| 1.1 Ensure the appropriate MongoDB software version/patches are installed | CIS MongoDB Database Audit L1 v1.0.0 | MongoDB | CONFIGURATION MANAGEMENT |
| 1.2.6 Set 'exec-timeout' to less than or equal to 10 minutes for 'line aux 0' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL |
| 1.2.7 Set 'exec-timeout' to less than or equal to 10 minutes 'line console 0' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL |
| 1.2.8 Set 'exec-timeout' less than or equal to 10 minutes 'line tty' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL |
| 1.2.9 Set 'exec-timeout' to less than or equal to 10 minutes 'line vty' | CIS Cisco IOS 15 L1 v4.1.1 | Cisco | ACCESS CONTROL |
| 1.8 Ensure Computer Name Does Not Contain PII or Protected Organizational Information | CIS Apple macOS 10.15 Catalina v3.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT |
| 1.8 Ensure Computer Name Does Not Contain PII or Protected Organizational Information | CIS Apple macOS 12.0 Monterey v4.0.0 L2 | Unix | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT |
| 2.1 Ensure that authentication is enabled for MongoDB databases | CIS MongoDB L1 Unix Audit v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.2 Disable/Modify Default Accts - 'SNMP default community strings have been removed' | TNS NetApp Data ONTAP 7G | NetApp | |
| 2.02 Version/Patches - 'Ensure the latest version of Oracle software and patches have been applied' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | |
| 2.3.3.11 Ensure Computer Name Does Not Contain PII or Protected Organizational Information | CIS Apple macOS 15.0 Sequoia v1.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT |
| 2.4 Ensure an industry standard authentication mechanism is used - authenticationMechanisms | CIS MongoDB L2 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.6.1.3 Audit Location Services Access | CIS Apple macOS 14.0 Sonoma v2.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.4 Ensure 'slow_query_log' Has Appropriate Permissions | CIS MySQL 5.6 Enterprise Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.4 Ensure 'slow_query_log' Has Appropriate Permissions | CIS MySQL 5.7 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.4 Ensure 'slow_query_log' Has Appropriate Permissions | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.4 Ensure 'slow_query_log' Has Appropriate Permissions | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.4 Ensure 'slow_query_log' Has Appropriate Permissions | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.4 Ensure 'slow_query_log' Has Appropriate Permissions | CIS MySQL 5.6 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.4 Ensure that each role for each MongoDB database is needed and grants only the necessary privileges | CIS MongoDB Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - clusterAdmin | CIS MongoDB Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - dbAdminAnyDatabase | CIS MongoDB Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - dbOwner | CIS MongoDB Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - hostManager | CIS MongoDB Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - readWriteAnyDatabase | CIS MongoDB Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 4.1 Ensure TLS or SSL protects all network communications | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.4 Rebuild the images to include security patches | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
| 5.1 Ensure that system activity is audited | CIS MongoDB L1 Unix Audit v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3.3.2.2 Ensure minimum password length is configured | CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3.2.2 Ensure minimum password length is configured | CIS Debian Linux 12 v1.1.0 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3.2.2 Ensure minimum password length is configured | CIS Debian Linux 11 v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3.2.2 Ensure minimum password length is configured | CIS Debian Linux 11 v2.0.0 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3.2.2 Ensure minimum password length is configured | CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.3 Ensure that operating system resource limits are set for MongoDB | CIS MongoDB L2 Unix Audit v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.6 Ensure that JSONP access via an HTTP interface is disabled | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.7 Ensure that the REST API is disabled | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.7.2 Ensure Multiple External NTP Servers are set | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | AUDIT AND ACCOUNTABILITY |
| 7.1 Ensure that key file permissions are set correctly | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 7.2 Ensure that database file permissions are set correctly | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 12.18 Location of development database - 'Separate server from production database' | CIS v1.1.0 Oracle 11g OS L1 | Unix | |
| 12.32 Distribution of tnsnames.ora files to clients - 'Include only tnsnames.ora when distributing to clients' | CIS v1.1.0 Oracle 11g OS L1 | Unix | |
| 12.32 Distribution of tnsnames.ora files to clients - 'Include only tnsnames.ora when distributing to clients' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | |
| AS24-W1-000550 - The Apache web server must be built to fail to a known safe state if system initialization fails, shutdown fails, or aborts fail. | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-W1-000550 - The Apache web server must be built to fail to a known safe state if system initialization fails, shutdown fails, or aborts fail. | DISA STIG Apache Server 2.4 Windows Server v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DB2X-00-004520 - When using command-line tools such as db2, users must use a Connect method that does not expose the password. | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | IDENTIFICATION AND AUTHENTICATION |
| EX13-EG-003010 - The applications built-in Malware Agent must be disabled. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX16-ED-003010 - The applications built-in Malware Agent must be disabled. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX16-ED-003010 - The applications built-in Malware Agent must be disabled. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX16-MB-002880 - The applications built-in Malware Agent must be disabled. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| VCWN-06-000032 - A least-privileges assignment must be used for the Update Manager database user. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | CONFIGURATION MANAGEMENT |
