| 2.1 Ensure Authentication is configured | CIS MongoDB 3.6 L1 Unix Audit v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - authenticationMechanisms | CIS MongoDB 3.4 L2 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.4 Ensure an industry standard authentication mechanism is used - authorization | CIS MongoDB 3.2 L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - clusterAuthMode | CIS MongoDB 3.2 L2 Unix Audit v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - clusterAuthMode | CIS MongoDB 3.2 L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - mode | CIS MongoDB 3.2 L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Ensure an industry standard authentication mechanism is used - mode | CIS MongoDB 3.4 L2 Unix Audit v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1 Ensure that Role-based access control (RBAC) is enabled and configured | CIS MongoDB 3.6 Database Audit L1 v1.1.0 | MongoDB | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 3.1 Ensure that role-based access control is enabled and configured appropriately | CIS MongoDB 3.4 Database Audit L1 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.2 Ensure that MongoDB only listens for network connections on authorized interfaces | CIS MongoDB 3.4 L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 3.4 Ensure that each role for each MongoDB database is needed and grants only the necessary privileges | CIS MongoDB 3.2 Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - clusterAdmin | CIS MongoDB 3.2 Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - clusterAdmin | CIS MongoDB 3.4 Database Audit L2 v1.0.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - dbAdminAnyDatabase | CIS MongoDB 3.6 Database Audit L1 v1.1.0 | MongoDB | ACCESS CONTROL |
| 3.6 Review Superuser/Admin Roles - userAdmin | CIS MongoDB 3.6 Database Audit L1 v1.1.0 | MongoDB | ACCESS CONTROL |
| 4.2 Ensure Federal Information Processing Standard (FIPS) is enabled | CIS MongoDB 3.4 L1 Unix Audit v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1 Ensure that system activity is audited | CIS MongoDB 3.2 L1 Unix Audit v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2 Ensure that audit filters are configured properly | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.2 Ensure that audit filters are configured properly | CIS MongoDB 3.4 L1 Unix Audit v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2 Ensure that audit filters are configured properly | CIS MongoDB 3.6 L1 Unix Audit v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.4.8 Ensure audit tools are 755 or more restrictive | CIS CentOS Linux 7 v4.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.9 Ensure audit tools are owned by root | CIS Ubuntu Linux 20.04 LTS Workstation L2 v2.0.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.10 Ensure audit tools belong to group root | CIS Ubuntu Linux 20.04 LTS Server L2 v2.0.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.10 Ensure audit tools belong to group root | CIS Ubuntu Linux 18.04 LTS v2.2.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.11 Ensure cryptographic mechanisms are used to protect the integrity of audit tools | CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.3.3 Ensure cryptographic mechanisms are used to protect the integrity of audit tools | CIS Oracle Linux 8 Workstation L1 v3.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 5.4 Ensure that new entries are appended to the end of the log file | CIS MongoDB 3.4 L2 Windows Audit v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 6.1 Ensure that MongoDB uses a non-default port | CIS MongoDB 3.6 L1 Unix Audit v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.1 Ensure that MongoDB uses a non-default port | CIS MongoDB 3.6 L1 Windows Audit v1.1.0 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.1.3 Ensure cryptographic mechanisms are used to protect the integrity of audit tools | CIS Debian Linux 11 v2.0.0 L2 Workstation | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 6.2 Ensure that MongoDB uses a non-default port | CIS MongoDB 3.2 L1 Unix Audit v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.2 Ensure that MongoDB uses a non-default port | CIS MongoDB 3.4 L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.3 Ensure that server-side scripting is disabled if not needed | CIS MongoDB 3.6 L2 Windows Audit v1.1.0 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 7.1 Ensure authentication file permissions are set correctly | CIS MongoDB 3.6 L1 Unix Audit v1.1.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 7.2 Ensure that database file permissions are set correctly | CIS MongoDB 3.4 L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| ALMA-09-055900 - AlmaLinux OS 9 audit logs must be owned by the root group to prevent unauthorized read access. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| Event Logging is not available or enabled - Event Logging category checks not performed | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
| Fortigate - AAA - LDAP server is trusted | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| Fortigate - AAA - TACACS+ server is trusted | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| Fortigate - SNMP v3 auth-priv is not enabled | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-030650 - RHEL 8 must use cryptographic mechanisms to protect the integrity of audit tools. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| SNMP is not enabled. SNMP specific checks not performed. | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| The device does not appear to support or is not configured for administrative password policy settings. | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| UBTU-16-010550 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - audispd | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-010550 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - auditctl | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-010550 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - augenrules | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-16-010550 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools - ausearch | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010306 - The Ubuntu operating system must permit only authorized accounts ownership of the audit log files. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010506 - The Ubuntu operating system must use cryptographic mechanisms to protect the integrity of audit tools. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-651030 - Ubuntu 22.04 LTS must use cryptographic mechanisms to protect the integrity of audit tools. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
