| 2.3.2 Ensure rsh client is not installed - rsh-client | CIS Debian 9 Workstation L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.3.2 Ensure rsh client is not installed - rsh-redone-client | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 3.1.18 Ensure 'debug_print_plan' is disabled | CIS PostgreSQL 14 DB v 1.2.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.3 Ensure OverRide Is Disabled for the OS Root Directory | CIS Apache HTTP Server 2.4 v2.2.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.4 Configure logrotate - '/var/log/cron' | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.4 Configure logrotate - '/var/log/secure' | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.5 Restrict Access to the su Command - auth required pam_wheel.so use_uid' | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 9.2.17 Check for Duplicate User Names | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 11.2 Remove OS Information from Login Warning Banners - /etc/issue | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-003760 - AlmaLinux OS 9 must implement DOD-approved TLS encryption in the GnuTLS package. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| ALMA-09-004970 - AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-005300 - AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/security/opasswd. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-006290 - AlmaLinux OS 9 must require a boot loader password. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| ALMA-09-007060 - AlmaLinux OS 9 must enable kernel parameters to enforce discretionary access control on hardlinks. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| ALMA-09-040830 - AlmaLinux OS 9 must restrict exposed kernel pointer addresses access. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ALMA-09-041160 - AlmaLinux OS 9 must prevent kernel profiling by nonprivileged users. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| EPAS-00-000900 - The EDB Postgres Advanced Server must protect against a user falsely repudiating having performed organization-defined actions. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-001000 - The EDB Postgres Advanced Server must provide audit record generation capability for DOD-defined auditable events within all EDB Postgres Advanced Server/database components. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-001200 - The EDB Postgres Advanced Server must generate audit records when privileges/permissions are retrieved. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-001400 - The EDB Postgres Advanced Server must initiate support of session auditing upon startup. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-002200 - The EDB Postgres Advanced Server must include additional, more detailed, organization-defined information in the audit records for audit events identified by type, location, or subject. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-003300 - The EDB Postgres Advanced Server software installation account must be restricted to authorized users. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| EPAS-00-005700 - The EDB Postgres Advanced Server must protect the confidentiality and integrity of all information at rest. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| EPAS-00-006300 - The EDB Postgres Advanced Server and associated applications must reserve the use of dynamic code execution for situations that require it. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| EPAS-00-006500 - The EDB Postgres Advanced Server must provide nonprivileged users with error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| EPAS-00-006600 - The EDB Postgres Advanced Server must reveal detailed error messages only to the ISSO, ISSM, SA, and DBA. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| EPAS-00-006900 - The EDB Postgres Advanced Server must associate organization-defined types of security labels having organization-defined security label values with information in storage. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | ACCESS CONTROL |
| EPAS-00-007510 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | ACCESS CONTROL |
| EPAS-00-008100 - The EDB Postgres Advanced Server must provide an immediate real-time alert to appropriate support staff of all audit log failures. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-008800 - The EDB Postgres Advanced Server must require users to reauthenticate when organization-defined circumstances or situations require reauthentication. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| EPAS-00-009600 - The EDB Postgres Advanced Server must maintain the confidentiality and integrity of information during reception. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| EPAS-00-011000 - Audit records must be generated when categorized information (e.g., classification levels/security levels) is created. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-011100 - Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-011300 - The EDB Postgres Advanced Server must generate audit records when unsuccessful attempts to delete privileges/permissions occur. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-011700 - Audit records must be generated when unsuccessful attempts to delete categorized information (e.g., classification levels/security levels) occur. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-012000 - The EDB Postgres Advanced Server must generate audit records for all privileged activities or other system-level access. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-012300 - The EDB Postgres Advanced Server must generate audit records when concurrent logons/connections by the same user from different workstations occur. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| EPAS-00-012400 - The EDB Postgres Advanced Server must be able to generate audit records when successful accesses to objects occur. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| OL08-00-030150 - OL 8 must generate audit records for all account creation events that affect "/etc/passwd". | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030172 - OL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect "/etc/sudoers.d/". | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030180 - The OL 8 audit package must be installed. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| OL08-00-030181 - OL 8 audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| RHEL-08-030160 - RHEL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030180 - The RHEL 8 audit package must be installed. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-654215 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654220 - RHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/ directory. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020000 - Audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events - enabled | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| UBTU-16-020000 - Audit records must contain information to establish what type of events occurred, the source of events, where events occurred, and the outcome of events - installed | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| VCPG-67-000999 - The version of PostgreSQL running on the system must be a supported version. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCPG-70-000004 - VMware Postgres must be configured to overwrite older logs when necessary. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
