| 1.1 Ensure packages are obtained from authorized repositories | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.6 Ensure version 7.2 or newer booted with UEFI have a unique name for the grub superusers account - UEFI must have a unique name for the grub superusers account when booting into single-user mode and maintenance. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| ESXi : config-firewall-access - 'CIM SLP allowed' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'Fault Tolerance blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'gdbserver blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'HBR allowed' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'httpClient blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'syslog blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'VMware vCenter Agent allowed' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'vSphere Web Access allowed' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'WOL allowed' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-ntp | VMWare vSphere 5.X Hardening Guide | VMware | AUDIT AND ACCOUNTABILITY |
| ESXi : disable-esxi-shell | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| ESXi : disable-mob | VMWare vSphere 5.X Hardening Guide | VMware | |
| ESXi : disable-ssh | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| ESXi : enable-ad-auth | VMWare vSphere 5.X Hardening Guide | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXi : enable-nfc-ssl | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : enable-remote-dump | VMWare vSphere 5.X Hardening Guide | VMware | |
| ESXi : remove-authorized-keys | VMWare vSphere 5.X Hardening Guide | VMware | |
| ESXi : remove-revoked-certificates | VMWare vSphere 5.X Hardening Guide | VMware | |
| ESXi : set-dcui-access | VMWare vSphere 5.X Hardening Guide | VMware | |
| ESXi : set-password-complexity | VMWare vSphere 5.X Hardening Guide | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXi : set-shell-timeout | VMWare vSphere 5.X Hardening Guide | VMware | ACCESS CONTROL |
| ESXi : unique-chap-secrets | VMWare vSphere 5.X Hardening Guide | VMware | |
| ESXi : verify-acceptance-level-supported | VMWare vSphere 5.X Hardening Guide | VMware | |
| ESXi : verify-kernel-modules | VMWare vSphere 5.X Hardening Guide | VMware | |
| ESXi : vmdk-zero-out | VMWare vSphere 5.X Hardening Guide | VMware | |
| GEN005260 - X Window System connections not required must be disabled. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| PGS9-00-008000 - PostgreSQL must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to generate and validate cryptographic hashes. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-008200 - PostgreSQL must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owners requirements. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SSO : no-SSO-self-signed-certs | VMWare vSphere 5.X Hardening Guide | VMware | |
| vCenter : apply-os-patches | VMWare vSphere 5.X Hardening Guide | VMware | |
| vCenter : install-with-service-account | VMWare vSphere 5.X Hardening Guide | VMware | |
| vCenter : monitor-admin-assignment | VMWare vSphere 5.X Hardening Guide | VMware | |
| vCenter : remove-revoked-certificates | VMWare vSphere 5.X Hardening Guide | VMware | |
| vCenter : restrict-admin-privilege | VMWare vSphere 5.X Hardening Guide | VMware | |
| vCenter : restrict-network-access | VMWare vSphere 5.X Hardening Guide | VMware | |
| VM : minimize-console-use | VMWare vSphere 5.X Hardening Guide | VMware | |
| VM : minimize-console-VNC-use | VMWare vSphere 5.X Hardening Guide | VMware | |
| VM : secure-guest-os | VMWare vSphere 5.X Hardening Guide | VMware | |
| VM : use-secure-serial-communication | VMWare vSphere 5.X Hardening Guide | VMware | |
| vNetwork : document-pvlans | VMWare vSphere 5.X Hardening Guide | VMware | |
| vNetwork : limit-network-healthcheck | VMWare vSphere 5.X Hardening Guide | VMware | |
| vNetwork : no-vgt-vlan-4095 | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| vNetwork : reject-mac-changes - 'vSwitch' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| VUM : isolate-vum-airgap | VMWare vSphere 5.X Hardening Guide | VMware | |
| VUM : isolate-vum-webserver | VMWare vSphere 5.X Hardening Guide | VMware | |
| VUM : limit-vum-users | VMWare vSphere 5.X Hardening Guide | VMware | |
| VUM : no-vum-self-signed-certs | VMWare vSphere 5.X Hardening Guide | VMware | |
| VUM : patch-vum-os | VMWare vSphere 5.X Hardening Guide | VMware | |
