| 1.4.1.1 Ensure 'aaa local authentication max failed attempts' is set to less than or equal to '3' | CIS Cisco ASA 9.x Firewall L1 v1.1.0 | Cisco | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 2.6.1 Ensure Guest Account Is Disabled | CIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 2.6.1 Ensure Guest Account Is Disabled | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 2.12.1 Ensure Guest Account Is Disabled | CIS Apple macOS 14.0 Sonoma v2.1.0 L1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 2.12.1 Ensure Guest Account Is Disabled | CIS Apple macOS 13.0 Ventura v3.1.0 L1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 2.13.1 Ensure Guest Account Is Disabled | CIS Apple macOS 15.0 Sequoia v1.1.0 L1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 4.1.7 Ensure login and logout events are collected - auditctl /var/log/faillog | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl /var/log/lastlog | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl /var/run/faillock/ | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl faillog | CIS Debian Family Server L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl lastlog | CIS Debian Family Server L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl tallylog | CIS Debian Family Workstation L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - faillog | CIS Debian Family Server L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - rules.d /var/log/lastlog | CIS CentOS 6 Server L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - rules.d /var/run/faillock/ | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - rules.d /var/run/faillock/ | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - rules.d /var/run/faillock/ | CIS CentOS 6 Server L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - /var/log/faillog | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - auditctl lastlog | CIS Debian 9 Workstation L2 v1.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - auditctl tallylog | CIS Debian 9 Server L2 v1.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - tallylog | CIS Debian 9 Server L2 v1.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - /var/run/utmp | CIS Debian Family Workstation L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/log/btmp | CIS CentOS 6 Server L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/log/wtmp | CIS CentOS 6 Server L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/run/utmp | CIS Oracle Linux 6 Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl btmp | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl btmp | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl utmp | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - btmp | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - btmp | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - btmp | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - rules.d /var/log/btmp | CIS Oracle Linux 6 Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - rules.d /var/log/btmp | CIS CentOS 6 Server L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - rules.d /var/log/wtmp | CIS CentOS 6 Server L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - utmp | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - /var/log/btmp | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - /var/log/wtmp | CIS Debian 9 Workstation L2 v1.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - /var/run/utmp | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - auditctl /var/log/btmp | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - auditctl /var/log/wtmp | CIS Debian 9 Workstation L2 v1.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - auditctl /var/log/wtmp | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - auditctl /var/run/utmp | CIS Debian 9 Server L2 v1.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.1.6.1 (L2) Ensure that collaboration invitations are sent to allowed domains only | CIS Microsoft 365 Foundations v5.0.0 L2 E3 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 5.1.6.3 (L2) Ensure guest user invitations are limited to the Guest Inviter role | CIS Microsoft 365 Foundations v5.0.0 L2 E3 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 6.1.3 Ensure Guest Account Is Disabled | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 6.2.3 Ensure that an exclusionary device code flow policy is considered | CIS Microsoft Azure Foundations v4.0.0 L2 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 7.1 Ensure authentication file permissions are set correctly | CIS MongoDB 3.6 L1 Windows Audit v1.1.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| DG0060-ORACLE11 - All database non-interactive, n-tier connection, and shared accounts that exist should be documented and approved by the IAO. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| DG0070-ORACLE11 - Unauthorized user accounts should not exist. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| VCSA-80-000123 - The vCenter Server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, on every Single Sign-On (SSO) account action. | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | ACCESS CONTROL |
