| 1.1 Ensure packages are obtained from authorized repositories | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.6 Ensure version 7.2 or newer booted with UEFI have a unique name for the grub superusers account - UEFI must have a unique name for the grub superusers account when booting into single-user mode and maintenance. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| ESXi : apply-patches | VMWare vSphere 5.X Hardening Guide | VMware | |
| ESXi : config-firewall-access - 'CIM Server allowed' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'DHCPv6 blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'DVSSync blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'NFC allowed' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'NTP Client blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'SNMP Server allowed' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'VM serial port connected over network blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : config-firewall-access - 'vSphere High Availability Agent blocked' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXi : enable-chap-auth | VMWare vSphere 5.X Hardening Guide | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXi : enable-host-profiles | VMWare vSphere 5.X Hardening Guide | VMware | |
| ESXi : esxi-no-self-signed-certs | VMWare vSphere 5.X Hardening Guide | VMware | |
| ESXi : set-shell-interactive-timeout | VMWare vSphere 5.X Hardening Guide | VMware | ACCESS CONTROL |
| ESXi : verify-acceptance-level-certified | VMWare vSphere 5.X Hardening Guide | VMware | |
| ESXi : verify-admin-group | VMWare vSphere 5.X Hardening Guide | VMware | ACCESS CONTROL |
| ESXi : verify-config-files | VMWare vSphere 5.X Hardening Guide | VMware | |
| ESXi : verify-install-media | VMWare vSphere 5.X Hardening Guide | VMware | |
| GEN005260 - X Window System connections not required must be disabled. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| PGS9-00-008000 - PostgreSQL must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to generate and validate cryptographic hashes. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-008200 - PostgreSQL must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owners requirements. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-020530 - X displays must not be exported to the world. | DISA STIG Solaris 11 X86 v3r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| SOL-11.1-020540 - .Xauthority or X*.hosts (or equivalent) file(s) must be used to restrict access to the X server. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SSO : config-ntp | VMWare vSphere 5.X Hardening Guide | VMware | |
| vCenter : config-ntp | VMWare vSphere 5.X Hardening Guide | VMware | AUDIT AND ACCOUNTABILITY |
| vCenter : limit-user-login | VMWare vSphere 5.X Hardening Guide | VMware | |
| vCenter : monitor-certificate-access | VMWare vSphere 5.X Hardening Guide | VMware | |
| vCenter : remove-expired-certificates | VMWare vSphere 5.X Hardening Guide | VMware | |
| vCenter : remove-failed-install-logs | VMWare vSphere 5.X Hardening Guide | VMware | |
| vCenter : secure-vco-file-access | VMWare vSphere 5.X Hardening Guide | VMware | |
| vCenter : verify-client-plugins | VMWare vSphere 5.X Hardening Guide | VMware | |
| vCenter : Verify-RDP-encryption | VMWare vSphere 5.X Hardening Guide | VMware | |
| VCSA : config-ntp | VMWare vSphere 5.X Hardening Guide | VMware | |
| vNetwork : enable-bpdu-filter | VMWare vSphere 5.X Hardening Guide | VMware | |
| vNetwork : isolate-mgmt-network-airgap | VMWare vSphere 5.X Hardening Guide | VMware | |
| vNetwork : isolate-mgmt-network-vlan | VMWare vSphere 5.X Hardening Guide | VMware | |
| vNetwork : isolate-vmotion-network-airgap | VMWare vSphere 5.X Hardening Guide | VMware | |
| vNetwork : label-vswitches | VMWare vSphere 5.X Hardening Guide | VMware | |
| vNetwork : limit-network-healthcheck | VMWare vSphere 5.X Hardening Guide | VMware | |
| vNetwork : no-unused-dvports | VMWare vSphere 5.X Hardening Guide | VMware | |
| vNetwork : no-vgt-vlan-4095 | VMWare vSphere 5.X Hardening Guide | VMware | CONFIGURATION MANAGEMENT |
| vNetwork : reject-forged-transmit - 'vSwitch' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| vNetwork : reject-mac-changes - 'vSwitch' | VMWare vSphere 5.X Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| vNetwork : restrict-netflow-usage | VMWare vSphere 5.X Hardening Guide | VMware | |
| vNetwork : restrict-portmirror-usage | VMWare vSphere 5.X Hardening Guide | VMware | |
| VUM : audit-vum-login | VMWare vSphere 5.X Hardening Guide | VMware | |
| VUM : isolate-vum-proxy | VMWare vSphere 5.X Hardening Guide | VMware | |
| VUM : no-vum-self-management | VMWare vSphere 5.X Hardening Guide | VMware | |
| WebClient : web-client-timeout | VMWare vSphere 5.X Hardening Guide | VMware | |
