| 2.6 Turn off TRACE (check server.xml) | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.2 Ensure that role-based access control is enabled and configured appropriately | CIS MongoDB 6 v1.2.0 L1 MongoDB | MongoDB | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure that role-based access control is enabled and configured appropriately - roles | CIS MongoDB 4 L1 DB v1.0.0 | MongoDB | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure that role-based access control is enabled and configured appropriately - roles | CIS MongoDB 5 L1 DB v1.2.0 | MongoDB | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure that role-based access control is enabled and configured appropriately - users | CIS MongoDB 5 L1 DB v1.2.0 | MongoDB | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.1 Do not disable AppArmor Profile | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | ACCESS CONTROL |
| 9.9 Check Permissions on User .netrc Files | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.11 Check Groups in passwd(4) | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 9.12 Check That Users Are Assigned Home Directories | CIS Solaris 11 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.12 Check That Users Are Assigned Home Directories | CIS Solaris 11.1 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.21 Find World Writable Files | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 9.21 Find World Writable Files | CIS Solaris 11.2 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 9.22 Find World Writable Files | CIS Solaris 11 L1 v1.1.0 | Unix | ACCESS CONTROL |
| Buffer overflow protection should be configured 'LimitRequestFieldsize' | TNS IBM HTTP Server Best Practice Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Buffer overflow protection should be configured 'LimitRequestline' | TNS IBM HTTP Server Best Practice Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| CGI-BIN directory should be disabled. 'AddModule mod_env.c' | TNS IBM HTTP Server Best Practice Middleware | Unix | CONFIGURATION MANAGEMENT |
| CIS_MongoDB_3.4_Benchmark_Level_1_OS_Unix_v1.0.0.audit from CIS MongoDB 3.4 Benchmark | CIS MongoDB 3.4 L1 Unix Audit v1.0.0 | Unix | |
| CIS_MongoDB_3.4_Benchmark_Level_2_OS_Unix_v1.0.0.audit from CIS MongoDB 3.4 Benchmark | CIS MongoDB 3.4 L2 Unix Audit v1.0.0 | Unix | |
| CIS_MongoDB_3.6_Benchmark_Level_1_DB_v1.1.0.audit from CIS MongoDB 3.6 Benchmark | CIS MongoDB 3.6 Database Audit L1 v1.1.0 | MongoDB | |
| CIS_MongoDB_3.6_Benchmark_Level_1_OS_Unix_v1.1.0.audit from CIS MongoDB 3.6 Benchmark | CIS MongoDB 3.6 L1 Unix Audit v1.1.0 | Unix | |
| CIS_MongoDB_3.6_Benchmark_Level_1_OS_Windows_v1.1.0.audit from CIS MongoDB 3.6 Benchmark | CIS MongoDB 3.6 L1 Windows Audit v1.1.0 | Windows | |
| CIS_MongoDB_3.6_Benchmark_Level_2_DB_v1.1.0.audit from CIS MongoDB 3.6 Benchmark | CIS MongoDB 3.6 Database Audit L2 v1.1.0 | MongoDB | |
| CIS_MongoDB_3.6_Benchmark_Level_2_OS_Windows_v1.1.0.audit from CIS MongoDB 3.6 Benchmark | CIS MongoDB 3.6 L2 Windows Audit v1.1.0 | Windows | |
| CIS_MongoDB_4_Benchmark_Level_1_OS_Linux_v1.0.0.audit from CIS MongoDB 4 Benchmark | CIS MongoDB 4 L1 OS Linux v1.0.0 | Unix | |
| CIS_MongoDB_4_Benchmark_Level_2_OS_Windows_v1.0.0.audit from CIS MongoDB 4 Benchmark | CIS MongoDB 4 L2 OS Windows v1.0.0 | Windows | |
| CIS_MongoDB_5_Benchmark_Level_1_OS_Windows_v1.2.0.audit from CIS MongoDB 5 Benchmark | CIS MongoDB 5 L1 OS Windows v1.2.0 | Windows | |
| CIS_MongoDB_5_Benchmark_Level_2_OS_Linux_v1.2.0.audit from CIS MongoDB 5 Benchmark | CIS MongoDB 5 L2 OS Linux v1.2.0 | Unix | |
| CIS_MongoDB_5_Benchmark_Level_2_OS_Windows_v1.2.0.audit from CIS MongoDB 5 Benchmark | CIS MongoDB 5 L2 OS Windows v1.2.0 | Windows | |
| CIS_MongoDB_Benchmark_Level_1_OS_Unix_v1.0.0.audit from CIS MongoDB Benchmark v1.0.0 | CIS MongoDB L1 Unix Audit v1.0.0 | Unix | |
| CIS_MongoDB_Benchmark_Level_1_OS_Windows_v1.0.0.audit from CIS MongoDB Benchmark v1.0.0 | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | |
| CIS_MongoDB_Benchmark_Level_2_OS_Unix_v1.0.0.audit from CIS MongoDB Benchmark v1.0.0 | CIS MongoDB L2 Unix Audit v1.0.0 | Unix | |
| CIS_MongoDB_Benchmark_Level_2_OS_Windows_v1.0.0.audit from CIS MongoDB Benchmark v1.0.0 | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | |
| Encryption protocols such as https should be used | TNS IBM HTTP Server Best Practice Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi.firewall-restrict-access | VMWare vSphere 6.5 Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000320 - Exchange Message size restrictions must be controlled on Receive connectors. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-AG-000128 - The Juniper SRX Services Gateway Firewall must deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception). | DISA Juniper SRX Services Gateway ALG v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| Latest Patches/Fixes should be installed | TNS IBM HTTP Server Best Practice Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| MD3X-00-000360 - MongoDB must enforce authorized access to all PKI private keys stored/utilized by MongoDB. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| MD3X-00-000760 - MongoDB must maintain the confidentiality and integrity of information during preparation for transmission. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD4X-00-001700 - MongoDB must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 DB | MongoDB | ACCESS CONTROL |
| MD4X-00-006300 - When updates are applied to MongoDB software, any software components that have been replaced or made unnecessary must be removed. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | SYSTEM AND INFORMATION INTEGRITY |
| MD7X-00-003600 MongoDB must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users). | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | MongoDB | IDENTIFICATION AND AUTHENTICATION |
| O19C-00-013900 - Oracle Database must enforce the DOD standards for password complexity. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O121-C2-013900 - The DBMS must support organizational requirements to enforce minimum password length. | DISA STIG Oracle 12c v3r2 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O121-C2-014100 - The DBMS must support organizational requirements to enforce password complexity by the number of uppercase characters used. | DISA STIG Oracle 12c v3r2 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O121-C2-014200 - The DBMS must support organizational requirements to enforce password complexity by the number of lowercase characters used. | DISA STIG Oracle 12c v3r2 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O121-C2-014300 - The DBMS must support organizational requirements to enforce password complexity by the number of numeric characters used. | DISA STIG Oracle 12c v3r2 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O121-C2-014400 - The DBMS must support organizational requirements to enforce password complexity by the number of special characters used. | DISA STIG Oracle 12c v3r2 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| SP13-00-000025 - SharePoint must ensure remote sessions for accessing security functions and security-relevant information are audited. | DISA STIG SharePoint 2013 v2r4 | Windows | ACCESS CONTROL |
| UBTU-24-100310 - Ubuntu 24.04 LTS must enable and run the Uncomplicated Firewall (ufw). | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | ACCESS CONTROL |
