| 1.1.1.1 Ensure cramfs kernel module is not available | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure squashfs kernel module is not available | CIS Oracle Linux 9 v2.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure squashfs kernel module is not available | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.7 Ensure udf kernel module is not available | CIS Oracle Linux 9 v2.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.2.2.1 Ensure /dev/shm is a separate partition | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.2.5.1 Ensure separate partition exists for /var/tmp | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.5.2 Ensure nodev option set on /var/tmp partition | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.5.4 Ensure noexec option set on /var/tmp partition | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.6.2 Ensure nodev option set on /var/log partition | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.6.3 Ensure nosuid option set on /var/log partition | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.2.1.3 Ensure repo_gpgcheck is globally activated | CIS Oracle Linux 9 v2.0.0 L2 Server | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.1.3 Ensure repo_gpgcheck is globally activated | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.3.1.2 Ensure SELinux is not disabled in bootloader configuration | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.4.2 Ensure access to bootloader config is configured | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.5.2 Ensure ptrace_scope is restricted | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.6.2 Ensure system wide crypto policy is not set in sshd configuration | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.7.1 Ensure message of the day is configured properly | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL |
| 1.7.3 Ensure remote login warning banner is configured properly | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL |
| 1.7.4 Ensure access to /etc/motd is configured | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.8.6 Ensure GDM automatic mounting of removable media is disabled | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | MEDIA PROTECTION |
| 2.1.6 Ensure samba file server services are not in use | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.1.13 Ensure rsync services are not in use | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.1.16 Ensure tftp server services are not in use | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.1.18 Ensure web server services are not in use | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.1.22 Ensure only approved services are listening on a network interface | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.4.1.6 Ensure permissions on /etc/cron.monthly are configured | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.1.2 Ensure wireless interfaces are disabled | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.1.3 Ensure bluetooth services are not in use | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.2.3 Ensure rds kernel module is not available | CIS SUSE Linux Enterprise 15 v2.0.1 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 5.4.3.1 Ensure nologin is not listed in /etc/shells | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 6.3.1.4 Ensure auditd service is enabled and active | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.2.2 Ensure audit logs are not automatically deleted | CIS Oracle Linux 9 v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.1 Ensure changes to system administration scope (sudoers) is collected | CIS Oracle Linux 9 v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.9 Ensure discretionary access control permission modification events are collected | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are collected | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.17 Ensure successful and unsuccessful attempts to use the chacl command are collected | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.18 Ensure successful and unsuccessful attempts to use the usermod command are collected | CIS Oracle Linux 9 v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.19 Ensure kernel module loading unloading and modification is collected | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.4.2 Ensure audit log files mode is configured | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.4 Ensure audit log files group owner is configured | CIS Oracle Linux 9 v2.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.4 Ensure audit log files group owner is configured | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.9 Ensure audit tools owner is configured | CIS Oracle Linux 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 18.8.4.2 Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.8.5.2 Ensure 'Turn On Virtualization Based Security: Select Platform Security Level' is set to 'Secure Boot and DMA Protection' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 DC NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.4.2 (L1) Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.4.2 (L1) Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.4.2 (L1) Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.10.92.4.3 Ensure 'Select when Quality Updates are received' is set to 'Enabled: 0 days' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| CISC-RT-000610 - The MPLS router with RSVP-TE enabled must be configured with message pacing to adjust maximum burst and maximum number of RSVP messages to an output queue based on the link speed and input queue size of adjacent core routers. | DISA Cisco IOS Router RTR STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000610 - The MPLS router with RSVP-TE enabled must be configured with message pacing to adjust maximum burst and maximum number of RSVP messages to an output queue based on the link speed and input queue size of adjacent core routers. | DISA Cisco IOS XE Router RTR STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
