| 1.2.4 Disable the rhnsd Daemon | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.3.1 Ensure authentication required for single user mode | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.4.1 Enable SELinux in /etc/grub.conf - selinux != 0 | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | ACCESS CONTROL |
| 1.4.2 Set the SELinux State - SELINUX=enforcing | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | ACCESS CONTROL |
| 1.5.1.2 Ensure local login warning banner is configured properly | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.5.1.3 Ensure remote login warning banner is configured properly | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.5.3 Configure Netflow on Strategic Ports | CIS Cisco NX-OS v1.2.0 L2 | Cisco | AUDIT AND ACCOUNTABILITY, INCIDENT RESPONSE, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.2 Configure ExecShield - kernel.exec-shield = 1 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.6.4 Enable XD/NX Support on 32-bit x86 Systems - kernel-PAE | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.1.3 Remove rsh-server | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.8 Remove tftp-server | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.10 Remove talk-server | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.13 Disable chargen-stream | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.14 Disable daytime-dgram | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.18 Disable tcpmux-server | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.5 (L1) Ensure 'Allow log on locally' is set to 'Administrators, Users' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL |
| 2.2.21 Ensure 'Enable computer and user accounts to be trusted for delegation' is set to 'No One' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.25 Ensure 'Increase scheduling priority' is set to 'Administrators' - Window Manager\Window Manager Group' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed administrative events' | CIS Apple macOS 10.13 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2 Set Daemon umask | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 3.2.1 Restrict Recursive Queries | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.15 Remove SNMP Server | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.5 Configure Solaris Auditing - active non-attributable flags = lo | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - audit_binfile (active) | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - audit_binfile attributes: p_minfree=1; | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - audit_binfile attributes: p_minfree=1; | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - audit_flags root = lo,ad,ft,ex,cis:no | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - configured non-attributable flags = lo | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - configured user flags = cis,ex,aa,ua,as,ss,lo,ft | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - var/audit/*.not_terminated.* | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - var/audit/*.not_terminated.* | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5.4 Create /etc/hosts.deny | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.6.1 Disable DCCP | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.6.4 Disable TIPC | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.7 (L1) Ensure only authorized users and groups belong to the esxAdminsGroup group | CIS VMware ESXi 7.0 v1.4.0 L1 | VMware | ACCESS CONTROL |
| 5.3.3 Keep All Auditing Information | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.8 Ensure 'REPLICATION SLAVE' is Not Granted to Non-Administrative Users | CIS MySQL 8.4 Enterprise v1.0.0 L1 Database | MySQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 6.2.1 Set SSH Protocol to 2 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 7.3 Set Default Group for root Account | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG Only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.2.5 Ensure 'Audit Other Account Management Events' is set to include 'Success' (STIG Only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| CIS_Palo_Alto_Firewall_8_Benchmark_L1_v1.0.0.audit from CIS Palo Alto Firewall 8 Benchmark v1.0.0 | CIS Palo Alto Firewall 8 Benchmark L1 v1.0.0 | Palo_Alto | |
| CNTR-R2-000060 - Rancher RKE2 components must be configured in accordance with the security configuration settings based on DOD security configuration or implementation guidance, including SRGs, STIGs, NSA configuration guides, CTOs, and DTMs. | DISA Rancher Government Solutions RKE2 STIG v2r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| EX13-CA-000140 - Exchange software must be installed on a separate partition from the OS. | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-EG-000310 - Exchange software must be installed on a separate partition from the OS. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN000000-AIX00020 - AIX Trusted Computing Base (TCB) software must be implemented. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL, SYSTEM AND SERVICES ACQUISITION |
| GEN000000-AIX00020 - AIX Trusted Computing Base (TCB) software must be implemented. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL, SYSTEM AND SERVICES ACQUISITION |
| MADB-10-009100 - When invalid inputs are received, MariaDB must behave in a predictable and documented manner that reflects organizational and system objectives. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | SYSTEM AND INFORMATION INTEGRITY |
| MYS8-00-012000 - The MySQL Database Server 8.0 must implement cryptographic mechanisms to prevent unauthorized modification of organization-defined information at rest (to include, at a minimum, PII and classified information) on organization-defined information system components. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000207 - All accounts installed with the web server software and tools must have passwords assigned and default passwords changed. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
