| 5.4 Ensure 'SQL Server Audit' is set to capture both 'failed' and 'successful logins' | CIS SQL Server 2017 Database L1 DB v1.3.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| AIX7-00-002017 - AIX must be configured so that the audit system takes appropriate action when the audit storage volume is full. | DISA STIG AIX 7.x v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| Allow Windows Ink Workspace | MSCT Windows 10 v2004 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow Windows Ink Workspace | MSCT Windows 11 v24H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow Windows Ink Workspace | MSCT Windows 11 v23H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Big Sur - Audit Record Reduction and Report Generation - reduction | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | AUDIT AND ACCOUNTABILITY |
| Catalina - Audit Record Reduction and Report Generation - reduction | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | AUDIT AND ACCOUNTABILITY |
| Ensure 'console session timeout' is set to organizational policy | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | ACCESS CONTROL |
| Ensure 'Failover' is enabled | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | SYSTEM AND INFORMATION INTEGRITY |
| Ensure 'Image Authenticity' is correct | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | SYSTEM AND INFORMATION INTEGRITY |
| Ensure 'Image Integrity' is correct | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | SYSTEM AND INFORMATION INTEGRITY |
| Ensure 'logging buffer size' is greater than or equal to '524288' bytes (512kb) | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
| Ensure 'logging trap severity ' is greater than or equal to '5' | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
| Ensure 'OSPF authentication' is enabled | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | IDENTIFICATION AND AUTHENTICATION |
| Ensure 'Password Policy' is enabled - minimum-length | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | IDENTIFICATION AND AUTHENTICATION |
| Ensure 'SNMP traps' is enabled - authentication | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | AUDIT AND ACCOUNTABILITY |
| Ensure 'SSH source restriction' is set to an authorized IP address | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure intrusion prevention is enabled for untrusted interfaces | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | SYSTEM AND INFORMATION INTEGRITY |
| Ensure known default accounts do not exist - cmd_exec | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | ACCESS CONTROL |
| GEN002750 - The audit system must be configured to audit account creation - '/etc/security/audit/events USER_Create exists' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN002750 - The audit system must be configured to audit account creation - '/etc/security/audit/events USER_Create exists' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| SOL-11.1-010060 - The audit system must support an audit reduction capability. | DISA STIG Solaris 11 SPARC v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010060 - The audit system must support an audit reduction capability. | DISA STIG Solaris 11 X86 v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036500 - SQL Server must generate Trace or Audit records when unsuccessful attempts to modify locally-defined security objects occur - SCHEMA_OBJECT_CHANGE... | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - Event ID 85 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created - Event ID 91 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036600 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is created. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036650 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is modified - Event ID 85 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036650 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is modified - Event ID 91 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur - Event ID 84 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur - Event ID 87 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur - Event ID 89 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur - Event ID 162 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036800 - Trace or Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-036850 - Trace or Audit records must be generated when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur - Event ID 86 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037100 - SQL Server must generate Trace or Audit records when locally-defined security objects are dropped - SCHEMA_OBJECT_CHANGE_GROUP | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037300 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is deleted - Event ID 88 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037300 - Trace or Audit records must be generated when categorized information (e.g., classification levels/security levels) is deleted - Event ID 90 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-037400 - Trace or Audit records must be generated when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur - Event ID 89 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 87 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 88 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-038100 - SQL Server must generate Trace or Audit records when successful accesses to designated objects occur - Event ID 89 | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL6-D0-001200 - SQL Server must limit privileges to change software modules, to include stored procedures, functions, and triggers, and links to software external to SQL Server. | DISA STIG SQL Server 2016 Database Audit v3r2 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL6-D0-001600 - The Database Master Key encryption password must meet DOD password complexity requirements. | DISA STIG SQL Server 2016 Database Audit v3r2 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL6-D0-003000 - SQL Server must prohibit user installation of logic modules (stored procedures, functions, triggers, views, etc.) without explicit privileged status. | DISA STIG SQL Server 2016 Database Audit v3r2 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL6-D0-003100 - SQL Server must enforce access restrictions associated with changes to the configuration of the database(s). | DISA STIG SQL Server 2016 Database Audit v3r2 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| Windows Device Configuration - Camera | Tenable Best Practices for Microsoft Intune Windows v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Windows Device Configuration - Geolocation | Tenable Best Practices for Microsoft Intune Windows v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Windows Device Configuration - NFC | Tenable Best Practices for Microsoft Intune Windows v1.0 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| WN12-SO-000049 - The system must generate an audit event when the audit log reaches a percentage of full threshold. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | AUDIT AND ACCOUNTABILITY |
