| 1.1.3 (L1) Ensure 'Minimum password age' is set to '1 or more day(s)' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 4.1.7 Ensure login and logout events are collected - /var/log/faillog | CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - /var/log/tallylog | CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl /var/log/faillog | CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl /var/log/lastlog | CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - utmp | CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - wtmp | CIS Ubuntu Linux 18.04 LXD Host L2 Server v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 6.2.5 Ensure that multifactor authentication is required for risky sign-ins | CIS Microsoft Azure Foundations v4.0.0 L2 | microsoft_azure | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 17.5.4 (L1) Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| 17.5.4 Ensure 'Audit Other Logon/Logoff Events' is set to 'Success and Failure' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| APPL-12-000032 - The macOS system must be configured with dedicated user accounts to decrypt the hard disk upon startup. | DISA STIG Apple macOS 12 v1r9 | Unix | ACCESS CONTROL |
| CASA-ND-000120 - The Cisco ASA must be configured to automatically audit account removal actions. | DISA STIG Cisco ASA NDM v2r2 | Cisco | ACCESS CONTROL |
| EPAS-00-000700 - The EDB Postgres Advanced Server must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | ACCESS CONTROL |
| EX19-MB-000016 - Exchange must have administrator audit logging enabled. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | ACCESS CONTROL |
| FGFW-ND-000010 - The FortiGate device must automatically audit account modification | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | ACCESS CONTROL |
| GEN000760 - Accounts must be locked upon 35 days of inactivity. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002751 - The audit system must be configured to audit account modification - 'User audit class assignments should be reviewed' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002752 - The audit system must be configured to audit account disabling - '/etc/security/audit/config USER_Locked exists' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002752 - The audit system must be configured to audit account disabling - '/etc/security/audit/events USER_Change exists' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - '/etc/security/audit/config USER_Remove exists' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| MD7X-00-000200 MongoDB must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | Unix | ACCESS CONTROL |
| Monterey - Configure System to Audit All Failed Program Execution on the System | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| Monterey - Configure System to Audit All Failed Program Execution on the System | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| Monterey - Disable FileVault Automatic Login | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Disable FileVault Automatic Login | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Disable FileVault Automatic Login | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| MYS8-00-000100 - MySQL Database Server 8.0 must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | ACCESS CONTROL |
| O19C-00-018700 - Oracle Database must disable accounts when the accounts have expired. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | ACCESS CONTROL |
| RHEL-08-020270 - RHEL 8 must automatically expire temporary accounts within 72 hours. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | ACCESS CONTROL |
| SLES-15-020000 - The SUSE operating system must provision temporary accounts with an expiration date for 72 hours. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 102' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 104' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 105' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 106' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 111' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 113' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 116' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 130' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 133' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 135' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 152' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 170' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 172' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 173' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-001900 - SQL Server must automatically audit account modification - 'Event ID 178' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-023300 - SQL Server must notify appropriate individuals when accounts are modified - 'Event ID 14' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-023300 - SQL Server must notify appropriate individuals when accounts are modified - 'Event ID 15' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-023300 - SQL Server must notify appropriate individuals when accounts are modified - 'Event ID 104' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-023300 - SQL Server must notify appropriate individuals when accounts are modified - 'Event ID 105' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-023300 - SQL Server must notify appropriate individuals when accounts are modified - 'Event ID 111' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
