| 3.2 Configure Security Auditing Flags per local organizational requirements - 'audit successful/failed file attribute modification events' | CIS Apple macOS 10.13 L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.5 Review User-Defined Roles | CIS MongoDB 3.2 Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.5 Review User-Defined Roles | CIS MongoDB 3.4 Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - dbAdminAnyDatabase | CIS MongoDB 3.6 Database Audit L1 v1.1.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - readWriteAnyDatabase | CIS MongoDB 3.4 Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - userAdmin | CIS MongoDB 3.6 Database Audit L1 v1.1.0 | MongoDB | ACCESS CONTROL |
| 6.2.1 Ensure the 'CREATE USER' Action Audit Is Enabled | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.1 Ensure the 'CREATE USER' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.2 Ensure the 'ALTER USER' Action Audit Is Enabled | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.2 Ensure the 'ALTER USER' Action Audit Is Enabled | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.4 Ensure the 'CREATE ROLE' Action Audit Is Enabled | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.4 Ensure the 'CREATE ROLE' Action Audit Is Enabled | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.5 Ensure the 'ALTER ROLE' Action Audit Is Enabled | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.5 Ensure the 'ALTER ROLE' Action Audit Is Enabled | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.5 Ensure the 'ALTER ROLE' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.6 Ensure the 'DROP ROLE' Action Audit Is Enabled | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.6 Ensure the 'DROP ROLE' Action Audit Is Enabled | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.9 Ensure the 'CREATE PROFILE' Action Audit Is Enabled | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.9 Ensure the 'CREATE PROFILE' Action Audit Is Enabled | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.9 Ensure the 'CREATE PROFILE' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.10 Ensure the 'ALTER PROFILE' Action Audit Is Enabled | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.10 Ensure the 'ALTER PROFILE' Action Audit Is Enabled | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.10 Ensure the 'ALTER PROFILE' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.11 Ensure the 'DROP PROFILE' Action Audit Is Enabled | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.11 Ensure the 'DROP PROFILE' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.11 Ensure the 'DROP PROFILE' Action Audit Is Enabled | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.15 Ensure the 'CREATE SYNONYM' Action Audit Is Enabled | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.16 Ensure the 'ALTER SYNONYM' Action Audit Is Enabled | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.16 Ensure the 'ALTER SYNONYM' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.17 Ensure the 'DROP SYNONYM' Action Audit Is Enabled | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.23 Ensure the 'ALTER SYSTEM' Privilege Audit Is Enabled | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.24 Ensure the 'CREATE TRIGGER' Action Audit Is Enabled | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.24 Ensure the 'CREATE TRIGGER' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.25 Ensure the 'ALTER TRIGGER' Action Audit IS Enabled | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.25 Ensure the 'ALTER TRIGGER' Action Audit IS Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.25 Ensure the 'ALTER TRIGGER' Action Audit IS Enabled | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.26 Ensure the 'DROP TRIGGER' Action Audit Is Enabled | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 18.10.75.2.2 Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 20.48 Ensure 'Permissions for the Application Event Log must prevent access by non-privileged accounts' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| ALMA-09-055900 - AlmaLinux OS 9 audit logs must be owned by the root group to prevent unauthorized read access. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-001016 The macOS system must configure audit log files to mode 440 or less permissive. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-001140 The macOS system must configure audit_control to not contain access control lists. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-001110 - The macOS system must configure audit_control group to wheel. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-001120 - The macOS system must configure audit_control owner to root. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| OH12-1X-000312 - If using the WebLogic Web Server Proxy Plugin and configuring end-to-end SSL, OHS must have the SecureProxy directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000314 - If using the WebLogic Web Server Proxy Plugin and configuring end-to-end SSL, OHS must have the WebLogicSSLVersion directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010141 - RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require a unique superusers name upon booting into single-user mode and maintenance. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | ACCESS CONTROL |
| SLES-15-030070 - The SUSE operating system must generate audit records for all uses of the passwd command. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020770 - Successful/unsuccessful uses of the unix_update command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| WDNS-AU-000005 - The Windows 2012 DNS Server log must be enabled. | DISA Microsoft Windows 2012 Server DNS STIG v2r7 | Windows | AUDIT AND ACCOUNTABILITY |
