| 1.1.1.2 Ensure mounting of squashfs filesystems is disabled | CIS Fedora 28 Family Linux Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.2 Ensure mounting of squashfs filesystems is disabled | CIS CentOS Linux 8 Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.2 Ensure mounting of squashfs filesystems is disabled | CIS CentOS Linux 8 Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.7 Ensure the default ulimit is configured appropriately | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.7 Set default ulimit as appropriate - default-ulimit | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.10 Set default ulimit as appropriate '--default-ulimit' | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.4.1.1 Ensure ufw is installed | CIS Ubuntu Linux 20.04 LTS Workstation L1 v2.0.1 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.4.1.1 Ensure ufw is installed | CIS Debian 10 Server L1 v2.0.0 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1.1.5 Ensure rsyslog is configured to send logs to a remote log host | CIS Ubuntu Linux 18.04 LXD Container L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.4 Ensure rsyslog is configured to send logs to a remote log host | CIS Debian 8 Server L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.4 Ensure rsyslog is configured to send logs to a remote log host | CIS Debian 9 Server L1 v1.0.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.5 Ensure rsyslog is configured to send logs to a remote log host | CIS Fedora 19 Family Linux Workstation L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.5 Ensure rsyslog is configured to send logs to a remote log host | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.5 Ensure rsyslog is configured to send logs to a remote log host | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.5 Ensure rsyslog is configured to send logs to a remote log host | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.5 Ensure rsyslog is configured to send logs to a remote log host | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.6 Ensure rsyslog is configured to send logs to a remote log host | CIS Fedora 28 Family Linux Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.6 Ensure rsyslog is configured to send logs to a remote log host | CIS CentOS Linux 8 Server L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.1.6 Ensure rsyslog is configured to send logs to a remote log host | CIS CentOS Linux 8 Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.6 Ensure rsyslog is configured to send logs to a remote log host | CIS AlmaLinux OS 8 Server L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.6 Ensure rsyslog is configured to send logs to a remote log host | CIS AlmaLinux OS 8 Workstation L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.6 Ensure rsyslog is configured to send logs to a remote log host | CIS Oracle Linux 7 v4.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.6 Ensure rsyslog is configured to send logs to a remote log host | CIS Rocky Linux 8 Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.6 Ensure rsyslog is configured to send logs to a remote log host | CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.6 Ensure rsyslog is configured to send logs to a remote log host | CIS CentOS Linux 7 v4.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.6 Ensure rsyslog is configured to send logs to a remote log host | CIS Amazon Linux 2 v3.0.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1.6 Ensure rsyslog is configured to send logs to a remote log host | CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.2.6 Ensure rsyslog is configured to send logs to a remote log host | CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.7 Do not map privileged ports within containers | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | |
| 5.15 Do not share the host's process namespace | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.2.3.6 Ensure rsyslog is configured to send logs to a remote log host | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.6 Ensure rsyslog is configured to send logs to a remote log host | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.6 Ensure rsyslog is configured to send logs to a remote log host | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.6 Ensure rsyslog is configured to send logs to a remote log host | CIS AlmaLinux OS 9 v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.6 Ensure rsyslog is configured to send logs to a remote log host | CIS Rocky Linux 9 v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure mounting of cramfs filesystems is disabled - lsmod | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure mounting of cramfs filesystems is disabled - modprobe | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN000000-LNX00800 - Use a Linux Security Module configured to limit the privileges of system services - 'SELINUX = enforcing' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| OL07-00-040400 - The Oracle Linux operating system must be configured so that the SSH daemon is configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms - MACs employing FIPS 140-2 approved cryptographic hash algorithms. | DISA Oracle Linux 7 STIG v3r2 | Unix | ACCESS CONTROL |
| RHEL-08-040140 - RHEL 8 must block unauthorized peripherals before establishing a connection. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-040159 - All RHEL 8 networked systems must have SSH installed. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-040180 - The debug-shell systemd service must be disabled on RHEL 8. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040239 - RHEL 8 must not forward IPv4 source-routed packets. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040259 - RHEL 8 must not enable IPv4 packet forwarding unless the system is a router. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040261 - RHEL 8 must not accept router advertisements on all IPv6 interfaces. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040282 - RHEL 8 must restrict usage of ptrace to descendant processes. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040290 - RHEL 8 must be configured to prevent unrestricted mail relaying. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040300 - The RHEL 8 file integrity tool must be configured to verify extended attributes. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040310 - The RHEL 8 file integrity tool must be configured to verify Access Control Lists (ACLs). | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040320 - The graphical display manager must not be installed on RHEL 8 unless approved. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
