| 1.1 Ensure the appropriate MongoDB software version/patches are installed | CIS MongoDB 3.2 Database Audit L1 v1.0.0 | MongoDB | CONFIGURATION MANAGEMENT |
| 2.2.36 (L1) Ensure 'Lock pages in memory' is set to 'No One' | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.36 (L1) Ensure 'Lock pages in memory' is set to 'No One' | CIS Microsoft Windows Server 2019 v4.0.0 L1 MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.47 Ensure 'Lock pages in memory' is set to 'No One' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.47 Ensure 'Lock pages in memory' is set to 'No One' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.48 Ensure 'Lock pages in memory' is set to 'No One' | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.48 Ensure 'Lock pages in memory' is set to 'No One' | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure 'FAILED_LOGIN_ATTEMPTS' Is Less than or Equal to '5' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 3.1 Ensure that Role-based access control (RBAC) is enabled and configured | CIS MongoDB 3.6 Database Audit L1 v1.1.0 | MongoDB | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure that role-based access control is enabled and configured appropriately | CIS MongoDB 3.4 Database Audit L1 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.2 Ensure 'PASSWORD_LOCK_TIME' Is Greater than or Equal to '1' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 3.2 Ensure 'PASSWORD_LOCK_TIME' Is Greater than or Equal to '1' | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 3.2 Ensure 'PASSWORD_LOCK_TIME' Is Greater Than Or Equal To '1' | CIS Oracle Database 23ai v1.0.0 L1 RDBMS | OracleDB | ACCESS CONTROL |
| 3.3 Ensure 'PASSWORD_LIFE_TIME' Is Less than or Equal to '90' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL |
| 3.3 Ensure 'PASSWORD_LIFE_TIME' Is Less than or Equal to '90' | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL |
| 3.4 Ensure that each role for each MongoDB database is needed and grants only the necessary privileges | CIS MongoDB 3.2 Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.5 Ensure 'PASSWORD_REUSE_TIME' Is Greater than or Equal to '365' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 3.5 Ensure 'PASSWORD_REUSE_TIME' Is Greater than or Equal to '365' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 3.5 Ensure 'PASSWORD_REUSE_TIME' Is Greater than or Equal to '365' | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 3.5 Ensure 'PASSWORD_REUSE_TIME' Is Greater than or Equal to '365' | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 3.6 Ensure 'PASSWORD_GRACE_TIME' Is Less than or Equal to '5' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL |
| 3.6 Ensure 'PASSWORD_GRACE_TIME' Is Less than or Equal to '5' | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - clusterAdmin | CIS MongoDB 3.2 Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - clusterAdmin | CIS MongoDB 3.4 Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - dbAdminAnyDatabase | CIS MongoDB 3.6 Database Audit L1 v1.1.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - userAdmin | CIS MongoDB 3.6 Database Audit L1 v1.1.0 | MongoDB | ACCESS CONTROL |
| 3.8 Ensure 'SESSIONS_PER_USER' Is Less than or Equal to '10' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL |
| 3.9 Ensure 'INACTIVE_ACCOUNT_TIME' Is Less than or Equal to '120' | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL |
| 6.2.6 Ensure the 'DROP ROLE' Action Audit Is Enabled | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.25 Ensure the 'ALTER TRIGGER' Action Audit IS Enabled | CIS Oracle Server 18c DB Unified Auditing v1.1.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.25 Ensure the 'ALTER TRIGGER' Action Audit IS Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 20.48 Ensure 'Permissions for the Application Event Log must prevent access by non-privileged accounts' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| O19C-00-006600 - The audit information produced by the Oracle Database must be protected from unauthorized access, modification, or deletion. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| O19C-00-006900 - The system must protect audit tools from unauthorized access, modification, or deletion. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| O19C-00-008200 - Database objects must be owned by accounts authorized for ownership. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O19C-00-009200 - The Oracle REMOTE_OS_ROLES parameter must be set to FALSE. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O19C-00-012200 - Oracle Database must be protected from unauthorized access by developers on shared production/development host systems. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O19C-00-013200 - OS accounts used to run external procedures called by Oracle Database must have limited privileges. | DISA Oracle Database 19c STIG v1r1 Unix | Unix | CONFIGURATION MANAGEMENT |
| O19C-00-015300 - Oracle Database must map the authenticated identity to the user account using public key infrastructure (PKI)-based authentication. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O19C-00-015400 - When using command-line tools such as Oracle SQL*Plus, which can accept a plain-text password, users must use an alternative logon method that does not expose the password. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O19C-00-016000 - Oracle Database must implement NIST FIPS 140-2/140-3 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owner's requirements. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| O19C-00-017600 - Access to Oracle Database files must be limited to relevant processes and to authorized, administrative users. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| O19C-00-017900 - Oracle Database must check the validity of data inputs. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | SYSTEM AND INFORMATION INTEGRITY |
| O19C-00-018600 - Oracle Database software must be evaluated and patched against newly found vulnerabilities. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | SYSTEM AND INFORMATION INTEGRITY |
| O19C-00-019800 - Oracle Database must, for password-based authentication, verify that when users create or update passwords, the passwords are not found on the list of commonly used, expected, or compromised passwords in IA-5 (1) (a). | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-030700 - The Oracle Linux operating system must audit all uses of the sudoers file and all files in the /etc/sudoers.d/ directory. | DISA Oracle Linux 7 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-12-020260 - The SUSE operating system must generate audit records for all uses of the sudo command. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| TCAT-AS-000700 - DOD root CA certificates must be installed in Tomcat trust store. | DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WDNS-AU-000005 - The Windows 2012 DNS Server log must be enabled. | DISA Microsoft Windows 2012 Server DNS STIG v2r7 | Windows | AUDIT AND ACCOUNTABILITY |
| WG205 W22 - The web document (home) directory must be in a separate partition from the web server's system files. - 'ErrorLog' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | AUDIT AND ACCOUNTABILITY |
