| 1.1 Ensure Latest SQL Server Service Packs and Hotfixes are Installed | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | SYSTEM AND SERVICES ACQUISITION |
| 2.2.2 Ensure 'AUDIT_TRAIL' Is Set to 'OS', 'DB', 'XML', 'DB,EXTENDED', or 'XML,EXTENDED' | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | |
| 2.2.4 Ensure 'OS_ROLES' Is Set to 'FALSE' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 2.6 Ensure 'Remote Access' Server Configuration Option is set to '0' | CIS SQL Server 2016 Database L1 DB v1.4.0 | MS_SQLDB | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.6 Ensure the SharePoint farm service account (database access account) is configured with the minimum privileges on the SQL server - Owner | CIS Microsoft SharePoint 2016 DB v1.1.0 | MS_SQLDB | ACCESS CONTROL |
| 2.8 Ensure 'Scan For Startup Procs' Server Configuration Option is set to '0' | CIS SQL Server 2016 Database L1 DB v1.4.0 | MS_SQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.8 Ensure 'Scan For Startup Procs' Server Configuration Option is set to '0' | CIS SQL Server 2017 Database L1 DB v1.3.0 | MS_SQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.16 Ensure no login exists with the name 'sa' | CIS SQL Server 2022 Database L1 DB v1.1.0 | MS_SQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.7 Ensure the SQL Server's Full-Text Service Account is Not an Administrator | CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDS | MS_SQLDB | ACCESS CONTROL |
| 3.7 Ensure the SQL Server's Full-Text Service Account is Not an Administrator | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | ACCESS CONTROL |
| 3.8 Ensure 'SESSIONS_PER_USER' Is Less than or Equal to '10' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 3.8 Ensure 'SESSIONS_PER_USER' Is Less than or Equal to '10' | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 4.1 Ensure 'MUST_CHANGE' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2016 Database L1 DB v1.4.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 4.2 Ensure 'CHECK_EXPIRATION' Option is set to 'ON' for All SQL Authenticated Logins Within the Sysadmin Role | CIS SQL Server 2022 Database L1 AWS RDS v1.1.0 | MS_SQLDB | ACCESS CONTROL |
| 4.2 Ensure 'CHECK_EXPIRATION' Option is set to 'ON' for All SQL Authenticated Logins Within the Sysadmin Role | CIS SQL Server 2017 Database L1 DB v1.3.0 | MS_SQLDB | ACCESS CONTROL |
| 4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2017 Database L1 DB v1.3.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2022 Database L1 DB v1.1.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 5.2 Ensure External File System Access is disabled - enable file access | CIS Sybase 15.0 L1 DB v1.1.0 | SybaseDB | |
| 6.2 Ensure 'CLR Assembly Permission Set' is set to 'SAFE_ACCESS' for All CLR Assemblies | CIS SQL Server 2016 Database L1 DB v1.4.0 | MS_SQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| DG0098-ORACLE11 - ccess to external objects should be disabled if not required and authorized - 'utl_file_dir does not include *' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O112-BP-022200 - The Oracle password file ownership and permissions should be limited and the REMOTE_LOGIN_PASSWORDFILE parameter must be set to EXCLUSIVE or NONE. | DISA STIG Oracle 11.2g v2r5 Windows | Windows | CONFIGURATION MANAGEMENT |
| O112-BP-022200 - The Oracle password file ownership and permissions should be limited and the REMOTE_LOGIN_PASSWORDFILE parameter must be set to EXCLUSIVE or NONE. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O112-BP-022200 - The Oracle password file ownership and permissions should be limited and the REMOTE_LOGIN_PASSWORDFILE parameter must be set to EXCLUSIVE or NONE. | DISA STIG Oracle 11.2g v2r5 Linux | Unix | CONFIGURATION MANAGEMENT |
| O121-BP-022200 - The Oracle password file ownership and permissions should be limited and the REMOTE_LOGIN_PASSWORDFILE parameter must be set to EXCLUSIVE or NONE. | DISA STIG Oracle 12c v3r2 Windows | Windows | CONFIGURATION MANAGEMENT |
| OL07-00-030210 - The Oracle Linux operating system must take appropriate action when the remote logging buffer is full. | DISA Oracle Linux 7 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY |
| PGS9-00-002700 - PostgreSQL must provide an immediate real-time alert to appropriate support staff of all audit log failures. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-000100 - The number of concurrent SQL Server sessions for each system account must be limited. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 15' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 102' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 103' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 104' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 105' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 106' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 110' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 111' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 113' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 116' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 117' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 128' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 130' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 132' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 133' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 135' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 152' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 170' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 171' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 172' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 173' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 176' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 178' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
