| 1.1 Ensure packages are obtained from authorized repositories | CIS PostgreSQL 15 v1.2.0 L1 OS Linux Unix | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.1.17 Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate | CIS Kubernetes 1.8 Benchmark v1.2.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.18 Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.18 Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate | CIS Kubernetes 1.11 Benchmark v1.3.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.19 Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.2.19 Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate | CIS Kubernetes v1.12.0 L1 Master Node | Unix | AUDIT AND ACCOUNTABILITY |
| 1.2.21 Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | AUDIT AND ACCOUNTABILITY |
| 1.2.24 Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | AUDIT AND ACCOUNTABILITY |
| 1.9 Ensure the "tmux" package installed | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 3.1.13 Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate | CIS Kubernetes 1.8 Benchmark v1.2.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.13 Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.2 Authentication and Verification of ISIS Routing Protocols - authentication | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 3.2 Authentication and Verification of ISIS Routing Protocols - authentication-type hmac-md5 | Tenable ZTE ROSNG | ZTE_ROSNG | IDENTIFICATION AND AUTHENTICATION |
| 5.4.3.11 Ensure the operating system prevents users from disabling the tmux terminal multiplexer | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 5.4.7 Ensure minimum and maximum requirements are set for password changes - difok | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.7 Ensure minimum and maximum requirements are set for password changes - maxclassrepeat | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.7 Ensure minimum and maximum requirements are set for password changes - maxrepeat | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.7 Ensure minimum and maximum requirements are set for password changes - minclass | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.7 Ensure minimum and maximum requirements are set for password changes - minlen | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 12.1 Ensure the AppArmor Framework Is Enabled | CIS Apache HTTP Server 2.4 v2.3.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.17.1 (L1) Ensure 'Download Mode' is NOT set to 'Enabled: Internet' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.17.1 (L1) Ensure 'Download Mode' is NOT set to 'Enabled: Internet' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.17.1 (L1) Ensure 'Download Mode' is NOT set to 'Enabled: Internet' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.17.1 (L1) Ensure 'Download Mode' is NOT set to 'Enabled: Internet' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.17.1 (L1) Ensure 'Download Mode' is NOT set to 'Enabled: Internet' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.17.1 Ensure 'Download Mode' is NOT set to 'Enabled: Internet' | CIS Microsoft Windows 11 Enterprise v5.0.1 L1 | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| GEN003540 - The system must implement non-executable program stacks - 'kernel.exec-shield' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN003540 - The system must implement non-executable program stacks - 'kernel.randomize_va_space' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000079 - The system must limit the ability of processes to have simultaneous write and execute access to memory. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OS10-RTR-000810 - The Dell OS10 multicast Designated Router (DR) must be configured to filter the Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Report messages to allow hosts to join a multicast group only from sources that have been approved by the organization. | DISA Dell OS10 Switch Router STIG v1r1 | Dell_OS10 | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-06-000228 - The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon is configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-07-010063 - The Red Hat Enterprise Linux operating system must disable the login screen user list for graphical user interfaces. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-010343 - The Red Hat Enterprise Linux operating system must require re-authentication when using the 'sudo' command - sudo command. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010344 - The Red Hat Enterprise Linux operating system must not be configured to bypass password requirements for privilege escalation. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010350 - The Red Hat Enterprise Linux operating system must be configured so that users must re-authenticate for privilege escalation. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-020021 - The Red Hat Enterprise Linux operating system must confine SELinux users to roles that conform to least privilege. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-020023 - The Red Hat Enterprise Linux operating system must elevate the SELinux context when an administrator calls the sudo command. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-021330 - The Red Hat Enterprise Linux operating system must use a separate file system for the system audit data path. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-030370 - The Red Hat Enterprise Linux operating system must audit all uses of the chown, fchown, fchownat, and lchown syscalls. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-07-040300 - The Red Hat Enterprise Linux operating system must be configured so that all networked systems have SSH installed. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-07-040400 - The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon is configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-040460 - The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon uses privilege separation. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-040600 - For Red Hat Enterprise Linux operating systems using DNS resolution, at least two name servers must be configured. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-040610 - The Red Hat Enterprise Linux operating system must not forward Internet Protocol version 4 (IPv4) source-routed packets. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-040711 - The Red Hat Enterprise Linux operating system SSH daemon must prevent remote hosts from connecting to the proxy display. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-040740 - The Red Hat Enterprise Linux operating system must not be performing packet forwarding unless the system is a router. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-041010 - The Red Hat Enterprise Linux operating system must be configured so that all wireless network adapters are disabled. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-020250 - RHEL 8 must implement smart card logon for multifactor authentication for access to interactive accounts. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-213110 - RHEL 9 must implement nonexecutable data to protect its memory from unauthorized code execution. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-10-701190 - RHEL 10 must implement nonexecutable data to protect its memory from unauthorized code execution. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
