should be configured 'LimitRequestFieldsize' | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND INFORMATION INTEGRITY |
| CGI-BIN directory should be disabled. 'LoadModule env_module' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| EX16-ED-000320 - Exchange Message size restrictions must be controlled on Receive connectors. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX19-ED-000120 - Exchange Message size restrictions must be controlled on receive connectors. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| HTTP TRACE method should be disabled. 'RewriteLogLevel' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| Logging Directives should be restricted to authorized users. - 'ErrorLog logs/error_log' | TNS IBM HTTP Server Best Practice | Unix | AUDIT AND ACCOUNTABILITY |
| MaxSpareServers parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Non-Essential modules should be disabled. 'mod_dav' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| Non-Essential modules should be disabled. 'mod_status' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| RHEL-09-251010 - RHEL 9 must have the firewalld package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| RHEL-09-251015 - The firewalld service on RHEL 9 must be active. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| User IDs which disclose the privileges associated with it, should not be created. | TNS IBM HTTP Server Best Practice | Windows | ACCESS CONTROL |
| User IDs which disclose the privileges associated with it, should not be created. 'lock' | TNS IBM HTTP Server Best Practice | Unix | ACCESS CONTROL |
