| 2.2.3 Ensure 'ALLOWED_WEAK_CERT_ALGORITHMS' Is NOT Set | CIS Oracle Database 23ai v1.0.0 L1 RDBMS On Linux Host OS | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.4.3 Ensure RDS is disabled - lsmod | CIS Debian 8 Workstation L1 v2.0.2 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.4.3 Ensure RDS is disabled - lsmod | CIS Distribution Independent Linux Server L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.4.3 Ensure RDS is disabled - lsmod | CIS Distribution Independent Linux Workstation L2 v2.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.5.3 Ensure RDS is disabled | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.2.4 Ensure access on /audit and /etc/security/audit is configured | CIS IBM AIX 7 v1.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.10.5.2 (L1) Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 4.10.5.2 (L1) Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 5.2.1 Ensure '%ANY%' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 5.2.5 Ensure 'SELECT ANY DICTIONARY' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 5.2.10 Ensure 'CREATE PROCEDURE' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 9.2 Verify System File Permissions | CIS Solaris 11.2 L1 v1.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 18.8.4.2 (L1) Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.8.4.2 (L1) Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.4.2 (L1) Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.4.2 (L1) Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.4.2 (L1) Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.4.2 (L1) Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.4.2 (L1) Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.4.2 (L1) Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.4.2 (L1) Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.4.2 (L1) Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Microsoft Windows Server 2016 v3.0.0 L1 DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.4.2 Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 Domain Controller | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.4.2 Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.4.2 Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.4.2 Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.4.2 Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.4.2 Ensure 'Remote host allows delegation of non-exportable credentials' is set to 'Enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.9.24.5 (L1) Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - Acrobat.exe | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 (L1) Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - AcroRd32.exe | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 (L1) Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - POWERPNT.EXE | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - Acrobat.exe | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - INFOPATH.exe | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - java.exe | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - javaw.exe | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - MSPUB.exe | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - OIS.exe | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - PPTVIEW.EXE | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - wordpad.exe | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| ALMA-09-003980 - AlmaLinux OS 9 must implement DOD-approved encryption in the OpenSSL package. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| ALMA-09-007170 - AlmaLinux OS 9 must enable kernel parameters to enforce discretionary access control (DAC) on symlinks. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| ALMA-09-040940 - AlmaLinux OS 9 must restrict usage of ptrace to descendant processes. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS Amazon Linux Benchmark Level 1 | CIS Amazon Linux v2.1.0 L1 | Unix | |
| CIS_Kubernetes_v1.11.1_L2_Worker_Node.audit from CIS Kubernetes Benchmark v1.11.1 | CIS Kubernetes v1.11.1 L2 Worker Node | Unix | |
| CIS_MariaDB_10.6_Benchmark_v1.1.0_L2_Database.audit from CIS MariaDB 10.6 Benchmark | CIS MariaDB 10.6 Database L2 v1.1.0 | MySQLDB | |
| CIS_NGINX_v2.1.0_Level_1_Webserver.audit from CIS NGINX Benchmark v2.1.0 | CIS NGINX Benchmark v2.1.0 L1 Webserver | Unix | |
| CISC-RT-000610 - The MPLS switch with RSVP-TE enabled must be configured with message pacing to adjust maximum burst and maximum number of RSVP messages to an output queue based on the link speed and input queue size of adjacent core switches. | DISA STIG Cisco IOS XE Switch RTR v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN007480 - The Reliable Datagram Sockets (RDS) protocol must be disabled or not installed unless required. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| OL07-00-040320 - The Oracle Linux operating system must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive. | DISA Oracle Linux 7 STIG v3r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-611040 - RHEL 9 must ensure the password complexity module is enabled in the password-auth file. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
