| 1.6.4 Configure NTP Authentication | CIS Cisco NX-OS v1.2.0 L2 | Cisco | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 1.7.2 Disable iPXE (Pre-boot eXecution Environment) | CIS Cisco NX-OS v1.2.0 L2 | Cisco | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 2.3 Ensure 'Protect RE' Firewall filter includes Rate-Limiting for Management Services terms | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.7 Ensure internal sources are blocked on external networks | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 3.1.4.2 Create and use a single Loopback Address for Routing Protocol Peering | CIS Cisco NX-OS v1.2.0 L2 | Cisco | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.1.4.3 Use Unicast Routing Protocols Only | CIS Cisco NX-OS v1.2.0 L2 | Cisco | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.2.2 Ensure authentication-type is set to MD5 | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 3.4.2 Configure CDP | CIS Cisco NX-OS v1.2.0 L2 | Cisco | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.8 Disable NFS and RPC - nfslock | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.8 Disable NFS and RPC - portmap | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.9.1 Ensure Secure Neighbor Discovery is configured | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 4.12.1 Ensure LLDP is Disabled if not Required | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | CONFIGURATION MANAGEMENT |
| 5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12' | CIS SQL Server 2016 Database L1 DB v1.4.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12' | CIS SQL Server 2017 Database L1 DB v1.3.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12' | CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDS | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.5 Ensure SNMP Write Access is not set | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.6 Ensure AES128 is set for all SNMPv3 users | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.7 Ensure SHA1 is set for SNMPv3 authentication | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 5.9 Ensure SNMP is set to OOB management only | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.2.2 Ensure at least one SCP Archive Site is configured | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | CONTINGENCY PLANNING |
| 6.7.3 Ensure NTP Boot-Server is set | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | AUDIT AND ACCOUNTABILITY |
| 6.7.5 Ensure Authentication Keys are used for all NTP Servers | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 6.10.1.10 Ensure Only Suite B Key Exchange Methods are set for SSH - key-exchange restriction | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 6.10.1.13 Ensure SSH Key Authentication is Disabled | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 6.10.2.3 Ensure Web-Management is Set to use PKI Certificate for HTTPS | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| 6.10.2.7 Ensure Web-Management Interface Restriction is set to OOB Management | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.10.3.3 Ensure XNM-SSL Rate Limit is Set | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 6.15 Ensure Multicast Echo is Set to Disabled | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| 7.3 Ensure strong authentication is utilized for all accounts | CIS MariaDB 10.6 Database L1 v1.1.0 | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 9.1.1 Verify System File Permissions | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | ACCESS CONTROL |
| ALMA-09-002770 - AlmaLinux OS 9 must log SSH connection attempts and failures to the server. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| ALMA-09-003100 - AlmaLinux OS 9 must implement DOD-approved encryption ciphers to protect the confidentiality of SSH client connections. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| ALMA-09-012010 - AlmaLinux OS 9 cron configuration directories must have a mode of 0700 or less permissive. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-028510 - AlmaLinux OS 9 must disable remote management of the chrony daemon. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-034340 - AlmaLinux OS 9 must use the CAC smart card driver. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| CIS Amazon Linux Benchmark Level 1 | CIS Amazon Linux v2.1.0 L1 | Unix | |
| CIS Amazon Linux Benchmark Level 2 | CIS Amazon Linux v2.1.0 L2 | Unix | |
| CIS Control 10 (10.4) Protect Backups | CAS Implementation Group 1 Audit File | Unix | CONTINGENCY PLANNING |
| CIS DNS BIND 9.0 - 9.5 v2.0.0 | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | |
| CIS_IBM_DB2_9_v3.0.1_Level_2_OS_Linux.audit from CIS DB2 9 Linux | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 OS Linux | Unix | |
| CIS_Kubernetes_v1.10.0_Level_2_Master.audit from CIS Kubernetes Benchmark v1.10.0 | CIS Kubernetes v1.10.0 L2 Master | Unix | |
| CIS_MariaDB_10.6_Benchmark_v1.1.0_L1_Linux_OS.audit from CIS MariaDB 10.6 Benchmark | CIS MariaDB 10.6 on Linux L1 v1.1.0 | Unix | |
| CIS_MariaDB_10.6_Benchmark_v1.1.0_L2_Database.audit from CIS MariaDB 10.6 Benchmark | CIS MariaDB 10.6 Database L2 v1.1.0 | MySQLDB | |
| CIS_NGINX_v2.1.0_Level_1_Loadbalancer.audit from CIS NGINX Benchmark v2.1.0 | CIS NGINX Benchmark v2.1.0 L1 Loadbalancer | Unix | |
| CIS_NGINX_v2.1.0_Level_1_Proxy.audit from CIS NGINX Benchmark v2.1.0 | CIS NGINX Benchmark v2.1.0 L1 Proxy | Unix | |
| CIS_NGINX_v2.1.0_Level_1_Webserver.audit from CIS NGINX Benchmark v2.1.0 | CIS NGINX Benchmark v2.1.0 L1 Webserver | Unix | |
| CIS_NGINX_v2.1.0_Level_2_Loadbalancer.audit from CIS NGINX Benchmark v2.1.0 | CIS NGINX Benchmark v2.1.0 L2 Loadbalancer | Unix | |
| CIS_NGINX_v2.1.0_Level_2_Webserver.audit from CIS NGINX Benchmark v2.1.0 | CIS NGINX Benchmark v2.1.0 L2 Webserver | Unix | |
| O112-OS-011200 - The OS must limit privileges to change the DBMS software resident within software libraries (including privileged programs). | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | CONFIGURATION MANAGEMENT |
| WG205 W22 - The web document (home) directory must be in a separate partition from the web server's system files. - 'ErrorLog' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | AUDIT AND ACCOUNTABILITY |
