| 1.1.4.1.1 Ensure select data center regions for meetings/webinars hosted by your account is set to enabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.1.5.2 Ensure ask users to integrate Office 365 calendar when they sign in is set to disabled | CIS Zoom L2 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.2.2 Ensure the latest software package is installed | CIS NGINX Benchmark v2.1.0 L1 Proxy | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.3.1 Ensure authentication required for single user mode | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.4.1 Enable SELinux in /etc/grub.conf - selinux != 0 | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | ACCESS CONTROL |
| 1.6.2 Configure ExecShield - kernel.exec-shield = 1 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.6.4 Enable XD/NX Support on 32-bit x86 Systems - kernel-PAE | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.13.10 Ensure 'Prompt User To Choose Security Settings If Default settings Fail' is set to Disabled | CIS Microsoft Office Outlook 2013 v1.1.0 Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.8 Remove tftp-server | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.10 (L1) Ensure DMARC Records for all Exchange Online domains are published | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.13 Disable chargen-stream | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.14 Disable daytime-dgram | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.18 Disable tcpmux-server | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.10 Ensure Windows local groups are not SQL Logins | CIS SQL Server 2022 Database L1 AWS RDS v1.1.0 | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.10 Ensure Windows local groups are not SQL Logins | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.10 Ensure Windows local groups are not SQL Logins | CIS SQL Server 2022 Database L1 DB v1.1.0 | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.10 Ensure Windows local groups are not SQL Logins | CIS SQL Server 2016 Database L1 DB v1.4.0 | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.10 Remove FTP Server | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.12 Remove Dovecot (IMAP and POP3 services) | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.5.4 Create /etc/hosts.deny | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.6.1 Disable DCCP | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.6.4 Disable TIPC | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.3 Keep All Auditing Information | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1 Set SSH Protocol to 2 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 7.3 Set Default Group for root Account | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 7.7 Ensure swarm manager auto-lock key is rotated periodically | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | |
| 9.1 Create warnings for physical access services, Check if 'oem-banner' is set in /boot/solaris/bootenv.rc | CIS Solaris 9 v1.3 | Unix | ACCESS CONTROL |
| 18.9.69.2 Ensure 'Turn off the offer to update to the latest version of Windows' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| All network interfaces are operating in full-duplex mode | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-006950 - The AlmaLinux OS 9 debug-shell systemd service must be disabled. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| CD12-00-001800 - PostgreSQL must check the validity of all data inputs except those specifically identified by the organization. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| Enable only necessary and secure services, protocols, daemons - 'snapwatchd' | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| Enable only necessary and secure services, protocols, daemons - 'sshd' | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| Enable port locking by default on the VM guest network | TNS Citrix Hypervisor | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Enable remote syslog | TNS Citrix Hypervisor | Unix | AUDIT AND ACCOUNTABILITY |
| EX13-EG-000310 - Exchange software must be installed on a separate partition from the OS. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Install a trusted CA certificate on the pool | TNS Citrix Hypervisor | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JBOS-AS-000135 - JBoss ROOT logger must be configured to utilize the appropriate logging level. | DISA JBoss EAP 6.3 STIG v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000165 - File permissions must be configured to protect log information from any type of unauthorized read access. | DISA JBoss EAP 6.3 STIG v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000170 - File permissions must be configured to protect log information from unauthorized modification. | DISA JBoss EAP 6.3 STIG v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000175 - File permissions must be configured to protect log information from unauthorized deletion. | DISA JBoss EAP 6.3 STIG v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| O112-C2-004400 - OS accounts utilized to run external procedures called by the DBMS must have limited privileges. | DISA STIG Oracle 11.2g v2r5 Windows | Windows | CONFIGURATION MANAGEMENT |
| OH12-1X-000207 - All accounts installed with the web server software and tools must have passwords assigned and default passwords changed. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| Passwords stored in 'secrets' are not visible | TNS Citrix Hypervisor | Unix | IDENTIFICATION AND AUTHENTICATION |
| PGS9-00-001800 - PostgreSQL must check the validity of all data inputs except those specifically identified by the organization. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| PGS9-00-007100 - PostgreSQL must produce audit records containing sufficient information to establish where the events occurred. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PGS9-00-008300 - PostgreSQL must protect the confidentiality and integrity of all information at rest. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-010100 - PostgreSQL must require users to reauthenticate when organization-defined circumstances or situations require reauthentication. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION |
| PGS9-00-012600 - PostgreSQL must generate audit records when successful accesses to objects occur. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| XenServer - Enable only necessary and secure services, protocols, daemons - 'lwsmd' | TNS Citrix XenServer | Unix | CONFIGURATION MANAGEMENT |
