| 6.1.15 Ensure the file permissions ownership and group membership of system files and commands match the vendor values | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| AIX7-00-003098 - AIX must allow admins to send a message to all the users who logged in currently. | DISA STIG AIX 7.x v2r9 | Unix | ACCESS CONTROL |
| AIX7-00-003102 - AIX must turn on enhanced Role-Based Access Control (RBAC) to isolate security functions from nonsecurity functions, to grant system privileges to other operating system admins, and prohibit user installation of system software without explicit privileged status. | DISA STIG AIX 7.x v2r9 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| DKER-EE-001170 - A policy set using the built-in role-based access control (RBAC) capabilities in the Universal Control Plane (UCP) component of Docker Enterprise must be configured. | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - repositoryAccess | DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - team member access | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| MD3X-00-000570 - MongoDB must enforce discretionary access control policies, as defined by the data owner, over defined subjects and objects. | DISA STIG MongoDB Enterprise Advanced 3.x v2r2 DB | MongoDB | ACCESS CONTROL |
| O112-C2-003000 - The DBMS must enforce Discretionary Access Control (DAC) policy allowing users to specify and control sharing by named individuals, groups of individuals, or by both, limiting propagation of access rights and includes or excludes access to the granularity of a single user. | DISA STIG Oracle 11.2g v2r4 Database | OracleDB | ACCESS CONTROL |
| O112-C2-006700 - A DBMS utilizing Discretionary Access Control (DAC) must enforce a policy that includes or excludes access to the granularity of a single user. | DISA STIG Oracle 11.2g v2r4 Database | OracleDB | ACCESS CONTROL |
| O121-C2-003000 - The DBMS must enforce Discretionary Access Control (DAC) policy allowing users to specify and control sharing by named individuals, groups of individuals, or by both, limiting propagation of access rights and including or excluding access to the granularity of a single user. | DISA STIG Oracle 12c v2r9 Database | OracleDB | ACCESS CONTROL |
| O121-C2-006600 - Databases utilizing Discretionary Access Control (DAC) must enforce a policy that limits propagation of access rights. | DISA STIG Oracle 12c v2r9 Database | OracleDB | ACCESS CONTROL |
| O121-C2-006700 - A DBMS utilizing Discretionary Access Control (DAC) must enforce a policy that includes or excludes access to the granularity of a single user. | DISA STIG Oracle 12c v2r9 Database | OracleDB | ACCESS CONTROL |
| OL07-00-020020 - The Oracle Linux operating system must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL |
| OL07-00-020210 - The Oracle Linux operating system must enable SELinux. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| PGS9-00-002200 - PostgreSQL must enforce discretionary access control policies, as defined by the data owner, over defined subjects and objects. | DISA STIG PostgreSQL 9.x on RHEL OS v2r4 | Unix | ACCESS CONTROL |
| RHEL-06-000020 - The system must use a Linux Security Module configured to enforce limits on system services. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000023 - The system must use a Linux Security Module configured to limit the privileges of system services. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000025 - All device files must be monitored by the system Linux Security Module. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-07-010010 - The Red Hat Enterprise Linux operating system must be configured so that the file permissions, ownership, and group membership of system files and commands match the vendor values. | DISA Red Hat Enterprise Linux 7 STIG v3r14 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| RHEL-07-020020 - The Red Hat Enterprise Linux operating system must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. | DISA Red Hat Enterprise Linux 7 STIG v3r14 | Unix | ACCESS CONTROL |
| RHEL-07-020210 - The Red Hat Enterprise Linux operating system must enable SELinux. | DISA Red Hat Enterprise Linux 7 STIG v3r14 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-07-020220 - The Red Hat Enterprise Linux operating system must enable the SELinux targeted policy. | DISA Red Hat Enterprise Linux 7 STIG v3r14 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-213030 - RHEL 9 must enable kernel parameters to enforce discretionary access control on hardlinks. | DISA Red Hat Enterprise Linux 9 STIG v1r3 | Unix | ACCESS CONTROL |
| RHEL-09-213035 - RHEL 9 must enable kernel parameters to enforce discretionary access control on symlinks. | DISA Red Hat Enterprise Linux 9 STIG v1r3 | Unix | ACCESS CONTROL |
| SLES-12-010600 - The SUSE operating system Apparmor tool must be configured to control whitelisted applications and user home directory access control. | DISA SLES 12 STIG v2r13 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| SLES-15-010390 - SUSE operating system AppArmor tool must be configured to control whitelisted applications and user home directory access control. | DISA SLES 15 STIG v1r12 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| UBTU-16-010600 - Pam_Apparmor must be configured to allow system administrators to pass information to any other Ubuntu operating system administrator or user, change security attributes, and to confine all non-privileged users from executing functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures - apparmor_status | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | ACCESS CONTROL |
| UBTU-16-010600 - Pam_Apparmor must be configured to allow system administrators to pass information to any other Ubuntu operating system administrator or user, change security attributes, and to confine all non-privileged users from executing functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures - libpam-apparmor | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | ACCESS CONTROL |
| UBTU-18-010437 - Pam_Apparmor must be configured to allow system administrators to pass information to any other Ubuntu operating system administrator or user, change security attributes, and to confine all non-privileged users from executing functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. | DISA STIG Ubuntu 18.04 LTS v2r14 | Unix | ACCESS CONTROL |
| UBTU-20-010439 - The Ubuntu operating system must be configured to use AppArmor. | DISA STIG Ubuntu 20.04 LTS v1r12 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| WN12-GE-000006 - Permissions for system drive root directory (usually C:\) must conform to minimum requirements. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-GE-000007 - Permissions for program file directories must conform to minimum requirements | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-GE-000008 - Permissions for Windows installation directory must conform to minimum requirements. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| WN12-GE-000008 - Permissions for Windows installation directory must conform to minimum requirements. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| WN16-00-000180 - Permissions for the Windows installation directory must conform to minimum requirements. | DISA Windows Server 2016 STIG v2r8 | Windows | ACCESS CONTROL |
| WN19-00-000160 - Windows Server 2019 permissions for the Windows installation directory must conform to minimum requirements. | DISA Windows Server 2019 STIG v2r9 | Windows | ACCESS CONTROL |
