| 1.2.7 Verify Package Integrity Using RPM | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.10 Use login triggers to validate users IP addresses - exec sp_displaylogin <Login_Name> | CIS Sybase 15.0 L2 DB v1.1.0 | SybaseDB | |
| 1.10 Use login triggers to validate users IP addresses - exec sp_logintrigger | CIS Sybase 15.0 L2 DB v1.1.0 | SybaseDB | |
| 2.1.1 Ensure 'extproc' Is Not Present in 'listener.ora' | CIS Oracle Server 19c Linux v1.2.0 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.1 Ensure 'extproc' Is Not Present in 'listener.ora' | CIS Oracle Server 19c Windows v1.2.0 | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.2 Ensure 'extproc' Is Not Present in 'listener.ora' | CIS Oracle Server 12c Linux v3.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.8 Remove tftp-server | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.10 Remove talk-server | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 5 L1 OS Windows v1.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.2.2 Ensure 'AUDIT_TRAIL' Is Set to 'DB', 'XML', 'OS', 'DB,EXTENDED', or 'XML,EXTENDED' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 2.2.2 Ensure 'AUDIT_TRAIL' Is Set to 'DB', 'XML', 'OS', 'DB,EXTENDED', or 'XML,EXTENDED' | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 2.2.17 Ensure 'PDB_OS_CREDENTIAL' is NOT null | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 2.2.17 Ensure 'PDB_OS_CREDENTIAL' is NOT null | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL |
| 2.2.17 Ensure 'PDB_OS_CREDENTIAL' is NOT null | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 2.16 Ensure no login exists with the name 'sa' | CIS SQL Server 2022 Database L1 AWS RDS v1.1.0 | MS_SQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.17 Ensure no login exists with the name 'sa' | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.6 Ensure the SQL Server's SQLAgent Service Account is Not an Administrator | CIS Microsoft SQL Server 2019 v1.5.0 L1 AWS RDS | MS_SQLDB | ACCESS CONTROL |
| 3.6 Ensure the SQL Server's SQLAgent Service Account is Not an Administrator | CIS SQL Server 2022 Database L1 AWS RDS v1.1.0 | MS_SQLDB | ACCESS CONTROL |
| 3.6 Ensure the SQL Server's SQLAgent Service Account is Not an Administrator | CIS Microsoft SQL Server 2019 v1.5.0 L1 Database Engine | MS_SQLDB | ACCESS CONTROL |
| 3.8 Ensure only the default permissions specified by Microsoft are granted to the public server role | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | ACCESS CONTROL |
| 4.3 Enable auditing - auditing of security-related events | CIS Sybase 15.0 L1 DB v1.1.0 | SybaseDB | AUDIT AND ACCOUNTABILITY |
| 4.3 Ensure 'CHECK_POLICY' Option is set to 'ON' for All SQL Authenticated Logins | CIS SQL Server 2017 Database L1 AWS RDS v1.3.0 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| 4.3 Ensure 'DBA_USERS.AUTHENTICATION_TYPE' Is Not Set to 'EXTERNAL' for Any User | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 4.3 Ensure 'DBA_USERS.AUTHENTICATION_TYPE' Is Not Set to 'EXTERNAL' for Any User | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 5.2 Enable 'ALTER USER' Audit Option | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 5.8 Enable 'DROP PROFILE' Audit Option | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 5.11 Enable 'PUBLIC SYNONYM' Audit Option | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 5.12 Enable 'SYNONYM' Audit Option | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 5.13 Enable 'GRANT DIRECTORY' Audit Option | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 5.19 Enable 'PROCEDURE' Audit Option | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 9.2.6 Ensure root PATH Integrity | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 12.18 Location of development database - 'Separate server from production database' | CIS v1.1.0 Oracle 11g OS L1 | Unix | |
| 12.18 Location of development database - 'Separate server from production database' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | |
| 17.4.2 Ensure 'Audit Directory Service Access' is set to include 'Success and Failure' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.4.2 Ensure 'Audit Directory Service Access' is set to include 'Success and Failure' (STIG DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 17.4.3 Ensure 'Audit Directory Service Access' is set to include 'Success and Failure' (STIG DC only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| ALMA-09-022570 - AlmaLinux OS 9 must prevent a user from overriding the disable-restart-buttons setting for the graphical user interface. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| CD12-00-003600 - Execution of software modules (to include functions and trigger procedures) with elevated privileges must be restricted to necessary cases only. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | ACCESS CONTROL |
| DB2X-00-005800 - Access to database files must be limited to relevant processes and to authorized, administrative users | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | SYSTEM AND COMMUNICATIONS PROTECTION |
| DB2X-00-005800 - Access to database files must be limited to relevant processes and to authorized, administrative users | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DB2X-00-005800 - Access to database files must be limited to relevant processes and to authorized, administrative users | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Windows | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DISA_STIG_SharePoint_2010_v1r9.audit from DISA SharePoint 2010 v1r9 | DISA STIG SharePoint 2010 v1r9 | Windows | |
| DO0157-ORACLE11 - Database application user accounts should be denied storage usage for object creation within the database. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD3X-00-000490 - MongoDB must check the validity of all data inputs except those specifically identified by the organization. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | SYSTEM AND INFORMATION INTEGRITY |
| MD4X-00-004100 - MongoDB must check the validity of all data inputs except those specifically identified by the organization. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | SYSTEM AND INFORMATION INTEGRITY |
| MD7X-00-003900 If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| MYS8-00-005100 - If passwords are used for authentication, the MySQL Database Server 8.0 must store only hashed, salted representations of passwords. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| O19C-00-011800 - Database administrator (DBA) OS accounts must be granted only those host system privileges necessary for the administration of the Oracle Database. | DISA Oracle Database 19c STIG v1r1 Unix | Unix | CONFIGURATION MANAGEMENT |
| PGS9-00-003600 - Execution of software modules (to include functions and trigger procedures) with elevated privileges must be restricted to necessary cases only. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | ACCESS CONTROL |
| SQL2-00-018900 - SQL Server must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users) - or processes acting as non-organizational users. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
