| 1.5.2.2 Limit Login Attempts | CIS HPE Aruba Networking CX Switch v1.0.1 L2 | ArubaOS | ACCESS CONTROL |
| 1.264 OL08-00-030580 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 3.2 Ensure that role-based access control is enabled and configured appropriately | CIS MongoDB 8 v1.0.0 L1 MongoDB | MongoDB | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure that role-based access control is enabled and configured appropriately | CIS MongoDB 6 v1.2.0 L1 MongoDB | MongoDB | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure that role-based access control is enabled and configured appropriately - roles | CIS MongoDB 5 L1 DB v1.2.0 | MongoDB | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure that role-based access control is enabled and configured appropriately - users | CIS MongoDB 4 L1 DB v1.0.0 | MongoDB | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.2 Ensure that role-based access control is enabled and configured appropriately - users | CIS MongoDB 5 L1 DB v1.2.0 | MongoDB | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Avoid non-default bindings to system:unauthenticated | CIS Google Kubernetes Engine GKE v1.9.0 L1 GCP | GCP | ACCESS CONTROL |
| 5.1 Do not disable AppArmor Profile | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | ACCESS CONTROL |
| 5.2 Ensure that, if applicable, an AppArmor Profile is enabled | CIS Docker v1.8.0 L1 OS Linux | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 9.19 Check for Presence of User .netrc Files | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.19 Check for Presence of User .netrc Files | CIS Solaris 11.2 L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 9.20 Check for Presence of User .forward Files | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.20 Check for Presence of User .forward Files | CIS Solaris 11.2 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.20 Check for Presence of User .netrc Files | CIS Solaris 11.1 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 9.21 Check for Presence of User .forward Files | CIS Solaris 11 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-018720 - The firewalld service on AlmaLinux OS 9 must be active. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| ALMA-09-031700 - AlmaLinux OS 9 must have the firewalld package installed. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| ALMA-09-047100 - The audit package must be installed on AlmaLinux OS 9. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| AZLX-23-001040 - Amazon Linux 2023 must have the rsyslog package installed. | DISA Amazon Linux 2023 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| AZLX-23-001280 - Amazon Linux 2023 must enable FIPS mode. | DISA Amazon Linux 2023 STIG v1r2 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| Buffer overflow protection should be configured 'LimitRequestline' | TNS IBM HTTP Server Best Practice Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| CGI-BIN directory should be disabled. 'Addmodule mod_cgi.c' | TNS IBM HTTP Server Best Practice Middleware | Unix | CONFIGURATION MANAGEMENT |
| CGI-BIN directory should be disabled. 'Directory' | TNS IBM HTTP Server Best Practice Middleware | Unix | CONFIGURATION MANAGEMENT |
| CGI-BIN directory should be disabled. 'LoadModule cgi_module' | TNS IBM HTTP Server Best Practice Middleware | Unix | CONFIGURATION MANAGEMENT |
| Configuration files should be secured against unauthorized access. | TNS IBM HTTP Server Best Practice Middleware | Unix | |
| DISA_STIG_Cloud_Linux_AlmaLinux_OS_9_v1r6.audit from DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | |
| Encryption protocols such as https should be used | TNS IBM HTTP Server Best Practice Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| HTTP TRACE method should be disabled. 'RewriteEngine' | TNS IBM HTTP Server Best Practice Middleware | Unix | CONFIGURATION MANAGEMENT |
| HTTP TRACE method should be disabled. 'RewriteLogLevel' | TNS IBM HTTP Server Best Practice Middleware | Unix | CONFIGURATION MANAGEMENT |
| Keep Alive setting parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Logs containing auditing information should be secured at the directory level. | TNS IBM HTTP Server Best Practice Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| MaxKeepAliveRequests parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MaxSpareServers parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD3X-00-000270 - The role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (stored procedures, functions, triggers, links to software external to MongoDB, etc.) must be restricted to authorized users. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 DB | MongoDB | CONFIGURATION MANAGEMENT |
| MD3X-00-000330 - If passwords are used for authentication, MongoDB must store only hashed, salted representations of passwords. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| MD4X-00-000300 - MongoDB must protect its audit features from unauthorized access. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | AUDIT AND ACCOUNTABILITY |
| MD4X-00-001600 - MongoDB must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | ACCESS CONTROL |
| MD4X-00-001700 - MongoDB must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 DB | MongoDB | ACCESS CONTROL |
| MD7X-00-003600 MongoDB must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users). | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | MongoDB | IDENTIFICATION AND AUTHENTICATION |
| MD7X-00-009200 Security-relevant software updates to MongoDB must be installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs). | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| MD8X-00-002800 - The role(s)/group(s) used to modify database structure (including but not necessarily limited to tables, indexes, storage, etc.) and logic modules (stored procedures, functions, triggers, links to software external to MongoDB, etc.) must be restricted to authorized users. | DISA MongoDB Enterprise Advanced 8.x STIG v1r1 MongoDB | MongoDB | CONFIGURATION MANAGEMENT |
| MD8X-00-006800 - MongoDB must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements. | DISA MongoDB Enterprise Advanced 8.x STIG v1r1 MongoDB | MongoDB | AUDIT AND ACCOUNTABILITY |
| Non-Essential modules should be disabled. 'mod_userdir' | TNS IBM HTTP Server Best Practice Middleware | Unix | CONFIGURATION MANAGEMENT |
| O19C-00-013900 - Oracle Database must enforce the DOD standards for password complexity. | DISA Oracle Database 19c STIG v1r3 OracleDB | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O121-C2-013900 - The DBMS must support organizational requirements to enforce minimum password length. | DISA Oracle Database 12c STIG v3r5 OracleDB | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O121-C2-014100 - The DBMS must support organizational requirements to enforce password complexity by the number of uppercase characters used. | DISA Oracle Database 12c STIG v3r5 OracleDB | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-000220 - OL 9 must have the firewalld package installed. | DISA Oracle Linux 9 STIG v1r5 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| RHEL-09-251015 - The firewalld service on RHEL 9 must be active. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| StartServers parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
