| 1.1.2.4.1 Ensure separate partition exists for /var | CIS Amazon Linux 2 v3.0.0 L2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.6 Ensure separate partition exists for /var | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.11 Ensure separate partition exists for /var/log | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.12 Ensure separate partition exists for /var/log/audit | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.19 Disable Automounting | CIS Amazon Linux v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.4 Ensure 'forms authentication' is set to use cookies | CIS IIS 8.0 v1.5.1 Level 2 | Windows | CONFIGURATION MANAGEMENT |
| 3.2.4 Ensure sctp kernel module is not available | CIS Amazon Linux 2 v3.0.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 3.5 Ensure ASP.NET stack tracing is not enabled | CIS IIS 8.0 v1.5.1 Level 2 | Windows | CONFIGURATION MANAGEMENT |
| 4.1 Ensure 'maxAllowedContentLength' is configured | CIS IIS 8.0 v1.5.1 Level 2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 4.1.1.2 Ensure system is disabled when audit logs are full - email | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2 Ensure auditd service is enabled | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.4 Ensure events that modify date and time information are collected - adjtimex (32-bit) | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.4 Ensure events that modify date and time information are collected - auditctl adjtimex | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.5 Ensure events that modify user/group information are collected | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.5 Ensure events that modify user/group information are collected - /etc/shadow | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.5 Ensure events that modify user/group information are collected - auditctl /etc/gshadow | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.5 Ensure events that modify user/group information are collected - auditctl /etc/passwd | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.5 Ensure events that modify user/group information are collected - auditctl /etc/shadow | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.6 Ensure events that modify the system's network environment are collected - /etc/hosts | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's network environment are collected - auditctl sethostname (32-bit) | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's network environment are collected - auditctl sethostname (64-bit) | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.7 Ensure events that modify the system's Mandatory Access Controls are collected - /usr/share/selinux | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.9 Ensure session initiation information is collected - /var/log/wtmp | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure discretionary access control permission modification events are collected - auditctl chown/fchown/fchownat (32-bit) | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.10 Ensure discretionary access control permission modification events are collected - auditctl chown/fchown/fchownat (64-bit) | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.10 Ensure discretionary access control permission modification events are collected - chmod/fchmod/fchmodat (32-bit) | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.10 Ensure discretionary access control permission modification events are collected - setxattr/lsetxattr/fsetxattr (64-bit) | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EACCES (64-bit) | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.13 Ensure successful file system mounts are collected - auditctl (32-bit) | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl modprobe | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - auditctl rmmod | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - init_module/delete_module (32-bit) | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - init_module/delete_module (64-bit) | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - modprobe | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Ensure non-ASCII characters in URLs are not allowed | CIS IIS 8.0 v1.5.1 Level 2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.3.2 Ensure actions as another user are always logged | CIS Amazon Linux 2 v3.0.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.5 Ensure events that modify the system's network environment are collected | CIS Amazon Linux 2 v3.0.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are recorded | CIS Amazon Linux 2 v3.0.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.18 Ensure successful and unsuccessful attempts to use the usermod command are recorded | CIS Amazon Linux 2 v3.0.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.19 Ensure kernel module loading unloading and modification is collected | CIS Amazon Linux 2 v3.0.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.20 Ensure the audit configuration is immutable | CIS Amazon Linux 2 v3.0.0 L2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 5.2.4.2 Ensure audit log files are mode 0640 or less permissive | CIS Amazon Linux 2 v3.0.0 L2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.4 Ensure only authorized groups are assigned ownership of audit log files | CIS Amazon Linux 2 v3.0.0 L2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.5 Ensure audit configuration files are 640 or more restrictive | CIS Amazon Linux 2 v3.0.0 L2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.6 Ensure audit configuration files are owned by root | CIS Amazon Linux 2 v3.0.0 L2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.14 Audit system file permissions | CIS Amazon Linux 2 v3.0.0 L2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| AIX7-00-001108 - AIX must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000690 - The Juniper PE router must be configured to implement Protocol Independent Multicast (PIM) snooping for each Virtual Private LAN Services (VPLS) bridge domain. | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| Number of changes allowed within the change interval (changes) | Tenable Cisco ACI | Cisco_ACI | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000259 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
