| 1.1.2.1.4 Have at least 1 number (1, 2, 3...) | CIS Zoom L1 v1.0.0 | Zoom | CONFIGURATION MANAGEMENT |
| 1.1.4 Set noexec option for /tmp Partition | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.10 Add nodev Option to /home | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.11 Add nodev Option to Removable Media Partitions | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.16 Add noexec Option to /dev/shm Partition | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.2.3 Verify that gpgcheck is Globally Activated | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.6 Obtain Software Package Updates with yum | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.2.7 Verify Package Integrity Using RPM | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.4.10 Ensure GRUB 2 is configured to disable vsyscalls | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.5.5 Ensure kernel.dmesg_restrict is configured | CIS Red Hat Enterprise Linux 8 v4.0.0 L1 Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.5.8 Ensure DNS is servers are configured - nameserver 2 | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.6.3 Enable Randomized Virtual Memory Region Placement - kernel.randomize_va_space = 2 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.6.2.5 Ensure 'Trust Access to Visual Basic Project' is set to Disabled | CIS Microsoft Office PowerPoint 2013 v1.0.1 | Windows | CONFIGURATION MANAGEMENT |
| 1.8.18 Ensure graphical user interface automounter is disabled - automount-open=false | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 1.20 Ensure 'Screen timeout' is set to '2 minutes' | MobileIron - CIS Google Android v1.6.0 L1 | MDM | ACCESS CONTROL |
| 2 - Remove or Disable Example Content - enable-welcome-root | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| 2.1.5 Remove NIS Client | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.17 Disable echo-stream | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.2 Ensure X11 Server components are not installed - rpm | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 2.2.10 Ensure IMAP and POP3 server are not installed | CIS Debian Linux 10 v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.19 Ensure FIPS 140-2 OpenSSL Cryptography Is Used | CIS Oracle MySQL Community Server 8.4 v1.1.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.19 Ensure FIPS 140-2 OpenSSL Cryptography Is Used | CIS Oracle MySQL Enterprise Edition 8.4 v1.1.0 L1 MySQL RDBMS on Linux MySQLDB | MySQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.1 Disable Avahi Server | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.6 Restrict Published Information (if publishing is required) - disable-user-service-publishing=yes | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.3 Enable Strong TCP Sequence Number Generation - TCP_STRONG_ISS = 2 | CIS Solaris 11.1 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3 Enable Strong TCP Sequence Number Generation - TCP_STRONG_ISS = 2 | CIS Solaris 11 L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.4 Disable Print Server - CUPS | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.8 Disable NFS and RPC - rpcidmapd | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.1.1 Ensure auditd is installed - audit | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.1.1 Ensure auditd is installed - audit-libs | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.7 Secure Permissions for the Log Mirror Location (MIRRORLOGPATH) | CIS IBM DB2 12.1 v1.0.0 Linux OS Level 1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1.8 Secure Permissions for the Log Overflow Location (OVERFLOWLOGPATH) | CIS IBM DB2 12.1 v1.0.0 Windows OS Level 1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.2.1 Disable Source Routed Packet Acceptance - net.ipv4.conf.default.accept_source_route = 0 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.2.2 Disable ICMP Redirect Acceptance - net.ipv4.conf.default.accept_redirects = 0 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.4.1.1 Disable IPv6 Router Advertisements - net.ipv6.conf.default.accept_ra = 0 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.6.1 Disable DCCP | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 5.1.1 Configure /etc/syslog.conf - kern | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1 Configure /etc/syslog.conf - syslog | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.1 Configure /etc/syslog.conf - unused | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.2 Activate the rsyslog Service - rsyslog | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.2 Activate the rsyslog Service - syslog | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3 Configure /etc/rsyslog.conf - daemon /var/log/daemon.log | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.23 Ensure that docker exec commands are not used with the privileged option | CIS Docker v1.8.0 L2 OS Linux | Unix | ACCESS CONTROL |
| 6.3.1.1 Ensure auditd packages are installed | CIS Rocky Linux 9 v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 9.9 Secure plug-in library locations - client | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | |
| 9.9 Secure plug-in library locations - server | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | |
| AZLX-23-000120 - Amazon Linux 2023 must check the GPG signature of software packages originating from external software repositories before installation. | DISA Amazon Linux 2023 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| AZLX-23-002350 - Amazon Linux 2023 system commands must be group-owned by root or a system account. | DISA Amazon Linux 2023 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| AZLX-23-002565 - Amazon Linux 2023 must synchronize internal information system clocks to the authoritative time source at least every 24 hours. | DISA Amazon Linux 2023 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000148 - The operating system must employ automated mechanisms to facilitate the monitoring and control of remote access methods - PROCESS_CHECK | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
