| 1.21 WN22-00-000210 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.120 WN22-CC-000270 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.142 WN22-CC-000490 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | MAINTENANCE |
| 1.179 WN22-DC-000340 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 1.186 WN22-DC-000405 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 1.187 WN22-DC-000406 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | ACCESS CONTROL |
| 1.208 WN22-SO-000010 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.210 WN22-SO-000030 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.212 WN22-SO-000050 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | AUDIT AND ACCOUNTABILITY |
| 1.235 WN22-SO-000280 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.236 WN22-SO-000290 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.243 WN22-SO-000360 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.249 WN22-SO-000420 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.2.2.13 Ensure the the operating system authenticates the remote logging server for off-loading audit logs | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.2.15 Ensure the audit system off-loads audit records onto a different system or media from the system being audited | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.2.3 Ensure system is disabled when audit logs are full | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| JUEX-RT-000240 - The Juniper router must be configured to produce audit records containing information to establish where the events occurred. | DISA Juniper EX Series Router v2r1 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUEX-RT-000290 - The Juniper router must be configured to use encryption for routing protocol authentication. | DISA Juniper EX Series Router v2r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUEX-RT-000410 - The Juniper perimeter router must be configured to filter ingress traffic at the external interface on an inbound direction. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000420 - The Juniper perimeter router must be configured to filter egress traffic at the internal interface on an inbound direction. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000570 - The Juniper Multicast Source Discovery Protocol (MSDP) router must be configured to authenticate all received MSDP packets. | DISA Juniper EX Series Router v2r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUEX-RT-000600 - The Juniper router must be configured to have Gratuitous ARP disabled on all external interfaces. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000630 - The Juniper router must be configured to have Internet Control Message Protocol (ICMP) mask replies disabled on all external interfaces. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000770 - The Juniper perimeter router must be configured to block all outbound management traffic. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000940 - The Juniper PE router must be configured to have each VRF with the appropriate Route Distinguisher (RD). | DISA Juniper EX Series Router v2r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUEX-RT-001010 - The Juniper perimeter router must be configured to suppress Router Advertisements on all external IPv6-enabled interfaces. | DISA Juniper EX Series Router v2r1 | Juniper | CONFIGURATION MANAGEMENT |
| O19C-00-000200 - Oracle Database must protect against or limit the effects of organization-defined types of denial-of-service (DoS) attacks. | DISA Oracle Database 19c STIG v1r5 Unix | Unix | ACCESS CONTROL |
| O19C-00-001900 - Oracle Database must allow designated organizational personnel to select which auditable events are to be audited by the database. | DISA Oracle Database 19c STIG v1r5 OracleDB | OracleDB | AUDIT AND ACCOUNTABILITY |
| O19C-00-009000 - The Oracle WITH GRANT OPTION privilege must be limited when granted to nondatabase administrator (DBA) or nonapplication administrator user accounts. | DISA Oracle Database 19c STIG v1r5 OracleDB | OracleDB | CONFIGURATION MANAGEMENT |
| O19C-00-009200 - The Oracle REMOTE_OS_ROLES parameter must be set to FALSE. | DISA Oracle Database 19c STIG v1r5 OracleDB | OracleDB | CONFIGURATION MANAGEMENT |
| O19C-00-009400 - The Oracle password file ownership and permissions should be limited and the REMOTE_LOGIN_PASSWORDFILE parameter must be set to EXCLUSIVE or NONE. | DISA Oracle Database 19c STIG v1r5 OracleDB | OracleDB | CONFIGURATION MANAGEMENT |
| O19C-00-009600 - System Privileges must not be granted to PUBLIC. | DISA Oracle Database 19c STIG v1r5 OracleDB | OracleDB | CONFIGURATION MANAGEMENT |
| O19C-00-010600 - Oracle Database production application and data directories must be protected from developers on shared production/development database management system (DBMS) host systems. | DISA Oracle Database 19c STIG v1r5 OracleDB | OracleDB | CONFIGURATION MANAGEMENT |
| O19C-00-010800 - The Oracle Database data files, transaction logs and audit files must be stored in dedicated directories or disk partitions separate from software or other application files. | DISA Oracle Database 19c STIG v1r5 OracleDB | OracleDB | CONFIGURATION MANAGEMENT |
| O19C-00-011500 - The /diag subdirectory under the directory assigned to the DIAGNOSTIC_DEST parameter must be protected from unauthorized access. | DISA Oracle Database 19c STIG v1r5 Windows | Windows | CONFIGURATION MANAGEMENT |
| O19C-00-012400 - Oracle Database must set the maximum number of consecutive invalid logon attempts to three. | DISA Oracle Database 19c STIG v1r5 OracleDB | OracleDB | CONFIGURATION MANAGEMENT |
| O19C-00-012900 - Oracle Database default demonstration and sample databases, database objects, and applications must be removed. | DISA Oracle Database 19c STIG v1r5 OracleDB | OracleDB | CONFIGURATION MANAGEMENT |
| O19C-00-013400 - Access to external executables must be disabled or restricted. | DISA Oracle Database 19c STIG v1r5 Unix | Unix | CONFIGURATION MANAGEMENT |
| O19C-00-013400 - Access to external executables must be disabled or restricted. | DISA Oracle Database 19c STIG v1r5 Windows | Windows | CONFIGURATION MANAGEMENT |
| O19C-00-013700 - Oracle Database must ensure users are authenticated with an individual authenticator prior to using a shared authenticator. | DISA Oracle Database 19c STIG v1r5 OracleDB | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O19C-00-016700 - Oracle Database must preserve any organization-defined system state information in the event of a system failure. | DISA Oracle Database 19c STIG v1r5 OracleDB | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| O19C-00-017400 - Oracle Database contents must be protected from unauthorized and unintended information transfer by enforcement of a data-transfer policy. | DISA Oracle Database 19c STIG v1r5 OracleDB | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQLD-22-000600 - SQL Server must protect against a user falsely repudiating by ensuring databases are not in a trust relationship. | DISA Microsoft SQL Server 2022 Database STIG v1r3 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQLD-22-001800 - The certificate used for encryption must be backed up and stored in a secure location that is not on the SQL Server. | DISA Microsoft SQL Server 2022 Database STIG v1r3 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQLD-22-002000 - Database contents must be protected from unauthorized and unintended information transfer by enforcement of a data transfer policy. | DISA Microsoft SQL Server 2022 Database STIG v1r3 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQLD-22-002100 - SQL Server must check the validity of all data inputs except those specifically identified by the organization. | DISA Microsoft SQL Server 2022 Database STIG v1r3 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQLI-22-003600 - SQL Server must limit the number of concurrent sessions to an organization-defined number per user for all accounts and/or account types. | DISA Microsoft SQL Server 2022 Instance STIG v1r4 MS_SQLDB | MS_SQLDB | ACCESS CONTROL |
| SQLI-22-012400 - SQL Server services must be configured to run under unique dedicated user accounts. | DISA Microsoft SQL Server 2022 Instance STIG v1r4 MS_SQLDB | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQLI-22-014800 - SQL Server must generate audit records when successful and unsuccessful logons or connection attempts occur. | DISA Microsoft SQL Server 2022 Instance STIG v1r4 MS_SQLDB | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQLI-22-016300 - The SQL Server default account [sa] must have its name changed. | DISA Microsoft SQL Server 2022 Instance STIG v1r4 MS_SQLDB | MS_SQLDB | CONFIGURATION MANAGEMENT |
