| 1.1.1.3 Ensure hfs kernel module is not available | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.4 Ensure hfsplus kernel module is not available | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.2.1.2 Ensure nodev option set on /tmp partition | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.2.2.1 Ensure /dev/shm is a separate partition | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.1.2.5.2 Ensure nodev option set on /var/tmp partition | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.6.2 Ensure nodev option set on /var/log partition | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.7.3 Ensure nosuid option set on /var/log/audit partition | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.2.1.2 Ensure gpgcheck is globally activated | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.1.4 Ensure package manager repositories are configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.3.1.2 Ensure SELinux is not disabled in bootloader configuration | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.3.1.4 Ensure the SELinux mode is not disabled | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.4.2 Ensure access to bootloader config is configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.5.4 Ensure core dump storage is disabled | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.6.5 Ensure system wide crypto policy disables cbc for ssh | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.8.9 Ensure GDM autorun-never is not overridden | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | MEDIA PROTECTION |
| 2.1.3 Ensure dhcp server services are not in use | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.3 Ensure nis client is not installed | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.4.1.6 Ensure permissions on /etc/cron.monthly are configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.1.2 Ensure wireless interfaces are disabled | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.3.5 Ensure icmp redirects are not accepted | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.3.10 Ensure tcp syn cookies is enabled | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 3.3.11 Ensure ipv6 router advertisements are not accepted | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 4.2.2 Ensure firewalld loopback traffic is configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3.1 Ensure nftables base chains exist | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3.3 Ensure nftables default deny firewall policy | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.12 Ensure sshd HostbasedAuthentication is disabled | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 5.1.15 Ensure sshd LogLevel is configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.1 Ensure sudo is installed | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL |
| 5.3.1.3 Ensure latest version of libpwquality is installed | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.3.2.1 Ensure active authselect profile includes pam modules | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, RISK ASSESSMENT |
| 5.3.2.3 Ensure pam_pwquality module is enabled | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3.2.2 Ensure password length is configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3.2.3 Ensure password complexity is configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3.4.2 Ensure pam_unix does not include remember | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3.4.3 Ensure pam_unix includes a strong password hashing algorithm | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.4.1.6 Ensure all users last password change date is in the past | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.2.4 Ensure root account access is controlled | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.1.1 Ensure auditd packages are installed | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.1.3 Ensure audit_backlog_limit is sufficient | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.1.4 Ensure auditd service is enabled and active | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.3 Ensure events that modify the sudo log file are collected | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.5 Ensure events that modify the system's network environment are collected | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.11 Ensure session initiation information is collected | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.14 Ensure events that modify the system's Mandatory Access Controls are collected | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.3.17 Ensure successful and unsuccessful attempts to use the chacl command are collected | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.4.1 Ensure the audit log file directory mode is configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.5 Ensure audit configuration files mode is configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.8 Ensure audit tools mode is configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.9 Ensure audit tools owner is configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.10 Ensure audit tools group owner is configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
