| 2.0 Install & Config - 'Disable RIPv1' | TNS NetApp Data ONTAP 7G | NetApp | |
| 2.0 Install & Config - 'Enable SSLv3' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.2 Ensure rsh client is not installed - rsh-client | CIS Debian 9 Server L1 v1.0.1 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.4 Password Security - 'security.passwd.rules.minimum >= 8' | TNS NetApp Data ONTAP 7G | NetApp | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Password Security - 'security.passwd.rules.minimum.alphabetic = 2' | TNS NetApp Data ONTAP 7G | NetApp | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Password Security - 'security.passwd.rules.minimum.digit = 1' | TNS NetApp Data ONTAP 7G | NetApp | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Password Security - 'security.passwd.rules.minimum.symbol = 1' | TNS NetApp Data ONTAP 7G | NetApp | IDENTIFICATION AND AUTHENTICATION |
| 2.5 Autologout - 'autologout.console.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.5 Autologout - 'ssh.idle.timeout <= 300' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.7 Network & IP Options - 'ip.match_any_ifaddr = off' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.7 Network & IP Options - 'ip.ping_throttle.drop_level <= 100' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.8 Protocol Access Controls - 'interface.blocked.iscsi has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.9 Ensure the maximum log file size is set correctly | CIS PostgreSQL 14 DB v 1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.2 Data ONTAP (Software) Mgmt - 'httpd.admin.access has been configured' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 3.2 Data ONTAP (Software) Mgmt - 'Use e0M as the Data ONTAP management port' | TNS NetApp Data ONTAP 7G | NetApp | |
| 3.5 Ensure Access to Audit Records Is Controlled | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure excessive function privileges are revoked | CIS PostgreSQL 14 DB v 1.2.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.2 SnapMirror - 'replication.throttle.incoming.max_kbs has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2 SnapMirror - 'snapmirror.access has been configured' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 5.2 SnapMirror - 'snapmirror.log.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | AUDIT AND ACCOUNTABILITY |
| 5.3.16 Collect Changes to System Administration Scope (sudoers) | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 6.5 Restrict Access to the su Command - wheel:x:10:root, <user list>' | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 7.2 Ensure logging of replication commands is configured | CIS PostgreSQL 14 DB v 1.2.0 | PostgreSQLDB | ACCESS CONTROL |
| 7.4 Ensure WAL archiving is configured and functional | CIS PostgreSQL 14 DB v 1.2.0 | PostgreSQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.2.18 Check for Duplicate Group Names | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 18.9.31.1 (L2) Ensure 'Allow Clipboard synchronization across devices' is set to 'Disabled' | CIS Microsoft Windows Server 2025 v1.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.1 (L2) Ensure 'Allow Clipboard synchronization across devices' is set to 'Disabled' | CIS Microsoft Windows Server 2022 Stand-alone v1.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.1 (L2) Ensure 'Allow Clipboard synchronization across devices' is set to 'Disabled' | CIS Microsoft Windows Server 2019 v4.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.52.2 Ensure 'Prevent the usage of OneDrive for file storage on Windows 8.1' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 18.10.51.2 (L1) Ensure 'Prevent the usage of OneDrive for file storage on Windows 8.1' is set to 'Enabled' | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | ACCESS CONTROL |
| 18.10.51.2 (L1) Ensure 'Prevent the usage of OneDrive for file storage on Windows 8.1' is set to 'Enabled' | CIS Windows Server 2012 R2 DC L1 v3.0.0 | Windows | ACCESS CONTROL |
| AIX7-00-002016 - AIX must provide audit record generation functionality for DoD-defined auditable events. | DISA STIG AIX 7.x v3r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| ALMA-09-008490 - AlmaLinux OS 9 must prevent users from disabling the Standard Mandatory DOD Notice and Consent Banner for graphical user interfaces. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| ALMA-09-023560 - AlmaLinux OS 9 must configure a DNS processing mode set be Network Manager. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-041050 - AlmaLinux OS 9 must restrict access to the kernel message buffer. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ALMA-09-044790 - AlmaLinux OS 9 must clear memory when it is freed to prevent use-after-free attacks. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| ALMA-09-045670 - AlmaLinux OS 9 audit system must audit local events. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| ALMA-09-055350 - AlmaLinux OS 9 must securely compare internal information system clocks at least every 24 hours. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-001021 The macOS system must be configured to audit all changes of object attributes. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| APPL-14-001130 The macOS system must configure audit_control to mode 440 or less permissive. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-001021 - The macOS system must be configured to audit all changes of object attributes. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| DG0041-ORACLE11 - Use of the DBMS installation account should be logged. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| MD7X-00-007400 MongoDB must provide an immediate real-time alert to appropriate support staff of all audit log failures. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| O112-BP-024200 - Use of the DBMS installation account must be logged. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O121-BP-024200 - Use of the DBMS installation account must be logged. | DISA STIG Oracle 12c v3r2 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O121-P2-012800 - The DBMS must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users). | DISA STIG Oracle 12c v3r2 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| SLES-12-020240 - The SUSE operating system must generate audit records for all uses of the privileged functions. | DISA SLES 12 STIG v3r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| SLES-15-030640 - The SUSE operating system must generate audit records for all uses of the privileged functions. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| SOL-11.1-080020 - The system must implement non-executable program stacks. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
| VCRP-70-000001 - Envoy must drop connections to disconnected clients. | DISA STIG VMware vSphere 7.0 RhttpProxy v1r1 | Unix | ACCESS CONTROL |
