| 1.1 Create local-settings.js file - general.config.filename | CIS Mozilla Firefox 38 ESR Linux L1 v1.0.0 | Unix | ACCESS CONTROL |
| 1.1 Create local-settings.js file - general.config.obscure | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.1 Create local-settings.js file - general.config.obscure_value | CIS Mozilla Firefox 38 ESR Linux L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1 Remove extraneous files and directories | CIS Apache Tomcat 11 v1.0.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.6 Ensure separate partition exists for /var | CIS Ubuntu Linux 18.04 LXD Host L2 Workstation v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.7 Ensure separate partition exists for /var/tmp | CIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.7 Ensure separate partition exists for /var/tmp | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.7 Ensure separate partition exists for /var/tmp | CIS Red Hat 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.10 Ensure separate partition exists for /var | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.1.11 Ensure separate partition exists for /var/log | CIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.11 Ensure separate partition exists for /var/log | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.11 Ensure separate partition exists for /var/log | CIS Oracle Linux 6 Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.11 Ensure separate partition exists for /var/log/audit | CIS Debian 8 Workstation L2 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.11 Ensure separate partition exists for /var/tmp | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.12 Ensure separate partition exists for /var/log/audit | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.12 Ensure separate partition exists for /var/log/audit | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.12 Ensure separate partition exists for /var/log/audit | CIS Red Hat 6 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.12 Ensure separate partition exists for /var/log/audit | CIS Debian Family Workstation L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.13 Ensure separate partition exists for /home | CIS Oracle Linux 6 Workstation L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.13 Ensure separate partition exists for /home | CIS Red Hat 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.15 Ensure separate partition exists for /var/log | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.15 Ensure separate partition exists for /var/log | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.1.16 Ensure separate partition exists for /var/log/audit | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.16 Ensure separate partition exists for /var/log/audit | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.16 Ensure separate partition exists for /var/log/audit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.16 Ensure separate partition exists for /var/log/audit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.1.16 Ensure separate partition exists for /var/log/audit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 1.1.17 Ensure separate partition exists for /home | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.17 Ensure separate partition exists for /home | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1 Secure DB2 Runtime Library | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | |
| 6.3 Tracking Protection - privacy.donottrackheader.enabled | CIS Mozilla Firefox 38 ESR Windows L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.3 Tracking Protection - privacy.donottrackheader.value | CIS Mozilla Firefox 38 ESR Linux L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.3 Tracking Protection - privacy.trackingprotection.enabled | CIS Mozilla Firefox 38 ESR Linux L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 18.8.7.1 (L1) Ensure 'Allow remote access to the Plug and Play interface' is set to 'Disabled' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | MEDIA PROTECTION |
| 18.8.7.2 (L1) Ensure 'Allow remote access to the Plug and Play interface' is set to 'Disabled' | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | MEDIA PROTECTION |
| 18.8.7.2 (L1) Ensure 'Allow remote access to the Plug and Play interface' is set to 'Disabled' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | MEDIA PROTECTION |
| Ensure separate partition exists for /home | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure separate partition exists for /var/log | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| Ensure separate partition exists for /var/log/audit | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| FFOX-00-000013 - Firefox must be configured to disable the installation of extensions. | DISA STIG Mozilla Firefox Windows v6r6 | Windows | CONFIGURATION MANAGEMENT |
| OH12-1X-000201 - The OHS htdocs directory must not contain any default files. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000302 - A file integrity tool must be used at least weekly to check for unauthorized file changes, particularly the addition of unauthorized system libraries or binaries, or for unauthorized modification to authorized system libraries or binaries. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000306 - The operating system must detect unauthorized changes to software and information. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000307 - The operating system must ensure unauthorized, security-relevant configuration changes detected are tracked. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000002 - The system must use a separate file system for /var. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000304 - The operating system must employ automated mechanisms to detect the presence of unauthorized software on organizational information systems and notify designated organizational officials in accordance with the organization defined frequency. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000306 - The operating system must detect unauthorized changes to software and information. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-100030 - The systems physical devices must not be assigned to non-global zones. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
| VCWN-65-000022 - The vCenter Server for Windows services must be ran using a service account instead of a built-in Windows account. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | CONFIGURATION MANAGEMENT |
| WG080 W22 - Installation of a compiler on production web server must be prohibited. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | |
