| 2.3 Ensure authentication is enabled in the sharded cluster | CIS MongoDB 3.6 L2 Unix Audit v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4 Ensure an industry standard authentication mechanism is used - authenticationMechanisms | CIS MongoDB 3.2 L2 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4 Ensure an industry standard authentication mechanism is used - clusterAuthMode | CIS MongoDB 3.4 L2 Unix Audit v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 3.2 Ensure that MongoDB only listens for network connections on authorized interfaces | CIS MongoDB 3.2 L1 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2 Ensure that MongoDB only listens for network connections on authorized interfaces | CIS MongoDB 3.4 L1 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.3 Ensure that MongoDB is run using a non-privileged, dedicated service account | CIS MongoDB 3.2 L1 Unix Audit v1.0.0 | Unix | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - hostManager | CIS MongoDB 3.2 Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - userAdminAnyDatabase | CIS MongoDB 3.2 Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - userAdminAnyDatabase | CIS MongoDB 3.4 Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 4.1 Ensure Encryption of Data in Transit TLS/SSL (Transport Encryption) | CIS MongoDB 3.6 L1 Unix Audit v1.1.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.4.11 Ensure cryptographic mechanisms are used to protect the integrity of audit tools | CIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.4.11 Ensure cryptographic mechanisms are used to protect the integrity of audit tools | CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.2.4.11 Ensure cryptographic mechanisms are used to protect the integrity of audit tools | CIS Debian 10 Server L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.3.3 Ensure cryptographic mechanisms are used to protect the integrity of audit tools | CIS Red Hat EL8 Workstation L1 v3.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.3.3 Ensure cryptographic mechanisms are used to protect the integrity of audit tools | CIS Rocky Linux 8 Workstation L1 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 6.1.3 Ensure cryptographic mechanisms are used to protect the integrity of audit tools | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 6.1.3 Ensure cryptographic mechanisms are used to protect the integrity of audit tools | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 6.1.3 Ensure cryptographic mechanisms are used to protect the integrity of audit tools | CIS SUSE Linux Enterprise 15 v2.0.1 L1 Workstation | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 6.1.3 Ensure cryptographic mechanisms are used to protect the integrity of audit tools | CIS Rocky Linux 9 v2.0.0 L1 Workstation | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 6.2 Ensure that MongoDB uses a non-default port | CIS MongoDB 3.4 L1 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2 Ensure that operating system resource limits are set for MongoDB | CIS MongoDB 3.6 L2 Unix Audit v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 6.4 Ensure that server-side scripting is disabled if not needed | CIS MongoDB 3.4 L2 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.5 Ensure The 'test' database is not installed | CIS MongoDB 3.2 Database Audit L2 v1.0.0 | MongoDB | CONFIGURATION MANAGEMENT |
| 7.1 Ensure that key file permissions are set correctly | CIS MongoDB 3.4 L1 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 7.2 Ensure that database file permissions are set correctly | CIS MongoDB 3.4 L1 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-057110 - AlmaLinux OS 9 audit system must protect auditing rules from unauthorized change. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| AOSX-13-001355 - The macOS system must shut down by default upon audit failure (unless availability is an overriding concern). | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| AOSX-15-001010 - The macOS system must shut down by default upon audit failure (unless availability is an overriding concern). | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | AUDIT AND ACCOUNTABILITY |
| Configuring an automatic logout for idle sessions - TMSH | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring CIDR Network Addresses for the BIG-IP packet filter - enabled | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring LDAP remote authentication for Active Directory - Servers | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Disabling the root shell login account | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Mitigating risk from SSH brute force login attacks - Monitor login attempts | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Modifying the list of ciphers and MAC and key exchange algorithms used by the SSH service on the BIG-IP system or BIG-IQ system | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| PPS9-00-010400 - The EDB Postgres Advanced Server must generate audit records when privileges/permissions are added. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-011100 - Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-011150 - Audit records must be generated when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-011500 - The EDB Postgres Advanced Server must generate audit records when unsuccessful attempts to delete security objects occur. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-011600 - Audit records must be generated when categorized information (e.g., classification levels/security levels) is deleted. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-011800 - The EDB Postgres Advanced Server must generate audit records when successful logons or connections occur. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-012300 - The EDB Postgres Advanced Server must generate audit records when concurrent logons/connections by the same user from different workstations occur. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| Restricting access to the Configuration utility by source IP address | Tenable F5 BIG-IP Best Practice Audit | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-030650 - RHEL 8 must use cryptographic mechanisms to protect the integrity of audit tools. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| Specifying allowable IP ranges for SSH access | Tenable F5 BIG-IP Best Practice Audit | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-16-010550 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - audispd | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-010550 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - ausearch | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010506 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-651030 - Ubuntu 22.04 LTS must use cryptographic mechanisms to protect the integrity of audit tools. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000510 - The System event log size must be configured to 32768 KB or greater. | DISA Microsoft Windows 10 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000500 - The Application event log size must be configured to 32768 KB or greater. | DISA Microsoft Windows 11 STIG v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
