| 1.1.24 Disable Mounting of udf Filesystems - lsmod | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.3.2 Implement Periodic Execution of File Integrity - 0 5 * * * /usr/sbin/aide --check' | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.4.3 Set the SELinux Policy - SELINUXTYPE=targeted | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | ACCESS CONTROL |
| 1.4.6 Check for Unconfined Daemons | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.3 Remove X Windows - /etc/inittab- id:3:initdefault: | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.3 Remove X Windows - X Window System | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.8 Disable NFS and RPC - nfslock | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.9 Remove DNS Server | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.2.4 Log Suspicious Packets - net.ipv4.conf.all.log_martians = 1 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.2.5 Enable Ignore Broadcast Requests - net.ipv4.icmp_echo_ignore_broadcasts = 1 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.2.8 Enable TCP SYN Cookies - net.ipv4.tcp_syncookies = 1 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.4.1.2 Disable IPv6 Redirect Acceptance - net.ipv6.conf.default.accept_redirect = 0 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.5.5 Verify Permissions on /etc/hosts.deny | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.6.2 Disable SCTP | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 5.1.2 Create and Set Permissions on syslog Log Files - /var/log/unused.log | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 5.2.3 Configure /etc/rsyslog.conf - lpr,news,uucp,local0,local1,local2,local3,local4,local5,local6 /var/log/unused.log | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.4 Create and Set Permissions on rsyslog Log Files - /var/log/unused.log | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3.1.2 Disable System on Audit Log Full - space_left_action | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3.1.3 Keep All Auditing Information | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3.4 Enable Auditing for Processes That Start Prior to auditd | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3.7 Record Events That Modify the System's Network Environment - arch=b32 -S sethostname | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.9 Collect Login and Logout Events - /var/log/btmp | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.3.9 Collect Login and Logout Events - /var/log/tallylog | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.3.10 Collect Session Initiation Information - /var/run/utmp | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.3.12 Collect Unsuccessful Unauthorized Access Attempts to Files - arch=b32 EPERM | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3.15 Collect File Deletion Events by User - arch=b32 | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3.17 Collect System Administrator Actions (sudolog) | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.19 Make the Audit Configuration Immutable - -e 2 | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.4 Configure logrotate - '/var/log/boot.log' | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.4 Configure logrotate - '/var/log/messages' | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.4 Configure logrotate - '/var/log/spooler' | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.2 Enable cron Daemon | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 6.1.5 Set User/Group Owner and Permission on /etc/cron.hourly | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 6.2.2 Set LogLevel to INFO | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3 Set Permissions on /etc/ssh/sshd_config | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 6.2.6 Set SSH IgnoreRhosts to Yes | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.8 Disable SSH Root Login | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 6.2.15 Enable SSH UsePrivilegeSeparation - UsePrivilegeSeparation yes | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 6.3.3 Use pam_deny.so to Deny Services - include system-auth | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 7.1.2 Set Password Change Minimum Number of Days - 7+ | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.1.3 Set Password Expiring Warning Days - PASS_WARN_AGE >= 7 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 8.1.2 Remove OS Information from Login Warning Banners - /etc/issue | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 8.1.2 Remove OS Information from Login Warning Banners - /etc/issue.net | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 8.2 Set GNOME Warning Banner | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 9.1.4 Verify Permissions on /etc/gshadow | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 9.1.8 Verify User/Group Ownership on /etc/gshadow | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 9.2.12 Check That Users Are Assigned Valid Home Directories | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 9.2.17 Check for Duplicate User Names | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 9.2.18 Check for Duplicate Group Names | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 9.2.19 Check for Presence of User .netrc Files | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
