| 1.1.1.3 Ensure hfs kernel module is not available | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.4 Ensure hfsplus kernel module is not available | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.9 Ensure unused filesystems kernel modules are not available | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.2.1.2 Ensure nodev option set on /tmp partition | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 1.1.2.3.2 Ensure nodev option set on /home partition | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.4.2 Ensure nodev option set on /var partition | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.6.2 Ensure nodev option set on /var/log partition | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.2.1.2 Ensure gpgcheck is globally activated | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.3.1.2 Ensure SELinux is not disabled in bootloader configuration | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.6.2 Ensure system wide crypto policy is not set in sshd configuration | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.3 Ensure system wide crypto policy disables sha1 hash and signature support | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.4 Ensure system wide crypto policy disables macs less than 128 bits | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.5 Ensure system wide crypto policy disables cbc for ssh | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6.6 Ensure system wide crypto policy disables chacha20-poly1305 for ssh | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.7.2 Ensure local login warning banner is configured properly | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL |
| 2.1.8 Ensure message access server services are not in use | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.1.12 Ensure rpcbind services are not in use | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.1.16 Ensure tftp server services are not in use | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.1.21 Ensure mail transfer agents are configured for local-only mode | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.4.1.1 Ensure cron daemon is enabled and active | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.1.1 Ensure IPv6 status is identified | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 3.3.1 Ensure ip forwarding is disabled | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.3.3 Ensure bogus icmp responses are ignored | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.3.9 Ensure suspicious packets are logged | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3.1 Ensure nftables base chains exist | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3.4 Ensure nftables loopback traffic is configured | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3.4 Ensure nftables loopback traffic is configured | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.2 Ensure permissions on SSH private host key files are configured | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.5 Ensure sshd KexAlgorithms is configured | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.8 Ensure sshd Banner is configured | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL |
| 5.1.9 Ensure sshd ClientAliveInterval and ClientAliveCountMax are configured | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL |
| 5.1.17 Ensure sshd MaxStartups is configured | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL |
| 5.1.19 Ensure sshd PermitEmptyPasswords is disabled | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.2 Ensure sudo commands use pty | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL |
| 5.2.5 Ensure re-authentication for privilege escalation is not disabled globally | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL |
| 5.3.1.1 Ensure latest version of pam is installed | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.2.4 Ensure pam_pwhistory module is enabled | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3.1.1 Ensure password failed attempts lockout is configured | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL |
| 5.3.3.2.1 Ensure password number of changed characters is configured | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3.2.2 Ensure password length is configured | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3.3.2 Ensure password history is enforced for the root user | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.2.3 Ensure group root is the only GID 0 group | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.4.3.2 Ensure default user shell timeout is configured | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL |
| 6.1.2 Ensure filesystem integrity is regularly checked | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 6.2.3.7 Ensure rsyslog is not configured to receive logs from a remote client | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 6.2.3.8 Ensure rsyslog logrotate is configured | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 7.1.2 Ensure permissions on /etc/passwd- are configured | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 7.1.8 Ensure permissions on /etc/gshadow- are configured | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 7.1.12 Ensure no files or directories without an owner and a group exist | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 7.2.5 Ensure no duplicate GIDs exist | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
