| 1.1.2 Set nodev option for /tmp Partition | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.8 Create Separate Partition for /var/log/audit | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.10 Add nodev Option to /home | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.11 Add nodev Option to Removable Media Partitions | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.16 Add noexec Option to /dev/shm Partition | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.19 Disable Mounting of freevxfs Filesystems - install freevxfs /bin/true' | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.20 Disable Mounting of jffs2 Filesystems - install jffs2 /bin/true' | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.5.3 Set Boot Loader Password | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.6.1 Restrict Core Dumps - * hard core 0' | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.6.4 Enable XD/NX Support on 32-bit x86 Systems - cpuinfo | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.1.3 Remove rsh-server | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.5 Remove NIS Client | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.14 Disable daytime-dgram | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.6 Restrict Published Information (if publishing is required) - publish-address=no | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.8 Disable NFS and RPC - rpcgssd | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.9 Remove DNS Server | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.2.1 Disable Source Routed Packet Acceptance - net.ipv4.conf.all.accept_source_route = 0 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.2.1 Disable Source Routed Packet Acceptance - net.ipv4.conf.default.accept_source_route = 0 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.2.5 Enable Ignore Broadcast Requests - net.ipv4.icmp_echo_ignore_broadcasts = 1 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.2.8 Enable TCP SYN Cookies - net.ipv4.tcp_syncookies = 1 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.4.2 Disable IPv6 - options ipv6 disable=1 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.5.1 Install TCP Wrappers | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5.5 Verify Permissions on /etc/hosts.deny | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.2 Create and Set Permissions on syslog Log Files - /var/log/syslog | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 5.2.4 Create and Set Permissions on rsyslog Log Files - /var/log/daemon.log | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.4 Configure logrotate - '/var/log/maillog' | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.4 Configure logrotate - '/var/log/messages' | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.7 Set User/Group Owner and Permission on /etc/cron.weekly | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 6.1.10 Restrict at/cron to Authorized Users - at.deny | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 7.3 Set Default Group for root Account | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 8.1.2 Remove OS Information from Login Warning Banners - /etc/issue.net | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 8.1.2 Remove OS Information from Login Warning Banners - /etc/motd | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 9.1.4 Verify Permissions on /etc/gshadow | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 9.2.2 Verify No Legacy '+' Entries Exist in /etc/passwd File - + Entries Exist in /etc/passwd File | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 9.2.3 Verify No Legacy '+' Entries Exist in /etc/shadow File - + Entries Exist in /etc/shadow File | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 9.2.6 Ensure root PATH Integrity | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 9.2.7 Check Permissions on User Home Directories | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 9.2.15 Check for Duplicate GIDs | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 9.2.17 Check for Duplicate User Names | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 9.2.20 Check for Presence of User .forward Files | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000344 - The system default umask in /etc/profile must be 077. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000347 - There must be no .netrc files on the system. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000348 - The FTPS/FTP service on the system must be configured with the Department of Defense (DoD) login banner. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000356 - The system must require administrator action to unlock an account locked by excessive failed login attempts - 'password-auth auth [default=die]' | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000356 - The system must require administrator action to unlock an account locked by excessive failed login attempts - 'system-auth auth [default=die]' | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000385 - Audit log directories must have mode 0755 or less permissive. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000521 - The mail system must forward all mail for root to one or more system administrators. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000529 - The sudo command must require authentication - /etc/sudoers.d/* !authenticate | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-020050 - The Red Hat Enterprise Linux operating system must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-040500 - The Red Hat Enterprise Linux operating system must, for networked systems, synchronize clocks with a server that is synchronized to one of the redundant United States Naval Observatory (USNO) time servers, a time server designated for the appropriate DoD network (NIPRNet/SIPRNet), and/or the Global Positioning System (GPS). | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY |
