| 2.16 Ensure 'AUTO_CLOSE' is set to 'OFF' on contained databases | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| 9.9 Secure plug-in library locations - group | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | |
| Buffer overflow protection should be configured 'LimitRequestBody' | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Buffer overflow protection should be configured 'LimitRequestFieldsize' | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Buffer overflow protection should be configured 'LimitRequestline' | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| CGI-BIN directory should be disabled. 'Addmodule mod_cgi.c' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| CGI-BIN directory should be disabled. 'Addmodule mod_cgi.c' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| CGI-BIN directory should be disabled. 'Directory' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| CGI-BIN directory should be disabled. 'LoadModule env_module' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| CGI-BIN directory should be disabled. 'ScriptAlias' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvclean.dat | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvnames.dat | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvscan.dat | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| File permissions in the root document should only be accessible by administrator | TNS IBM HTTP Server Best Practice | Windows | |
| HTTP TRACE method should be disabled. 'RewriteCond' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| HTTP TRACE method should be disabled. 'RewriteEngine' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| HTTP TRACE method should be disabled. 'RewriteLog' | TNS IBM HTTP Server Best Practice | Windows | AUDIT AND ACCOUNTABILITY |
| HTTP TRACE method should be disabled. 'RewriteLogLevel' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| HTTP TRACE method should be disabled. 'RewriteRule' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| HTTP TRACE method should be disabled. 'RewriteRule' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| HTTP TRACE method should be disabled. 'TraceEnable' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| Keep Alive setting parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Windows | ACCESS CONTROL |
| Keep Alive setting parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Keep Alive Timeout setting value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Windows | ACCESS CONTROL |
| Latest Patches/Fixes should be installed | TNS IBM HTTP Server Best Practice Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Limit HTTP methods allowed by the Web Server. | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| Logging Directives should be restricted to authorized users. - 'CustomLog logs/access_log combined' | TNS IBM HTTP Server Best Practice | Unix | AUDIT AND ACCOUNTABILITY |
| Logging Directives should be restricted to authorized users. - 'ErrorLog logs/error_log' | TNS IBM HTTP Server Best Practice | Unix | AUDIT AND ACCOUNTABILITY |
| Logs containing auditing information should be secured at the directory level. | TNS IBM HTTP Server Best Practice | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| MaxClients parameter value should be configured to appropriate value. | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MaxKeepAliveRequests parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MaxKeepAliveRequests parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| MaxSpareServers parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MinSpareServers parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Non-Essential modules should be disabled. 'mod_autoindex' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| Non-Essential modules should be disabled. 'mod_autoindex' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| Non-Essential modules should be disabled. 'mod_dav' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| Non-Essential modules should be disabled. 'mod_dav' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| Non-Essential modules should be disabled. 'mod_include' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| Non-Essential modules should be disabled. 'mod_include' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| Non-Essential modules should be disabled. 'mod_status' | TNS IBM HTTP Server Best Practice | Windows | CONFIGURATION MANAGEMENT |
| Non-Essential modules should be disabled. 'mod_userdir' | TNS IBM HTTP Server Best Practice | Unix | CONFIGURATION MANAGEMENT |
| Server version information parameters should be turned off - 'ServerSignature Off' | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Server version information parameters should be turned off - 'ServerTokens Prod' | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| StartServers parameter value should be appropriately configured. | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| TCAT-AS-001470 - Tomcat server must be patched for security vulnerabilities. | DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| Timeout value parameter value should be appropriately configured | TNS IBM HTTP Server Best Practice | Windows | ACCESS CONTROL |
| User IDs which disclose the privileges associated with it, should not be created. | TNS IBM HTTP Server Best Practice | Windows | ACCESS CONTROL |
| User IDs which disclose the privileges associated with it, should not be created. 'lock' | TNS IBM HTTP Server Best Practice | Unix | ACCESS CONTROL |
| User IDs which disclose the privileges associated with it, should not be created. 'nologin' | TNS IBM HTTP Server Best Practice | Unix | ACCESS CONTROL |
