| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 7 v1.1.0 L1 MongoDB | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 6 v1.2.0 L1 MongoDB | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.2.1 Ensure 'AUDIT_SYS_OPERATIONS' Is Set to 'TRUE' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 2.2.8 Ensure 'REMOTE_OS_ROLES' Is Set to 'FALSE' | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL |
| 2.4 Ensure the SharePoint setup account is configured with the minimum privileges on the SQL server. | CIS Microsoft SharePoint 2019 DB v1.0.0 | MS_SQLDB | |
| 2.5 Ensure the SharePoint setup account is configured with the minimum privileges on the SQL server - db_owner | CIS Microsoft SharePoint 2016 DB v1.1.0 | MS_SQLDB | ACCESS CONTROL |
| 4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2012 Database L1 AWS RDS v1.6.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 4.5 Ensure 'SYS.USER$MIG' Has Been Dropped | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 4.5 Ensure 'SYS.USER$MIG' Has Been Dropped | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Ensure 'SYS.USER$MIG' Has Been Dropped | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Ensure 'SYS.USER$MIG' Has Been Dropped | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 4.5 Ensure 'SYS.USER$MIG' Has Been Dropped | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 4.06 init.ora - 'audit_trail parameter set to OS, DB, DB_EXTENDED, XML, or XML, EXTENDED' | CIS v1.1.0 Oracle 11g OS L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.8 Ensure 'sql_mode' Contains 'STRICT_ALL_TABLES' | CIS MariaDB 10.6 on Linux L2 v1.1.0 | Unix | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12' | CIS Microsoft SQL Server 2019 v1.5.0 L1 Database Engine | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12' | CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDS | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12' | CIS SQL Server 2008 R2 DB OS L1 v1.7.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12' | CIS SQL Server 2012 Database L1 AWS RDS v1.6.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure 'Maximum number of error log files' is set to greater than or equal to '12' | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.1.1.3 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Encryption' Packages | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 5.1.1.3 Ensure 'EXECUTE' is revoked from 'PUBLIC' on 'Encryption' Packages - Encryption Packages | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.1.1.3 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "Encryption" Packages | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.1 Ensure '%ANY%' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.2.2 Ensure 'DBA_SYS_PRIVS.%' Is Revoked from Unauthorized 'GRANTEE' with 'ADMIN_OPTION' Set to 'YES' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 5.2.2 Ensure 'DBA_SYS_PRIVS.%' Is Revoked from Unauthorized 'GRANTEE' with 'ADMIN_OPTION' Set to 'YES' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.2 Ensure 'DBA_SYS_PRIVS.%' Is Revoked from Unauthorized 'GRANTEE' with 'ADMIN_OPTION' Set to 'YES' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.2.2 Ensure 'DBA_SYS_PRIVS.%' Is Revoked from Unauthorized 'GRANTEE' with 'ADMIN_OPTION' Set to 'YES' | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.2.2 Ensure 'DBA_SYS_PRIVS.%' Is Revoked from Unauthorized 'GRANTEE' with 'ADMIN_OPTION' Set to 'YES' | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.11 Ensure 'ALTER SYSTEM' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.3.1 Ensure 'SELECT_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.3.1 Ensure 'SELECT_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.3.1 Ensure 'SELECT_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.3.2 Ensure 'EXECUTE_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.3.2 Ensure 'EXECUTE_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.3.2 Ensure 'EXECUTE_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.3.2 Ensure 'EXECUTE_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.3.3 Ensure 'DBA' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 10.4 Restrict access to the DB2 Activity Monitor utility | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows | Windows | ACCESS CONTROL |
| 20.4 Ensure 'Active Directory Domain Controllers Organizational Unit (OU) object is configured with proper audit settings' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 20.6 Ensure 'Active Directory Group Policy objects are configured with proper audit settings' (STIG DC only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| ALMA-09-005080 - AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-005190 - AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-012230 - AlmaLinux OS 9 must disable the ability of a user to accidentally press Ctrl-Alt-Del and cause a system to shut down or reboot. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-047100 - The audit package must be installed on AlmaLinux OS 9. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-047540 - AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/lastlog. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-049080 - AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /var/log/faillock. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| DB2X-00-010400 - DB2 must generate audit records when security objects are modified | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | AUDIT AND ACCOUNTABILITY |
| MADB-10-005800 - MariaDB and associated applications must reserve the use of dynamic code execution for situations that require it. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | SYSTEM AND INFORMATION INTEGRITY |
| PGS9-00-001900 - PostgreSQL and associated applications must reserve the use of dynamic code execution for situations that require it. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
