| 1.3 Disable MySQL Command History | CIS MySQL 5.7 Community Windows OS L2 v2.0.0 | Windows | MEDIA PROTECTION |
| 2.2.4 Ensure telnet client is not installed | CIS SUSE Linux Enterprise 15 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.4 Ensure telnet client is not installed | CIS Rocky Linux 9 v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.2.4 Ensure telnet client is not installed | CIS AlmaLinux OS 9 v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.2.18 Ensure nfs-utils is not installed or the nfs-server service is masked | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.18 Ensure nfs-utils is not installed or the nfs-server service is masked | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.18 Ensure nfs-utils is not installed or the nfs-server service is masked | CIS Fedora 28 Family Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.1 Ensure telnet client is not installed | CIS Amazon Linux 2023 Server L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.2 Ensure rsh client is not installed | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.3.2 Ensure rsh client is not installed - rsh-client | CIS Debian 9 Workstation L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.3.2 Ensure rsh client is not installed - rsh-client | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.3.2 Ensure rsh client is not installed - rsh-redone-client | CIS Debian 9 Workstation L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.3.2 Ensure rsh client is not installed - rsh-redone-client | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.3.4 Ensure telnet client is not installed | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.4 Ensure telnet client is not installed | CIS Fedora 28 Family Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.4 Ensure telnet client is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.3.4 Ensure telnet client is not installed | CIS Oracle Linux 8 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.4 Ensure telnet client is not installed | CIS Red Hat EL8 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.4 Ensure telnet client is not installed | CIS Rocky Linux 8 Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.4 Ensure telnet client is not installed | CIS AlmaLinux OS 8 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.4 Ensure telnet client is not installed | CIS Rocky Linux 8 Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.4 Ensure telnet client is not installed | CIS SUSE Linux Enterprise 12 v3.2.1 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.3.4 Ensure telnet client is not installed | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.4.4 Set 'ip tftp source-interface' to the Loopback Interface | CIS Cisco IOS XE 16.x v2.1.0 L2 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| 2.4.4 Set 'ip tftp source-interface' to the Loopback Interface | CIS Cisco IOS XE 17.x v2.2.0 L1 | Cisco | CONFIGURATION MANAGEMENT |
| 5.4.5 Ensure system-auth is used when changing passwords | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| DKER-EE-001090 - The host operating systems auditing policies for the Docker Engine - Enterprise component of Docker Enterprise must be set - docker paths | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| DKER-EE-001090 - The host operating systems auditing policies for the Docker Engine - Enterprise component of Docker Enterprise must be set - docker services | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-011 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner maximum scan time must not be less than 45 seconds - default.scanMaxTmo | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-011 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner maximum scan time must not be less than 45 seconds - scanMaxTmo | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-014 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Move infected files to the quarantine directory if first action fails when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-016 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Move infected files to the quarantine directory if first action fails when programs and jokes are found. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - includeOdsTasks | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - jokesAlert | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - programsAlert | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - SMTP host | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - SMTP port | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - SMTP recipients | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - SMTP sender | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - trojansAlert | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - VirusDetected | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| IBM i : Auditing End Action (QAUDENDACN) - '*NOTIFY or *PWRDWNSYS' | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | AUDIT AND ACCOUNTABILITY |
| IBM i : Auditing End Action (QAUDENDACN) - '*NOTIFY or *PWRDWNSYS' | IBM System i Security Reference for V7R2 | AS/400 | AUDIT AND ACCOUNTABILITY |
| IBM i : Auditing End Action (QAUDENDACN) - '*NOTIFY or *PWRDWNSYS' | IBM System i Security Reference for V7R3 | AS/400 | AUDIT AND ACCOUNTABILITY |
| IBM i : Automatic Configuration of Virtual Devices (QAUTOVRT) - '0' | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | SYSTEM AND COMMUNICATIONS PROTECTION |
| IBM i : Disconnected Job Time-Out Interval (QDSCJOBITV) - '<=120' | IBM System i Security Reference for V7R2 | AS/400 | ACCESS CONTROL |
| IBM i : Password Expiration Interval (QPWDEXPITV) - '30 to 90' | IBM System i Security Reference for V7R3 | AS/400 | IDENTIFICATION AND AUTHENTICATION |
| IBM i : Secure Sockets Layer (SSL) protocols (QSSLPCL) - '*OPSYS' | IBM System i Security Reference for V7R1 and V6R1 | AS/400 | SYSTEM AND COMMUNICATIONS PROTECTION |
| IBM i : Secure Sockets Layer (SSL) protocols (QSSLPCL) - '*OPSYS' | IBM System i Security Reference for V7R2 | AS/400 | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-07-030210 - The Red Hat Enterprise Linux operating system must take appropriate action when the remote logging buffer is full. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY |
