| 1.1.22 Disable Mounting of hfsplus Filesystems - install hfsplus /bin/true' | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.1 Enable SELinux in /etc/grub.conf - enforcing != 0 | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | ACCESS CONTROL |
| 3.13 Remove Samba | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.4.1.1 Disable IPv6 Router Advertisements - net.ipv6.conf.default.accept_ra = 0 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.6.2 Disable SCTP | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 5.2.1 Install the rsyslog package | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.2 Activate the rsyslog Service - syslog | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3 Configure /etc/rsyslog.conf - lpr,news,uucp,local0,local1,local2,local3,local4,local5,local6 /var/log/unused.log | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.6 Accept Remote rsyslog Messages Only on Designated Log Hosts - $InputTCPServerRun 514 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3.7 Record Events That Modify the System's Network Environment - /etc/issue | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.7 Record Events That Modify the System's Network Environment - /etc/issue.net | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.12 Collect Unsuccessful Unauthorized Access Attempts to Files - arch=b64 EPERM | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3.13 Collect Use of Privileged Commands | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.15 Collect File Deletion Events by User - arch=b32 | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3.18 Collect Kernel Module Loading and Unloading - /sbin/modprobe | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.19 Make the Audit Configuration Immutable - -e 2 | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.4 Configure logrotate - '/var/log/boot.log' | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.4 Configure logrotate - '/var/log/spooler' | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.5 Set User/Group Owner and Permission on /etc/cron.hourly | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 6.1.6 Set User/Group Owner and Permission on /etc/cron.daily | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 6.1.10 Restrict at/cron to Authorized Users - cron.allow | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 6.3.1 Set Password Creation Requirement Parameters Using pam_cracklib - password required | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.3.2 Set Lockout for Failed Password Attempts - auth required pam_tally2.so deny=5 onerr=fail | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 6.3.6 Remove the pam_ccreds Package | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 6.5 Restrict Access to the su Command - auth required pam_wheel.so use_uid' | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 7.5 Lock Inactive User Accounts - INACTIVE=35 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 8.1.1 Set Warning Banner for Standard Login Services - /etc/issue | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 8.1.1 Set Warning Banner for Standard Login Services - /etc/issue.net | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 8.1.2 Remove OS Information from Login Warning Banners - /etc/issue | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 8.2 Set GNOME Warning Banner | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 9.1.1 Verify System File Permissions | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | ACCESS CONTROL |
| 9.1.5 Verify Permissions on /etc/group | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 9.1.11 Find Un-owned Files and Directories | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 9.2.1 Ensure Password Fields are Not Empty | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 9.2.10 Check for Presence of User .rhosts Files | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-211015 - RHEL 9 vendor packaged system security patches and updates must be installed and up to date. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-211020 - RHEL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a command line user logon. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
| RHEL-09-213050 - RHEL 9 must be configured to disable the Controller Area Network kernel module. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-213065 - RHEL 9 must disable the Transparent Inter Process Communication (TIPC) kernel module. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-213080 - RHEL 9 must restrict usage of ptrace to descendant processes. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-215090 - RHEL 9 must have the rng-tools package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-215105 - RHEL 9 must implement a FIPS 140-3 compliant systemwide cryptographic policy. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-231015 - RHEL 9 must use a separate file system for /tmp. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-231090 - RHEL 9 must prevent files with the setuid and setgid bit set from being executed on file systems that are used with removable media. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-231105 - RHEL 9 must prevent files with the setuid and setgid bit set from being executed on the /boot/efi directory. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-231120 - RHEL 9 must mount /dev/shm with the nosuid option. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-231135 - RHEL 9 must mount /tmp with the nosuid option. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-231145 - RHEL 9 must mount /var/log with the nodev option. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-231190 - RHEL 9 local disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at rest protection. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-231200 - RHEL 9 must prevent special devices on non-root local partitions. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
