| AIX7-00-002146 - The AIX /etc/syslog.conf file must have a mode of 0640 or less permissive. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002001 - The macOS system must be configured to disable SMB File Sharing unless it is required. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002050 - The macOS system must disable the Screen Sharing feature. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002068 - The macOS system must set permissions on user home directories to prevent users from having access to read or modify another user's files - User directory groups | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002068 - The macOS system must set permissions on user home directories to prevent users from having access to read or modify another user's files - User subdirectory Public Access Control Lists | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-003051 - The macOS system must be configured so that the su command requires smart card authentication. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-004001 - The macOS system must be configured with system log files owned by root and group-owned by wheel or admin - asl | DISA STIG Apple macOS 11 v1r8 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| CNTR-K8-000950 - The Kubernetes etcd must enforce ports, protocols, and services (PPS) that adhere to the Ports, Protocols, and Services Management Category Assurance List (PPSM CAL). | DISA STIG Kubernetes v2r2 | Unix | CONFIGURATION MANAGEMENT |
| CNTR-K8-001410 - Kubernetes API Server must have the SSL Certificate Authority set. | DISA STIG Kubernetes v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-001430 - Kubernetes Controller Manager must have the SSL Certificate Authority set. | DISA STIG Kubernetes v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-001470 - Kubernetes Kubelet must enable tlsCertFile for client authentication to secure service. | DISA STIG Kubernetes v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-001530 - Kubernetes etcd must have a key file for secure communication. | DISA STIG Kubernetes v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-001540 - Kubernetes etcd must have peer-cert-file set for secure communication. | DISA STIG Kubernetes v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-003330 - The Kubernetes PKI CRT must have file permissions set to 644 or more restrictive. | DISA STIG Kubernetes v2r2 | Unix | CONFIGURATION MANAGEMENT |
| Configuring an automatic logout for idle sessions - Console Sessions | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring CIDR Network Addresses for the BIG-IP packet filter - Unhandled Packet Action | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring the BIG-IP system to exclude inode information from Etags | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| MYS8-00-000300 - MySQL Database Server 8.0 must produce audit records containing sufficient information to establish what type of events occurred. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-001400 - The audit information produced by the MySQL Database Server 8.0 must be protected from unauthorized deletion. | DISA Oracle MySQL 8.0 v2r2 OS Linux | Unix | AUDIT AND ACCOUNTABILITY |
| MYS8-00-001500 - The MySQL Database Server 8.0 must protect against a user falsely repudiating having performed organization-defined actions. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-001600 - The MySQL Database Server 8.0 must be configured to provide audit record generation capability for DoD-defined auditable events within all database components. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-001700 - The MySQL Database Server 8.0 must allow only the Information System Security Manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-001900 - The MySQL Database Server 8.0 must be able to generate audit records when unsuccessful attempts to retrieve privileges/permissions occur. | DISA Oracle MySQL 8.0 v2r2 OS Linux | Unix | AUDIT AND ACCOUNTABILITY |
| MYS8-00-002000 - The MySQL Database Server 8.0 must be able to generate audit records when security objects are accessed. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-002300 - The MySQL Database Server 8.0 must generate audit records when unsuccessful attempts to access categories of information (e.g., classification levels/security levels) occur. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-002800 - The MySQL Database Server 8.0 must generate audit records when security objects are modified. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-003300 - The MySQL Database Server 8.0 must generate audit records when unsuccessful attempts to delete privileges/permissions occur. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-003500 - The MySQL Database Server 8.0 must generate audit records when unsuccessful attempts to delete security objects occur. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-003600 - The MySQL Database Server 8.0 must generate audit records when categories of information (e.g., classification levels/security levels) are deleted. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-003800 - The MySQL Database Server 8.0 must generate audit records when successful logons or connections occur. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-011000 - The MySQL Database Server 8.0 must associate organization-defined types of security labels having organization-defined security label values with information in transmission. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | ACCESS CONTROL |
| MYS8-00-011800 - The MySQL Database Server 8.0 must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owner's requirements. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SLES-15-010010 - Vendor-packaged SUSE operating system security patches and updates must be installed and up to date. | DISA SLES 15 STIG v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| SLES-15-010120 - The SUSE operating system must initiate a session lock after a 15-minute period of inactivity for the graphical user interface (GUI). | DISA SLES 15 STIG v2r2 | Unix | ACCESS CONTROL |
| SLES-15-010130 - The SUSE operating system must initiate a session lock after a 10-minute period of inactivity. | DISA SLES 15 STIG v2r2 | Unix | ACCESS CONTROL |
| SLES-15-010300 - The sticky bit must be set on all SUSE operating system world-writable directories. | DISA SLES 15 STIG v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SLES-15-020120 - The SUSE operating system must display the date and time of the last successful account logon upon an SSH logon. | DISA SLES 15 STIG v2r2 | Unix | ACCESS CONTROL |
| SLES-15-020290 - The SUSE operating system must prevent the use of dictionary words for passwords. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-030570 - The Information System Security Officer (ISSO) and System Administrator (SA), at a minimum, must be alerted of a SUSE operating system audit processing failure event. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-15-030780 - The SUSE operating system must generate audit records for the /var/log/btmp file. | DISA SLES 15 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-15-030820 - The SUSE operating system must not disable syscall auditing. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040080 - All SUSE operating system local interactive user home directories defined in the /etc/passwd file must exist. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040090 - All SUSE operating system local interactive user home directories must have mode 0750 or less permissive. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040220 - The SUSE operating system must be configured to not overwrite Pluggable Authentication Modules (PAM) configuration on package changes. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040250 - The SUSE operating system SSH daemon private host key files must have mode 0640 or less permissive. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040260 - The SUSE operating system SSH daemon must perform strict mode checking of home directory configuration files. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040290 - The SUSE operating system SSH daemon must disable forwarded remote X connections for interactive users, unless to fulfill documented and validated mission requirements. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040350 - The SUSE operating system must not allow interfaces to accept Internet Protocol version 6 (IPv6) Internet Control Message Protocol (ICMP) redirect messages by default. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040360 - The SUSE operating system must not allow interfaces to send Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect messages by default. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040381 - The SUSE operating system must not be performing Internet Protocol version 6 (IPv6) packet forwarding unless the system is a router. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
