| 3.1.11 Set maximum connection limits - MAX_CONNECTIONS | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.11 Set maximum connection limits - MAX_CONNECTIONS | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL |
| 3.1.11 Set maximum connection limits - MAX_CONNECTIONS | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.11 Set maximum connection limits - MAX_CONNECTIONS | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | ACCESS CONTROL |
| 3.1.11 Set maximum connection limits - MAX_COORDAGENTS | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL |
| 3.1.11 Set maximum connection limits - MAX_COORDAGENTS | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | ACCESS CONTROL |
| 3.1.11 Set maximum connection limits - MAX_COORDAGENTS | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.11 Set maximum connection limits - MAX_COORDAGENTS | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.11 Set maximum connection limits - MAXAPPLS | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL |
| 3.1.11 Set maximum connection limits - MAXAPPLS | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.11 Set maximum connection limits - MAXAPPLS | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.11 Set maximum connection limits - MAXAPPLS | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | ACCESS CONTROL |
| 5.1 Verify AppArmor | CIS Docker 1.11.0 v1.0.0 L2 Docker | Unix | ACCESS CONTROL |
| 5.2.21 Ensure SSH MaxStartups is configured | CIS Debian Family Server L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.4.1 Ensure password creation requirements are configured - dcredit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1 Ensure password creation requirements are configured - lcredit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1 Ensure password creation requirements are configured - password-auth retry=3 | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 9.3 Ensure MaxKeepAliveRequests Is Set Properly | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 9.3 Ensure MaxKeepAliveRequests Is Set Properly | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.3 Ensure MaxKeepAliveRequests Is Set Properly | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.3 Ensure MaxKeepAliveRequests is Set to a Value of 100 or Greater | CIS Apache HTTP Server 2.4 v2.2.0 L1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 10.2 Ensure the LimitRequestFields Directive is Set to 100 or Less | CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 10.2 Ensure the LimitRequestFields Directive is Set to 100 or Less | CIS Apache HTTP Server 2.4 v2.2.0 L2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| EX16-ED-000630 - The Exchange SMTP automated banner response must not reveal server details. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000650 - The Exchange SMTP automated banner response must not reveal server details. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN003540 - The system must implement non-executable program stacks - 'kernel.exec-shield' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN003540 - The system must implement non-executable program stacks - 'kernel.randomize_va_space' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000079 - The system must limit the ability of processes to have simultaneous write and execute access to memory. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-010020 - The Red Hat Enterprise Linux operating system must be configured so that the cryptographic hash of system files and commands matches vendor values. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-010062 - The Red Hat Enterprise Linux operating system must prevent a user from overriding the screensaver lock-enabled setting for the graphical user interface. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-010070 - The Red Hat Enterprise Linux operating system must initiate a screensaver after a 15-minute period of inactivity for graphical user interfaces. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-010081 - The Red Hat Enterprise Linux operating system must prevent a user from overriding the screensaver lock-delay setting for the graphical user interface. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-010082 - The Red Hat Enterprise Linux operating system must prevent a user from overriding the session idle-delay setting for the graphical user interface. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-010118 - The Red Hat Enterprise Linux operating system must be configured so that /etc/pam.d/passwd implements /etc/pam.d/system-auth when changing passwords. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010240 - The Red Hat Enterprise Linux operating system must be configured so that passwords are restricted to a 24 hours/1 day minimum lifetime. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010270 - The Red Hat Enterprise Linux operating system must be configured so that passwords are prohibited from reuse for a minimum of five generations. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010300 - The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon does not allow authentication using an empty password. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010440 - The Red Hat Enterprise Linux operating system must not allow an unattended or automatic logon to the system via a graphical user interface. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-020900 - The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-021110 - The Red Hat Enterprise Linux operating system must be configured so that the cron.allow file, if it exists, is owned by root. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-021120 - The Red Hat Enterprise Linux operating system must be configured so that the cron.allow file, if it exists, is group-owned by root. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-021610 - The Red Hat Enterprise Linux operating system must be configured so that the file integrity tool is configured to verify extended attributes. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-030300 - The Red Hat Enterprise Linux operating system must off-load audit records onto a different system or media from the system being audited. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-07-030700 - The Red Hat Enterprise Linux operating system must audit all uses of the sudoers file and all files in the /etc/sudoers.d/ directory. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-07-040000 - The Red Hat Enterprise Linux operating system must limit the number of concurrent sessions to 10 for all accounts and/or account types. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-040330 - The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon does not allow authentication using RSA rhosts authentication. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-040340 - The Red Hat Enterprise Linux operating system must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-07-040360 - The Red Hat Enterprise Linux operating system must display the date and time of the last successful account logon upon an SSH logon. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-040380 - The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon does not allow authentication using known hosts authentication. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-040390 - The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon is configured to only use the SSHv2 protocol. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
