| 2.2 Configure the ESXi host firewall to restrict access to services running on the host | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | ACCESS CONTROL |
| 2.4 Ensure the Status Module Is Disabled | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.4 Ensure the Status Module Is Disabled | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.4 Ensure the Status Module Is Disabled | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.8 Ensure the Info Module Is Disabled | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.8 Ensure the Info Module Is Disabled | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.8 Ensure the Info Module Is Disabled | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 4.4 Ensure Anonymous authentication is denied | CIS Microsoft SharePoint 2019 OS v1.0.0 | Windows | ACCESS CONTROL |
| 4.6 Ensure 'HTTP Trace Method' is disabled - Applications | CIS IIS 7 L1 v1.8.0 | Windows | CONFIGURATION MANAGEMENT |
| 5.4 Ensure Default HTML Content Is Removed - 'Server Status handler does not exist' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 6.2 Ensure FTP Logon attempt restrictions is enabled | CIS IIS 8.0 v1.5.1 Level 1 | Windows | |
| 6.2 Ensure FTP Logon attempt restrictions is enabled - Deny IP Address | CIS IIS 8.0 v1.5.1 Level 1 | Windows | AUDIT AND ACCOUNTABILITY |
| 6.3 Install on a dedicated server | CIS Sybase 15.0 L1 DB v1.1.0 | SybaseDB | |
| 7.3 Ensure the Server's Private Key Is Protected | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | ACCESS CONTROL |
| 12.1 Ensure the AppArmor Framework Is Enabled | CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 12.1 Ensure the AppArmor Framework Is Enabled | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 12.1 Ensure the AppArmor Framework Is Enabled | CIS Apache HTTP Server 2.4 v2.2.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 20.30 Ensure 'FTP servers must be configured to prevent anonymous logons' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.30 Ensure 'FTP servers must be configured to prevent anonymous logons' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.30 Ensure 'FTP servers must be configured to prevent anonymous logons' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.30 Ensure 'FTP servers must be configured to prevent anonymous logons' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.30 Ensure 'FTP servers must be configured to prevent anonymous logons' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000030 - The Apache web server must use cryptography to protect the integrity of remote sessions. | DISA STIG Apache Server 2.4 Unix Server v3r2 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000750 - The Apache web server must generate log records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT) which are stamped at a minimum granularity of one second | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| AS24-U1-000750 - The Apache web server must generate log records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT) which are stamped at a minimum granularity of one second. | DISA STIG Apache Server 2.4 Unix Server v3r2 | Unix | AUDIT AND ACCOUNTABILITY |
| AS24-U2-000580 - The Apache web server document directory must be in a separate partition from the Apache web servers system files. | DISA STIG Apache Server 2.4 Unix Site v2r6 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - ssl_module | DISA STIG Apache Server 2.4 Windows Server v3r3 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-W1-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided - SSLProtocol | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-W1-000760 - The Apache web server must generate log records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT) with a minimum granularity of one second - log_config_module | DISA STIG Apache Server 2.4 Windows Server v3r3 | Windows | AUDIT AND ACCOUNTABILITY |
| AS24-W1-000760 - The Apache web server must generate log records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT) with a minimum granularity of one second - LogFormat %t | DISA STIG Apache Server 2.4 Windows Server v3r3 | Windows | AUDIT AND ACCOUNTABILITY |
| AS24-W1-000760 - The Apache web server must generate log records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT) with a minimum granularity of one second - LogFormat %t | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| DTBI014 - The IE TLS parameter must be set correctly. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO217 - Publishing to a Web Distributed and Authoring (DAV) server must be prevented. | DISA STIG Microsoft Outlook 2013 v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO346 - Untrusted intranet zone access to Project servers must not be allowed. | DISA STIG Microsoft Project 2016 v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| HTTP vs. HTTPS - plaintext | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | CONFIGURATION MANAGEMENT |
| JUSX-DM-000167 - For nonlocal maintenance sessions, the Juniper SRX Services Gateway must explicitly deny the use of J-Web. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | CONFIGURATION MANAGEMENT |
| Logging Directives should be restricted to authorized users. - 'CustomLog logs/access_log combined' | TNS IBM HTTP Server Best Practice | Windows | AUDIT AND ACCOUNTABILITY |
| Logging Directives should be restricted to authorized users. - 'ErrorLog logs/error_log' | TNS IBM HTTP Server Best Practice | Windows | AUDIT AND ACCOUNTABILITY |
| Logging Directives should be restricted to authorized users. - 'LogFormat' | TNS IBM HTTP Server Best Practice | Unix | AUDIT AND ACCOUNTABILITY |
| VCFL-67-000030 - vSphere Client must set the secure flag for cookies. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WA000-WWA054 A22 - Server side includes (SSIs) must run with execution capability disabled - None | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | |
| WA000-WWA054 A22 - Server side includes (SSIs) must run with execution capability disabled - None | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | |
| WA000-WWA054 A22 - Server side includes (SSIs) must run with execution capability disabled - Options None | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | |
| WBLC-01-000009 - Oracle WebLogic must utilize cryptography to protect the confidentiality of remote access management sessions - SSL Listen Port | Oracle WebLogic Server 12c Windows v2r2 | Windows | ACCESS CONTROL |
| WBLC-01-000009 - Oracle WebLogic must utilize cryptography to protect the confidentiality of remote access management sessions - SSL Listen Port | Oracle WebLogic Server 12c Linux v2r2 | Unix | ACCESS CONTROL |
| WBLC-01-000009 - Oracle WebLogic must utilize cryptography to protect the confidentiality of remote access management sessions - SSL Listen Port | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | ACCESS CONTROL |
| WBLC-01-000009 - Oracle WebLogic must utilize cryptography to protect the confidentiality of remote access management sessions - Unsecure Listen Port | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | ACCESS CONTROL |
| WBLC-01-000009 - Oracle WebLogic must utilize cryptography to protect the confidentiality of remote access management sessions - Unsecure Listen Port | Oracle WebLogic Server 12c Windows v2r2 | Windows | ACCESS CONTROL |
| WG340 W22 - A private web server must utilize an approved TLS version. - 'SSLProtocol' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
