| 2.1 Ensure that authentication is enabled for MongoDB databases | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.3 Ensure authentication is enabled in the sharded cluster | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3 Ensure authentication is enabled in the sharded cluster | CIS MongoDB 3.4 L1 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3 Ensure authentication is enabled in the sharded cluster | CIS MongoDB 3.6 L2 Windows Audit v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.4 Ensure an industry standard authentication mechanism is used - authenticationMechanisms | CIS MongoDB 3.2 L2 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.4 Ensure an industry standard authentication mechanism is used - authorization | CIS MongoDB 3.2 L2 Windows Audit v1.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.2 Ensure that MongoDB only listens for network connections on authorized interfaces | CIS MongoDB 3.4 L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 3.2 Ensure that MongoDB only listens for network connections on authorized interfaces | CIS MongoDB 3.6 L1 Windows Audit v1.1.0 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2 Ensure that MongoDB only listens for network connections on authorized interfaces | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 3.3 Ensure that MongoDB is run using a Least Privileges, dedicated service account | CIS MongoDB 3.6 L1 Windows Audit v1.1.0 | Windows | ACCESS CONTROL |
| 3.3 Ensure that MongoDB is run using a non-privileged, dedicated service account | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | |
| 3.3 Ensure that MongoDB is run using a non-privileged, dedicated service account | CIS MongoDB 3.4 L1 Windows Audit v1.0.0 | Windows | |
| 4.2 Ensure Federal Information Processing Standard (FIPS) is enabled | CIS MongoDB 3.6 L2 Windows Audit v1.1.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2 Ensure Federal Information Processing Standard (FIPS) is enabled | CIS MongoDB 3.4 L1 Windows Audit v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1 Ensure that system activity is audited | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 3.6 L1 Windows Audit v1.1.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.1 Ensure that system activity is audited | CIS MongoDB 3.4 L1 Windows Audit v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 6.1 Mongodb Database Running with Least Privileges | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | |
| 6.1 Mongodb Database Running with Least Privileges | CIS MongoDB 3.4 L1 Windows Audit v1.0.0 | Windows | |
| 6.2 Ensure that MongoDB uses a non-default port | CIS MongoDB 3.4 L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.2 Ensure that operating system resource limits are set for MongoDB | CIS MongoDB 3.6 L2 Windows Audit v1.1.0 | Windows | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 6.3 Ensure that operating system resource limits are set for MongoDB | CIS MongoDB 3.2 L2 Windows Audit v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.3 Ensure that server-side scripting is disabled if not needed | CIS MongoDB 3.6 L2 Windows Audit v1.1.0 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 6.4 Ensure that server-side scripting is disabled if not needed | CIS MongoDB 3.4 L2 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 6.4 Ensure that server-side scripting is disabled if not needed | CIS MongoDB 3.2 L2 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 7.1 Ensure authentication file permissions are set correctly | CIS MongoDB 3.6 L1 Windows Audit v1.1.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 7.2 Ensure that database file permissions are set correctly | CIS MongoDB 3.2 L1 Windows Audit v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.2.1 (L1) Ensure 'Audit Application Group Management' is set to 'Success and Failure' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.2.1 Ensure 'Audit Application Group Management' is set to 'Success and Failure' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Account Lockout | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Account Lockout | MSCT Windows Server 2016 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Credential Validation | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Credential Validation | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Credential Validation | MSCT Windows 10 v1507 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Group Membership | MSCT Windows Server 2016 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit PNP Activity | MSCT Windows 10 v1507 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Process Creation | MSCT Windows 10 v1507 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Process Creation | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Removable Storage | MSCT Windows Server 2016 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Security State Change | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Security System Extension | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Security System Extension | MSCT Windows Server 2016 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Special Logon | MSCT Windows Server 2016 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Special Logon | MSCT Windows 10 v1507 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit Special Logon | MSCT Windows Server 2012 R2 DC v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Audit System Integrity | MSCT Windows Server 2016 MS v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| WN10-AU-000045 - The system must be configured to audit Detailed Tracking - PNP Activity successes. | DISA Microsoft Windows 10 STIG v3r6 | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
