| 1.2 Use Dedicated Least Privileged Account for MariaDB Daemon/Service | CIS MariaDB 10.6 on Linux L1 v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.2 Use Dedicated Least Privileged Account for MySQL Daemon/Service | CIS MySQL 5.6 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL |
| 1.2 Use Dedicated Least Privileged Account for MySQL Daemon/Service | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL |
| 1.2 Use Dedicated Least Privileged Account for MySQL Daemon/Service | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL |
| 1.2 Use Dedicated Least Privileged Account for MySQL Daemon/Service | CIS Oracle MySQL Community Server 8.4 v1.1.0 L1 MySQL RDBMS on Linux Unix | Unix | ACCESS CONTROL |
| 2.5 Do not use the aufs storage driver | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 2.5 Do not use the aufs storage driver | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 2.6 Ensure Password Complexity is Configured - validate_password_dictionary_file | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.6 Ensure Password Complexity is Configured - validate_password_length | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.7 Ensure Password Complexity is Configured - validate_password_dictionary_file | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.7 Ensure Password Complexity is Configured - validate_password_mixed_case_count | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 3.2.4 Ensure Multi-AZ deployments are used for enhanced availability in Amazon RDS | CIS Amazon Web Services Foundations v7.0.0 L1 | amazon_aws | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2 (L2) Ensure device enrollment for personally owned devices is blocked by default | CIS Microsoft 365 Foundations v6.0.1 L2 E5 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.5 Ensure No World Writable Folders Exist in the System Folder | CIS Apple macOS 14.0 Sonoma Cloud-tailored v1.1.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.5 Ensure No World Writable Folders Exist in the System Folder | CIS Apple macOS 13.0 Ventura Cloud-tailored v1.1.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.5 Ensure No World Writable Folders Exist in the System Folder | CIS Apple macOS 15.0 Sequoia Cloud-tailored v1.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.2.3 (L1) Enable Conditional Access policies to block legacy authentication | CIS Microsoft 365 Foundations v6.0.1 L1 E3 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 5.2.2.3 (L1) Enable Conditional Access policies to block legacy authentication | CIS Microsoft 365 Foundations v6.0.1 L1 E5 | microsoft_azure | CONFIGURATION MANAGEMENT |
| 6.2.3.20 Ensure the audit configuration is loaded regardless of errors | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.35 Ensure the audit configuration is loaded regardless of errors | CIS Debian Linux 13 v1.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.35 Ensure the audit configuration is loaded regardless of errors | CIS Debian Linux 13 v1.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.20 Ensure the audit configuration is loaded regardless of errors | CIS Red Hat Enterprise Linux 8 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.20 Ensure the audit configuration is loaded regardless of errors | CIS Rocky Linux 8 v3.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.20 Ensure the audit configuration is loaded regardless of errors | CIS Rocky Linux 8 v3.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.20 Ensure the audit configuration is loaded regardless of errors | CIS AlmaLinux OS 8 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.20 Ensure the audit configuration is loaded regardless of errors | CIS Oracle Linux 8 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.20 Ensure the audit configuration is loaded regardless of errors | CIS Red Hat Enterprise Linux 8 v4.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.20 Ensure the audit configuration is loaded regardless of errors | CIS Oracle Linux 8 v4.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.20 Ensure the audit configuration is loaded regardless of errors | CIS AlmaLinux OS 8 v4.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.35 Ensure the audit configuration is loaded regardless of errors | CIS Oracle Linux 10 v1.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.35 Ensure the audit configuration is loaded regardless of errors | CIS Red Hat Enterprise Linux 10 v1.0.1 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.35 Ensure the audit configuration is loaded regardless of errors | CIS Rocky Linux 10 v1.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.35 Ensure the audit configuration is loaded regardless of errors | CIS AlmaLinux OS 10 v1.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.35 Ensure the audit configuration is loaded regardless of errors | CIS Red Hat Enterprise Linux 10 v1.0.1 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.35 Ensure the audit configuration is loaded regardless of errors | CIS Rocky Linux 10 v1.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.35 Ensure the audit configuration is loaded regardless of errors | CIS AlmaLinux OS 10 v1.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.35 Ensure the audit configuration is loaded regardless of errors | CIS Oracle Linux 10 v1.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2.9 Audit Autofill | CIS Apple macOS 11.0 Big Sur v4.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.2 Review Role Members | CIS IBM DB2 v10 v1.1.0 Database Level 1 | IBM_DB2DB | |
| 8.2 Review Role Members | CIS IBM DB2 v10 v1.1.0 Database Level 2 | IBM_DB2DB | |
| 11.2 Ensure Apache Processes Run in the httpd_t Confined Context | CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware | Unix | ACCESS CONTROL |
| DG0007-ORACLE11 - The database should be secured in accordance with DoD, vendor and/or commercially accepted practices where applicable. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| Ensure 'logging to monitor' is disabled | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure 'SNMP traps' is enabled - linkup | Tenable Cisco Firepower Best Practices Audit | Cisco | CONFIGURATION MANAGEMENT |
| Ensure 'syslog hosts' is configured correctly | Tenable Cisco Firepower Best Practices Audit | Cisco | AUDIT AND ACCOUNTABILITY |
| Ensure 'TACACS+/RADIUS' is configured correctly - protocol | Tenable Cisco Firepower Best Practices Audit | Cisco | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| Ensure DNS services are configured correctly - name-server | Tenable Cisco Firepower Best Practices Audit | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure non-default application inspection is configured correctly | Tenable Cisco Firepower Best Practices Audit | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| Network Security - Ensure Source Routing has not been configured | Juniper Hardening JunOS 12 Devices Checklist | Juniper | CONFIGURATION MANAGEMENT |
| WG170 A22 - Each readable web document directory must contain either a default, home, index, or equivalent file. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | |
