| 1.1.2.6.1 Ensure separate partition exists for /var/log | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 1.4 Ensure the default value of individual salt per vm is configured | CIS VMware ESXi 6.7 v1.3.0 Level 2 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.4.1.5 Ensure the SELinux mode is enforcing | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.8.8 Ensure overriding the screensaver lock-delay setting is prevented | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 1.8.15 Ensure graphical user interface automounter is disabled | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.2.20 Ensure the rsh package has been removed | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 2.2.22 Ensure TFTP daemon is configured to operate in secure mode | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 2.2.23 Ensure default SNMP community strings don't exist | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 2.2.25 Ensure unrestricted mail relaying is prevented | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 3.1.2 Ensure wireless interfaces are disabled | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2.1 Ensure IP forwarding is disabled | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 3.2.2 Ensure packet redirect sending is disabled | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 3.5.3.2.3 Ensure iptables rules exist for all open ports | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 4.1.3.13 Ensure login and logout events are collected | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.19 Ensure audit all uses of the chsh command. | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.22 Ensure audit of postqueue command. | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.25 Ensure audit of kmod command | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.28 Ensure audit unlinkat syscall | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.31 Ensure audit of the create_module syscall | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3.39 Ensure audit of setfiles command | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.4 Ensure firewalld active zone target is configured | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1.8 Configure firewall to drop all traffic | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.1.4 Ensure logging is configured | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 5.2.7 Ensure sudo authentication timeout is configured | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.8 Ensure sshd DisableForwarding is enabled | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT |
| 5.2.9 Ensure sshd GSSAPIAuthentication is disabled | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 5.3.2 Ensure SSH is running | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.11 Ensure SSH HostbasedAuthentication is disabled | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 5.3.35 Ensure SSH X11UseLocalhost is enabled | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 5.4.11 Ensure password prohibited reuse is at a minimum 5 | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.5.1.2 Ensure minimum days between password changes is configured | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.5.10 Ensure upon user creation a home directory is assigned. | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 5.7 Set a timeout for Shell Services | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | ACCESS CONTROL |
| 5.11 Ensure contents of exposed configuration files have not been modified | CIS VMware ESXi 6.7 v1.3.0 Level 2 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 6.2.1.1 Ensure auditd packages are installed | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 6.2.3.3 Ensure events that modify the sudo log file are collected | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3.10 Ensure successful file system mounts are collected | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.4.4 Ensure audit log files group owner is configured | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.2.4.8 Ensure audit tools mode is configured | CIS Amazon Linux 2 v4.0.0 L2 Server | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 6.2.21 Ensure local interactive user is a member of the group owner. | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 6.2.26 Ensure local interactive users' dot files executable paths resolve to the users home directory. | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 8.1.2 Ensure only one remote console connection is permitted to a VM at any time | CIS VMware ESXi 6.7 v1.3.0 Level 2 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 8.2.2 Ensure unnecessary CD/DVD devices are disconnected | CIS VMware ESXi 6.7 v1.3.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.21 Disable Host Guest File System Server | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.5.1 Prevent virtual machines from taking over resources - CPU Share Level | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.5.1 Prevent virtual machines from taking over resources - Num Mem Shares | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.5.2 Ensure hardware-based 3D acceleration is disabled | CIS VMware ESXi 6.5 v1.0.0 Level 2 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 8.6.2 Disable virtual disk shrinking | CIS VMware ESXi 5.1 v1.0.1 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.7.1 Disable VIX messages from the VM | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.7.3 Do not send host information to guests | CIS VMware ESXi 5.5 v1.2.0 Level 2 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
