| 4.1.2.3 Ensure audit system is set to single when the disk is full. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.20 Ensure the audit configuration is immutable | CIS CentOS Linux 8 Server L2 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1.3.41 Ensure the audit configuration is immutable | CIS Amazon Linux 2 STIG v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1.3.41 Ensure the audit configuration is immutable | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1.17 Ensure the audit configuration is immutable | CIS Red Hat 6 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure the audit configuration is immutable | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure the audit configuration is immutable | CIS CentOS 6 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure the audit configuration is immutable | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure the audit configuration is immutable | CIS SUSE Linux Enterprise 12 v3.2.1 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.3.20 Ensure the audit configuration is immutable | CIS Ubuntu Linux 20.04 LTS Workstation L2 v2.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 5.2.3.20 Ensure the audit configuration is immutable | CIS Amazon Linux 2023 Server L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 5.2.3.20 Ensure the audit configuration is immutable | CIS Amazon Linux 2 v3.0.0 L2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 5.2.3.20 Ensure the audit configuration is immutable | CIS Red Hat Enterprise Linux 7 v4.0.0 L2 Server | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 5.2.3.20 Ensure the audit configuration is immutable | CIS Oracle Linux 7 v4.0.0 L2 Server | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 5.2.3.20 Ensure the audit configuration is immutable | CIS Debian 10 Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 5.2.3.20 Ensure the audit configuration is immutable | CIS Oracle Linux 8 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 5.2.3.20 Ensure the audit configuration is immutable | CIS CentOS Linux 7 v4.0.0 L2 Server | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 5.2.3.20 Ensure the audit configuration is immutable | CIS CentOS Linux 7 v4.0.0 L2 Workstation | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 5.2.3.20 Ensure the audit configuration is immutable | CIS Rocky Linux 8 Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 6.2.3.20 Ensure the audit configuration is immutable | CIS Debian Linux 12 v1.1.0 L2 Server | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 6.2.3.20 Ensure the audit configuration is immutable | CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Workstation | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 6.3.3.20 Ensure the audit configuration is immutable | CIS Ubuntu Linux 22.04 LTS v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 6.3.3.20 Ensure the audit configuration is immutable | CIS Oracle Linux 9 v2.0.0 L2 Server | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 6.3.3.20 Ensure the audit configuration is immutable | CIS SUSE Linux Enterprise 15 v2.0.1 L2 Workstation | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 6.3.3.20 Ensure the audit configuration is immutable | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Server | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 6.3.3.20 Ensure the audit configuration is immutable | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 6.3.3.20 Ensure the audit configuration is immutable | CIS Rocky Linux 9 v2.0.0 L2 Server | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 6.3.3.20 Ensure the audit configuration is immutable | CIS Rocky Linux 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| F5BI-DM-000075 - The BIG-IP appliance must be configured to protect audit information from unauthorized modification. | DISA F5 BIG-IP Device Management STIG v2r4 | F5 | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000130 - The FortiGate device must protect audit information from unauthorized deletion. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| JUEX-NM-000190 - The Juniper EX switch must be configured to protect audit information from unauthorized modification. | DISA Juniper EX Series Network Device Management v2r3 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUNI-ND-000380 - The Juniper router must be configured to protect audit information from unauthorized modification. | DISA STIG Juniper Router NDM v3r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUNI-ND-000390 - The Juniper router must be configured to protect audit information from unauthorized deletion. | DISA STIG Juniper Router NDM v3r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| MADB-10-002100 - The audit information produced by MariaDB must be protected from unauthorized modification. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MD3X-00-000190 - The audit information produced by MongoDB must be protected from unauthorized read access. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | AUDIT AND ACCOUNTABILITY |
| MD3X-00-000220 - MongoDB must protect its audit features from unauthorized access. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | AUDIT AND ACCOUNTABILITY |
| MD7X-00-002000 The audit information produced by MongoDB must be protected from unauthorized access. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| MYS8-00-001400 - The audit information produced by the MySQL Database Server 8.0 must be protected from unauthorized deletion. | DISA Oracle MySQL 8.0 v2r2 OS Linux | Unix | AUDIT AND ACCOUNTABILITY |
| O121-C2-009500 - The system must protect audit information from unauthorized deletion. | DISA STIG Oracle 12c v3r2 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| Prevent users and apps from accessing dangerous websites | MSCT Windows Server 1903 DC v1.19.9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Prevent users and apps from accessing dangerous websites | MSCT Windows 10 1909 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Prevent users and apps from accessing dangerous websites | MSCT Windows 10 v21H1 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Prevent users and apps from accessing dangerous websites | MSCT Windows 10 v21H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Prevent users and apps from accessing dangerous websites | MSCT Windows Server v20H2 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Prevent users and apps from accessing dangerous websites | MSCT Windows Server v1909 MS v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-653025 - RHEL 9 audit system must take appropriate action when the audit storage volume is full. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653055 - RHEL 9 audit system must take appropriate action when the audit files have reached maximum size. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013800 - SQL Server must protect audit information from unauthorized deletion. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | AUDIT AND ACCOUNTABILITY |
| SQL2-00-014400 - SQL Server must protect the audit records generated as a result of remote access to privileged accounts and by the execution of privileged functions. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| UBTU-20-010133 - The Ubuntu operating system must be configured so that audit configuration files are not write-accessible by unauthorized users. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
