| 2.3 Establish a Secure Baseline - Make sure that network/nfs/status:default is disabled (netservices limited) | CIS Solaris 10 L1 v5.2 | Unix | |
| 2.3 Establish a Secure Baseline - Make sure that network/rpc/cde-ttdbserver:tcp is only limited to local connections | CIS Solaris 10 L1 v5.2 | Unix | |
| 2.3 Establish a Secure Baseline - Make sure that network/rpc/metamh:default is disabled (netservices limited) | CIS Solaris 10 L1 v5.2 | Unix | |
| 2.5 Disable NIS Client Services - domain | CIS Solaris 11.1 L1 v1.0.0 | Unix | |
| 2.9 Disable automount Service | CIS Solaris 11.1 L1 v1.0.0 | Unix | |
| 3.1 Restrict Core Dumps to Protected Directory - global core dump logging = enabled | CIS Solaris 11.1 L1 v1.0.0 | Unix | ACCESS CONTROL |
| 3.1.1 Modify Network Parameters | CIS Solaris 10 L1 v5.2 | Unix | |
| 3.1.9 Disable Response to Multicast Echo Request - Check ip6_respond_to_echo_multicast value. Expected value: 0. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.12 Set Strict Multihoming - Check ip_strict_dst_multihoming value. Expected value: 1. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.13 Disable ICMPv4 Redirect Messages - Check ip_send_redirects value. Expected value: 0. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2 Restrict Core Dumps to Protected Directory - Check if COREADM_PROC_SETID_ENABLED is set to no | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 3.5 Disable Network Routing - Make sure that ipv6-forwarding is disabled | CIS Solaris 10 L1 v5.2 | Unix | |
| 3.11 Ignore ICMP Redirect Messages - current ipv6 = 1 | CIS Solaris 11.1 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.11 Ignore ICMP Redirect Messages - persistent ipv6 = 1 | CIS Solaris 11.1 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.13 Disable ICMP Redirect Messages - persistent ipv4 = 0 | CIS Solaris 11.1 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.17 Disable Network Routing - ipv6-forwarding current = disabled | CIS Solaris 11.1 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.17 Disable Network Routing - ipv6-forwarding persistent = disabled | CIS Solaris 11.1 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1 Enable inetd Connection Logging - Make sure that tcp_trace is set to true | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1 Set daemon umask - Check if CMASK is set to 022 in /etc/default/init. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 5.2 Restrict Set-UID on User Mounted Devices - Check if nosuid option is set in /etc/rmmount.conf. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 6.1.2 Set SSH Protocol to 2 - Check if Protocol is set to 2 and not commented for client. | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.1.3 Disable SSH X11 Forwarding - Check if X11Forwarding is set to no and not commented for the server. | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
| 6.1.4 Set SSH MaxAuth Tries to 3 - Check if MaxAuthTries is set to 3 or lower and not commented for the server. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 6.1.7 Set SSH RhostsAuthentication to no - Check if RhostsAuthentication is set to no and not commented for the server. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 6.7 Set Default Screen Lock for CDE Users - CDE package was not found | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 6.9 Restrict at/cron To Authorized Users - should pass if /etc/cron.d/at.deny does not exist. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 6.11 Set Retry Limit for Account Lockout - Check if 'RETRIES' in /etc/default/login is set to 3. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 6.13 Secure the GRUB Menu - Check if 'password' is set in /boot/grub/menu.lst. Note: This check only checks if password is set | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 7.1 Disable System Accounts - Ensure account 'adm' disallows password login | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.1 Disable System Accounts - Ensure account 'postgres' disallows password login. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.1 Disable System Accounts - Ensure account 'smmsp' is locked. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.1 Disable System Accounts - should pass if the default shell for 'gdm' is set to /usr/bin/false. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.1 Disable System Accounts - should pass if the default shell for 'nobody' is set to /usr/bin/false. | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.4 Set Default Group for root Account | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.5 Change Home Directory for root Account | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 7.5 Change Home Directory for root Account - Check /root permissions. | CIS Solaris 10 L1 v5.2 | Unix | |
| 7.10 Ensure Password Encryption Uses SHA algorithms 'CRYPT_ALGORITHMS_ALLOW' | CIS Solaris 10 L2 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.3 Ensure Password Fields are Not Empty - Verify no accounts are returned by 'logins -p' | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 9.6 Ensure root PATH Integrity, No Group/World-Writable Directory In root's $PATH | CIS Solaris 10 L1 v5.2 | Unix | ACCESS CONTROL |
| 9.7 Check Permissions on User Home Directories - Should Be Mode 750 or More Restrictive | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
| 9.12 Check That Users Are Assigned Home Directories | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
| 9.14 Check User Home Directory Ownership | CIS Solaris 10 L1 v5.2 | Unix | CONFIGURATION MANAGEMENT |
| 9.15 Check for Duplicate UIDs | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 9.20 Check for presence of user .netrc files - Checks for the presence of .netrc files in home directories. | CIS Solaris 10 L1 v5.2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 10.3 Restrict access to power management functions - PMCHANGEPERM | CIS Solaris 10 L2 v5.2 | Unix | ACCESS CONTROL |
| 10.4 Restrict access to sys-suspend feature | CIS Solaris 10 L2 v5.2 | Unix | ACCESS CONTROL |
| 10.5 Create symlinks for dangerous files - /etc/hosts.equiv | CIS Solaris 10 L2 v5.2 | Unix | |
| 10.6 Remove Support for Internet Services (inetd) | CIS Solaris 10 L2 v5.2 | Unix | |
| 11.2 Samba: Set Secure Permissions on smb.conf File | CIS Solaris 10 L2 v5.2 | Unix | |
| 11.6 Samba: Set Secure smb.conf File Options - group | CIS Solaris 10 L2 v5.2 | Unix | |
