Item Search

NameAudit NamePluginCategory
2.2.8 Ensure 'REMOTE_OS_ROLES' Is Set to 'FALSE'CIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL

2.2.16 Ensure 'SQL92_SECURITY' Is Set to 'TRUE'CIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

2.2.18 Ensure 'RESOURCE_LIMIT' Is Set to 'TRUE'CIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

ACCESS CONTROL

2.2.18 Ensure 'RESOURCE_LIMIT' Is Set to 'TRUE'CIS Oracle Server 12c DB Traditional Auditing v3.0.0OracleDB

ACCESS CONTROL

2.3.7 Ensure 'REMOTE_OS_ROLES' Is Set To 'FALSE'CIS Oracle Database 23ai v1.0.0 L1 RDBMSOracleDB

ACCESS CONTROL

2.4 Enable network password encryptionCIS Sybase 15.0 L1 DB v1.1.0SybaseDB

IDENTIFICATION AND AUTHENTICATION

2.17 Ensure 'clr strict security' Server Configuration Option is set to '1'CIS SQL Server 2022 Database L1 DB v1.1.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

2.17 Ensure 'clr strict security' Server Configuration Option is set to '1'CIS SQL Server 2022 Database L1 AWS RDS v1.1.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

2.18 Ensure 'clr strict security' Server Configuration Option is set to '1'CIS SQL Server 2017 Database L1 AWS RDS v1.3.0MS_SQLDB

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

3.1 Ensure 'Server Authentication' Property is set to 'Windows Authentication Mode'CIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

ACCESS CONTROL

4.2 Ensure 'CHECK_EXPIRATION' Option is set to 'ON' for All SQL Authenticated Logins Within the Sysadmin RoleCIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

ACCESS CONTROL

4.2 Ensure 'CHECK_EXPIRATION' Option is set to 'ON' for All SQL Authenticated Logins Within the Sysadmin RoleCIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

ACCESS CONTROL

4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated LoginsCIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

IDENTIFICATION AND AUTHENTICATION

4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated LoginsCIS SQL Server 2012 Database L1 DB v1.6.0MS_SQLDB

IDENTIFICATION AND AUTHENTICATION

4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated LoginsCIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDSMS_SQLDB

IDENTIFICATION AND AUTHENTICATION

4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated LoginsCIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

IDENTIFICATION AND AUTHENTICATION

5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12'CIS SQL Server 2008 R2 DB Engine L1 v1.7.0MS_SQLDB

AUDIT AND ACCOUNTABILITY

5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12'CIS SQL Server 2014 Database L1 DB v1.5.0MS_SQLDB

AUDIT AND ACCOUNTABILITY

5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12'CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDSMS_SQLDB

AUDIT AND ACCOUNTABILITY

5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12'CIS Microsoft SQL Server 2019 v1.5.0 L1 Database EngineMS_SQLDB

AUDIT AND ACCOUNTABILITY

5.1.1.7 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'DBMS_CREDENTIAL' PackageCIS Oracle Server 18c DB Unified Auditing v1.1.0OracleDB

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

5.1.1.7 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "DBMS_CREDENTIAL" PackageCIS Oracle Server 19c DB Unified Auditing v1.2.0OracleDB

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

5.1.1.7 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "DBMS_CREDENTIAL" PackageCIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY

5.2.2 Ensure 'DBA_SYS_PRIVS.%' Is Revoked from Unauthorized 'GRANTEE' with 'ADMIN_OPTION' Set to 'YES'CIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

ACCESS CONTROL

5.2.5 Ensure 'SELECT ANY DICTIONARY' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 12c DB Unified Auditing v3.0.0OracleDB

ACCESS CONTROL

5.3.1 Ensure 'SELECT_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE'CIS Oracle Server 19c DB Traditional Auditing v1.2.0OracleDB

ACCESS CONTROL, MEDIA PROTECTION

6.1.1 Ensure That a MySQL Database Instance Does Not Allow Anyone To Connect With Administrative PrivilegesCIS Google Cloud Platform v3.0.0 L1GCP

