| 5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly - local UNIX Domain Socket is configured correctly | CIS PostgreSQL 12 OS v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 17.7.2 Ensure 'Audit Audit Policy Change' is set to include 'Success and Failure' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| ALMA-09-052270 - AlmaLinux OS 9 must label all offloaded audit logs before sending them to the central log server. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| AOSX-14-001017 - The macOS system must be configured with audit log folders set to mode 700 or less permissive. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-001022 - The macOS system must be configured to audit all failed read actions on the system. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| DTOO110 - Blocking as default file block opening behavior must be enforced. | DISA STIG Microsoft Word 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO111 - The Internet Explorer Bind to Object functionality must be enabled. | DISA STIG Microsoft Word 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft Word 2013 v1r7 | Windows | CONFIGURATION MANAGEMENT |
| DTOO132 - File Downloads must be configured for proper restrictions in PowerPoint. | DISA STIG Microsoft PowerPoint 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO139 - The Save commands default file format must be configured. | DISA STIG Microsoft Word 2013 v1r7 | Windows | CONFIGURATION MANAGEMENT |
| DTOO142 - Force encrypted macros to be scanned in open XML documents must be determined and configured. | DISA STIG Microsoft Word 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO146 - Trust access for VBA must be disallowed. | DISA STIG Microsoft PowerPoint 2013 v1r7 | Windows | CONFIGURATION MANAGEMENT |
| DTOO209 - Protection from zone elevation must be enforced in PowerPoint. | DISA STIG Microsoft PowerPoint 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO211 - ActiveX Installs must be configured for proper restriction. | DISA STIG Microsoft Access 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO288 - Files in unsafe locations must be opened in Protected View. | DISA STIG Microsoft PowerPoint 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO291 - Automatic download of linked images must be disallowed. | DISA STIG Microsoft PowerPoint 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO292 - Document behavior if file validation fails must be set. | DISA STIG Microsoft Word 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO304 - Warning Bar settings for VBA macros must be configured. | DISA STIG Microsoft PowerPoint 2013 v1r7 | Windows | CONFIGURATION MANAGEMENT |
| DTOO336 - Word 6.0 binary documents and templates must be configured for block open/save actions. | DISA STIG Microsoft Word 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO339 - Word XP binary documents and templates must be configured to edit in protected view. | DISA STIG Microsoft Word 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO507 - File Links that invoke instances of Internet Explorer from within an Office product must be blocked in PowerPoint Viewer. | DISA STIG Microsoft PowerPoint 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO508 - File Downloads must be configured for proper restrictions in PowerPoint Viewer. | DISA STIG Microsoft PowerPoint 2013 v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO999-Word13 - The version of Microsoft Word running on the system must be a supported version. | DISA STIG Microsoft Word 2013 v1r7 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| MYS8-00-004800 - The MySQL Database Server 8.0 must enforce authorized access to all PKI private keys stored/utilized by the MySQL Database Server 8.0. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000279 - The system package management tool must verify ownership on all files and directories associated with the audit package. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000280 - The system package management tool must verify group-ownership on all files and directories associated with the audit package. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000281 - The system package management tool must verify contents of all files associated with the audit package. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL08-00-030170 - OL 8 must generate audit records for all account creation events that affect "/etc/group". | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030630 - OL 8 audit tools must be owned by root. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000279 - The system package management tool must verify ownership on all files and directories associated with the audit package. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000280 - The system package management tool must verify group-ownership on all files and directories associated with the audit package. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030170 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030171 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-12-020650 - The SUSE operating system must generate audit records for all modifications to the tallylog file must generate an audit record. | DISA SLES 12 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020300 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020400 - Successful/unsuccessful uses of the ssh-agent command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020460 - The audit system must be configured to audit any usage of the setxattr system call - root b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020530 - Successful/unsuccessful uses of the fchown command must generate an audit record - b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020560 - Successful/unsuccessful uses of the chmod command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020590 - Successful/unsuccessful uses of the open command must generate an audit record - EPERM b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020610 - Successful/unsuccessful uses of the ftruncate command must generate an audit record - EACCES b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020630 - Successful/unsuccessful uses of the openat command must generate an audit record - EACCES b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020640 - Successful/unsuccessful uses of the open_by_handle_at command must generate an audit record - EACCES b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020710 - Successful/unsuccessful uses of the setfacl command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020790 - Successful/unsuccessful uses of the chage command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020800 - Successful/unsuccessful uses of the usermod command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020830 - Successful/unsuccessful uses of the init_module command must generate an audit record - b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| WN16-AU-000320 - Windows Server 2016 must be configured to audit Policy Change - Audit Policy Change failures. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-AU-000260 - Windows Server 2022 must be configured to audit Policy Change - Audit Policy Change successes. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-AU-000270 - Windows Server 2022 must be configured to audit Policy Change - Audit Policy Change failures. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
