| 1.7 Log Auditing | Tenable ZTE ROSNG | ZTE_ROSNG | AUDIT AND ACCOUNTABILITY |
| 2.5 Enable SSL for Network File copy (NFC) | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.8 Ensure the Lock File Is Secured - 'LockFile permissions' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | ACCESS CONTROL |
| 4.1.3 Ensure network interface zone is configured | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1.4.1 Ensure Audit logs are owned by root and mode 0600 or less permissive | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 4.2.1.5 Ensure rsyslog is configured to send logs to a remote log host | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 4.2.1.6 Ensure remote rsyslog messages are only accepted on designated log hosts. | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 5.2.4 Ensure users must provide password for escalation | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.5 Ensure users must re-authenticate for privilege escalation | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.8 Ensure users password required for privilege escalation when using sudo | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 5.3.17 Ensure only strong MAC algorithms are used | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 5.3.27 Ensure Printlastlog is enabled | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 5.3.32 Ensure SSH performs checks of home directory configuration files | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 5.4.2.1.4 Ensure password failed attempts lockout includes root account | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | ACCESS CONTROL |
| 5.4.7 Ensure minimum and maximum requirements are set for password changes | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.8 Ensure date and time of last successful logon | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 5.4.13 Ensure lockout for unsuccessful root logon attempts | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 5.5.1.6 Ensure shadow file is configured to use only encrypted representations of passwords | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.1.10 Ensure no world writable files exist | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 6.1.12 Ensure no ungrouped files or directories exist | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 6.1.15 Ensure the file permissions ownership and group membership of system files and commands match the vendor values | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 6.1.16 Ensure all world-writable directorys are owned by root, sys, bin, or an application User Identifier | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 6.2.1.4 Ensure auditd service is enabled and active | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.15 Ensure successful and unsuccessful attempts to use the chcon command are collected | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.16 Ensure successful and unsuccessful attempts to use the setfacl command are collected | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 6.2.3.21 Ensure the audit configuration is immutable | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.22 Ensure the running and on disk configuration is the same | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.4.7 Ensure audit configuration files group owner is configured | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.2.19 Ensure all local interactive user home directories are group-owned | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 6.2.24 Ensure local interactive users' dot files are group-owned by the users group or root. | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 6.2.25 Ensure users' dot files have 0740 or less set. | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 6.4 Zero out VMDK files prior to deletion | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.1.2 Ensure only one remote console connection is permitted to a VM at any time | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.2.1 Disconnect unauthorized devices - Floppy Devices | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | MEDIA PROTECTION |
| 8.2.2 Ensure unnecessary CD/DVD devices are disconnected | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.2.5 Disconnect unauthorized devices - USB Devices | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | MEDIA PROTECTION |
| 8.4.26 Ensure all but VGA mode on virtual machines is disabled | CIS VMware ESXi 6.7 v1.3.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.29 Ensure all but VGA mode on virtual machines is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.5.1 Ensure VM limits are configured correctly - Mem Share Level | CIS VMware ESXi 6.7 v1.3.0 Level 2 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 8.5.1 Ensure VM limits are configured correctly - Num Mem Shares | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.5.1 Ensure VM limits are configured correctly - Num Mem Shares | CIS VMware ESXi 6.7 v1.3.0 Level 2 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 8.5.2 Ensure hardware-based 3D acceleration is disabled | CIS VMware ESXi 6.7 v1.3.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.7.3 Ensure host information is not sent to guests | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.7.3 Ensure host information is not sent to guests | CIS VMware ESXi 6.7 v1.3.0 Level 2 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| Big Sur - Configure System to Audit All Administrative Action Events | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Catalina - Configure System to Audit All Administrative Action Events | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| DTOO240 - Outlook - The ability to display level 1 attachments must be disallowed. | DISA Microsoft Outlook 2010 STIG v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Configure System to Audit All Administrative Action Events | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Configure System to Audit All Administrative Action Events | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| Monterey - Configure System to Audit All Administrative Action Events | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