IDENTIFICATION AND AUTHENTICATION

7.1.2.7 Ensure that Activity Log Alert exists for Create or Update SQL Server Firewall RuleCIS Microsoft Azure Foundations v4.0.0 L1microsoft_azure

AUDIT AND ACCOUNTABILITY

10.4 Restrict access to the DB2 Activity Monitor utilityCIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS WindowsWindows

ACCESS CONTROL

20.2 Ensure 'Active Directory AdminSDHolder object is configured with proper audit settings' (STIG DC only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL

20.4 Ensure 'Active Directory Domain Controllers Organizational Unit (OU) object is configured with proper audit settings' (STIG DC only)CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DCWindows

ACCESS CONTROL

20.4 Ensure 'Active Directory Domain Controllers Organizational Unit (OU) object is configured with proper audit settings' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

20.9 Ensure 'Active Directory RID Manager$ object is configured with proper audit settings' (STIG DC only)CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

20.9 Ensure 'Active Directory RID Manager$ object is configured with proper audit settings' (STIG DC only)CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DCWindows

AUDIT AND ACCOUNTABILITY

ALMA-09-046770 - AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/tallylog.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

AUDIT AND ACCOUNTABILITY, MAINTENANCE

DB2X-00-002500 - DB2 must protect its audit features from unauthorized accessDISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

AUDIT AND ACCOUNTABILITY

DB2X-00-002600 - DB2 must protect its audit configuration from unauthorized modificationDISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

AUDIT AND ACCOUNTABILITY

EP11-00-008700 - The EDB Postgres Advanced Server must disable network functions, ports, protocols, and services deemed by the organization to be nonsecure, in accord with the Ports, Protocols, and Services Management (PPSM) guidance.EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4Windows

CONFIGURATION MANAGEMENT

MADB-10-006900 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.DISA MariaDB Enterprise 10.x v2r3 DBMySQLDB

ACCESS CONTROL

MD3X-00-000500 - MongoDB and associated applications must reserve the use of dynamic code execution for situations that require it.DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OSUnix

SYSTEM AND INFORMATION INTEGRITY

MD4X-00-001000 - MongoDB and associated applications must reserve the use of dynamic code execution for situations that require it.DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OSUnix

SYSTEM AND INFORMATION INTEGRITY

O121-C2-008300 - The system must provide a real-time alert when organization-defined audit failure events occur.DISA STIG Oracle 12c v3r2 DatabaseOracleDB

AUDIT AND ACCOUNTABILITY

O121-C2-012900 - The DBMS must use multifactor authentication for access to user accounts.DISA STIG Oracle 12c v3r2 LinuxUnix

IDENTIFICATION AND AUTHENTICATION

O121-C2-012900 - The DBMS must use multifactor authentication for access to user accounts.DISA STIG Oracle 12c v3r2 WindowsWindows

IDENTIFICATION AND AUTHENTICATION

PPS9-00-002300 - The EDB Postgres Advanced Server must by default shut down upon audit failure, to include the unavailability of space for more audit log records; or must be configurable to shut down upon audit failure.EDB PostgreSQL Advanced Server OS Linux Audit v2r3Unix

AUDIT AND ACCOUNTABILITY

SP13-00-000175 - The SharePoint setup account must be configured with the minimum privileges on the SQL server.DISA STIG SharePoint 2013 v2r4Windows

CONFIGURATION MANAGEMENT

SQL2-00-002200 - SQL Server must enforce non-DAC policies over users and resources where the policy rule set for each policy specifies access control information (i.e., position, nationality, age, project, time of day) - 'server permissions'DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

ACCESS CONTROL

SQL2-00-015300 - SQL Server must monitor for security-relevant configuration settings to discover unauthorized changes.DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

CONFIGURATION MANAGEMENT

SQL2-00-017000 - Unused database components that are integrated in SQL Server and cannot be uninstalled must be disabled.DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

CONFIGURATION MANAGEMENT

SQL2-00-017200 - Access to xp_cmdshell must be disabled.DISA STIG SQL Server 2012 DB Instance Security v1r20MS_SQLDB

CONFIGURATION MANAGEMENT