| 2.05 listener.ora - 'Change default name of listener' | CIS v1.1.0 Oracle 11g OS L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.11 listener.ora - 'Change standard ports' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | CONFIGURATION MANAGEMENT |
| 3.11 init.ora - 'control_file parameter settings' | CIS v1.1.0 Oracle 11g OS Windows Level 1 | Windows | |
| 4.24 sqlnet.ora - 'sqlnet.expire_time = 10' | CIS v1.1.0 Oracle 11g OS Windows Level 2 | Windows | ACCESS CONTROL |
| 4.40 listener.ora - 'secure_protocol_listener_name = (TCP,IPC)' | CIS v1.1.0 Oracle 11g OS L1 | Unix | ACCESS CONTROL |
| 5.1.2.1 Ensure 'EXECUTE' is not granted to 'PUBLIC' on "Non-default" Packages | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.05 OAS - 'Integrity Protection - sqlnet.crypto_checksum_server = REQUIRED' | CIS v1.1.0 Oracle 11g OS L2 | Unix | ACCESS CONTROL |
| 5.5.1 Ensure password creation requirements are configured | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 18.8.5.4 (NG) Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 NG DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.8.5.5 (NG) Ensure 'Turn On Virtualization Based Security: Credential Guard Configuration' is set to 'Enabled with UEFI lock' (MS Only) | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 NG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.5.4 (L1) Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.5.4 (NG) Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.5.4 (NG) Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)' | CIS Microsoft Windows 10 Stand-alone v4.0.0 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.5.4 (NG) Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)' | CIS Microsoft Windows Server 2019 v4.0.0 NG DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.5.4 (NG) Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)' | CIS Microsoft Windows Server 2025 v1.0.0 NG DC | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.5.4 (NG) Ensure 'Turn On Virtualization Based Security: Require UEFI Memory Attributes Table' is set to 'True (checked)' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.5.5 (NG) Ensure 'Turn On Virtualization Based Security: Credential Guard Configuration' is set to 'Enabled with UEFI lock' (MS Only) | CIS Microsoft Windows Server 2025 v1.0.0 NG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.5.5 Ensure 'Turn On Virtualization Based Security: Credential Guard Configuration' is set to 'Enabled with UEFI lock' (MS Only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 NG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.5.5 Ensure 'Turn On Virtualization Based Security: Credential Guard Configuration' is set to 'Enabled with UEFI lock' (MS Only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.5.5 Ensure 'Turn On Virtualization Based Security: Credential Guard Configuration' is set to 'Enabled with UEFI lock' (MS Only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 NG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.10.4 (BL) Ensure 'Disable new DMA devices when this computer is locked' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.10.4 (BL) Ensure 'Disable new DMA devices when this computer is locked' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 BitLocker | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.10.4 (BL) Ensure 'Disable new DMA devices when this computer is locked' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.44.1 (NG) Ensure 'Allow auditing events in Microsoft Defender Application Guard' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | AUDIT AND ACCOUNTABILITY |
| 18.10.44.3 (NG) Ensure 'Allow data persistence for Microsoft Defender Application Guard' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 18.10.44.3 (NG) Ensure 'Allow data persistence for Microsoft Defender Application Guard' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT |
| 90.2 (L1) Ensure 'Require UEFI Memory Attributes Table' is set to 'Require UEFI Memory Attributes Table' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Access this computer from the network | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| Allow Basic authentication - Client - AllowBasic | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| Allow drag and drop or copy and paste files - Internet Zone | MSCT Windows Server 2016 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow META REFRESH | MSCT Windows Server 2016 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow only approved domains to use the TDC ActiveX control - Internet Zone | MSCT Windows Server 2016 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow updates to status bar via script - Internet Zone | MSCT Windows Server 2016 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Audit Authentication Policy Change | MSCT Windows Server 2016 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Group Membership | MSCT Windows Server 2016 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Other Account Management Events | MSCT Windows Server 2016 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit PNP Activity | MSCT Windows Server 2016 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Security State Change | MSCT Windows Server 2016 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Backup files and directories | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| BIND-9X-001052 - The BIND 9.x server implementation must limit the number of concurrent session client connections to the number of allowed dynamic update clients. | DISA BIND 9.x STIG v2r3 | Unix | ACCESS CONTROL |
| Choose drive encryption method and cipher strength | MSCT Windows 10 v1507 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Configure local setting override for reporting to Microsoft MAPS | MSCT Windows Server 2016 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Deny log on locally | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| Deny log on through Remote Desktop Services | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| DG0012-ORACLE11 - Database software directories including DBMS configuration files are stored in dedicated directories separate from the host OS and other applications - 'No unauthorized directories exist in $ORACLE_BASE' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| Disallow Digest authentication | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| Disallow WinRM from storing RunAs credentials | MSCT Windows Server 2016 DC v1.0.0 | Windows | ACCESS CONTROL |
| O112-C2-014600 - The DBMS must support organizational requirements to enforce password encryption for storage. | DISA STIG Oracle 11.2g v2r5 Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-232225 - RHEL 9 audit tools must be group-owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-232255 - All RHEL 9 local files and directories must have a valid owner. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
