| 2.1 Alter the Advertised server.info String | CIS Apache Tomcat 10 L2 v1.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.1 Alter the Advertised server.info String | CIS Apache Tomcat 10 L2 v1.1.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.1 Alter the Advertised server.info String | CIS Apache Tomcat 11 v1.0.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 2.1 Alter the Advertised server.info String | CIS Apache Tomcat 10.1 v1.1.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 2.2 Alter the Advertised server.number String | CIS Apache Tomcat 11 v1.0.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 2.2 Alter the Advertised server.number String | CIS Apache Tomcat 10.1 v1.1.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 2.2 Alter the Advertised server.number String | CIS Apache Tomcat 10 L2 v1.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.2 Alter the Advertised server.number String | CIS Apache Tomcat 10 L2 v1.1.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.3 Alter the Advertised server.built Date | CIS Apache Tomcat 11 v1.0.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 2.3 Alter the Advertised server.built Date | CIS Apache Tomcat 10.1 v1.1.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 2.3 Alter the Advertised server.built Date | CIS Apache Tomcat 10 L2 v1.1.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.3 Alter the Advertised server.built Date | CIS Apache Tomcat 10 L2 v1.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors | CIS Apache Tomcat 11 v1.0.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors | CIS Apache Tomcat 10.1 v1.1.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors | CIS Apache Tomcat 10 L2 v1.1.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors | CIS Apache Tomcat 10 L2 v1.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.5 Disable client facing Stack Traces | CIS Apache Tomcat 10.1 v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.5 Disable client facing Stack Traces | CIS Apache Tomcat 11 v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.5 Disable client facing Stack Traces | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.5 Disable client facing Stack Traces | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.6 Turn off TRACE | CIS Apache Tomcat 10.1 v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.6 Turn off TRACE | CIS Apache Tomcat 11 v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.7 Ensure Sever Header is Modified To Prevent Information Disclosure | CIS Apache Tomcat 10 L2 v1.1.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.7 Ensure Sever Header is Modified To Prevent Information Disclosure | CIS Apache Tomcat 10.1 v1.1.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 2.7 Ensure Sever Header is Modified To Prevent Information Disclosure | CIS Apache Tomcat 10 L2 v1.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.7 Ensure Sever Header is Modified To Prevent Information Disclosure | CIS Apache Tomcat 11 v1.0.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 6.1 Hide BIND Version String | CIS BIND DNS v1.0.0 L1 Authoritative Name Server | Unix | CONFIGURATION MANAGEMENT |
| 6.1 Hide BIND Version String | CIS BIND DNS v1.0.0 L1 Caching Only Name Server | Unix | CONFIGURATION MANAGEMENT |
| 6.1.10 Ensure no ungrouped files or directories exist | CIS SUSE Linux Enterprise 12 v3.2.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.1.10 Ensure no ungrouped files or directories exist | CIS SUSE Linux Enterprise 12 v3.2.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.1.11 Ensure no unowned files or directories exist | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.1.11 Ensure no unowned files or directories exist | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.1.11 Ensure no unowned files or directories exist | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.1.11 Ensure no unowned files or directories exist | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.1.11 Ensure no unowned files or directories exist | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 6.1.12 Ensure no ungrouped files or directories exist | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.1.12 Ensure no ungrouped files or directories exist | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.1.12 Ensure no ungrouped files or directories exist | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.1.12 Ensure no ungrouped files or directories exist | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 6.1.12 Ensure no unowned files or directories exist | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.12 Ensure no unowned files or directories exist | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.12 Ensure no unowned files or directories exist | CIS CentOS Linux 8 Workstation L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.12 Ensure no unowned files or directories exist | CIS Fedora 28 Family Linux Workstation L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.13 Ensure no ungrouped files or directories exist | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.13 Ensure no ungrouped files or directories exist | CIS Fedora 28 Family Linux Workstation L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.13 Ensure no ungrouped files or directories exist | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.13 Ensure no ungrouped files or directories exist | CIS CentOS Linux 8 Workstation L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 8.2 Ensure ServerSignature Is Not Enabled | CIS Apache HTTP Server 2.4 v2.2.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 8.3 Ensure All Default Apache Content Is Removed | CIS Apache HTTP Server 2.4 v2.2.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS Control 13 (13.2) Remove Sensitive Data or Systems Not Regularly Accessed by Organization | CAS Implementation Group 1 Audit File | Unix | CONFIGURATION MANAGEMENT |
