| 2.1.1 Ensure 'extproc' Is Not Enabled | CIS Oracle Database 19c v2.0.0 L1 RDBMS On Host OS Windows | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.1 Ensure 'extproc' Is Not Enabled | CIS Oracle Database 19c v2.0.0 L1 RDBMS On Host OS Unix | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS_Amazon_Linux_2023_v1.0.0_L2_Server.audit from CIS Amazon Linux 2023 Benchmark v1.0.0 | CIS Amazon Linux 2023 v1.0.0 L2 Server | Unix | |
| CIS_IBM_DB2_12.1_v1.0.0_Level_1_OS_Linux.audit from CIS IBM DB2 12.1 v1.0.0 Benchmark | CIS IBM DB2 12.1 v1.0.0 Linux OS Level 1 | Unix | |
| CIS_Kubernetes_v1.24_v1.0.0_Level_1_Master.audit from CIS Kubernetes v1.24 Benchmark v1.0.0 | CIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master | Unix | CONFIGURATION MANAGEMENT |
| CIS_Microsoft_SQL_Server_2025_v1.0.0_L1_Database_Engine_Windows.audit from CIS Microsoft SQL Server 2025 v1.0.0 | CIS Microsoft SQL Server 2025 v1.0.0 L1 Database Engine Windows | Windows | |
| CIS_Microsoft_Windows_10_STIG_v1.0.0_CAT_II.audit from CIS Microsoft Windows 10 STIG v1.0.0 | CIS Microsoft Windows 10 STIG v1.0.0 CAT II | Windows | |
| CIS_MongoDB_Benchmark_Level_1_OS_Unix_v1.0.0.audit from CIS MongoDB Benchmark v1.0.0 | CIS MongoDB L1 Unix Audit v1.0.0 | Unix | |
| CIS_Oracle_Linux_8_STIG_v1.0.0_CAT_II.audit from CIS Oracle Linux 8 STIG v1.0.0 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | |
| DTAM154 - McAfee VirusScan On-Demand scan must be configured to scan memory for rootkits. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| FireEye - A scheduled system backup job is configured | TNS FireEye | FireEye | CONTINGENCY PLANNING |
| FireEye - AAA failed logins are tracked | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - AAA is enabled | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| FireEye - AAA lockout settings apply to the 'admin' user | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - AAA lockouts are enabled | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - AAA lockouts delay further attempts for at least 30 seconds | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - AAA lockouts occur after at most 5 failures | TNS FireEye | FireEye | |
| FireEye - AAA user mapping default | TNS FireEye | FireEye | CONFIGURATION MANAGEMENT |
| FireEye - Boot image must be signed | TNS FireEye | FireEye | SYSTEM AND INFORMATION INTEGRITY |
| FireEye - Boot manager password is set | TNS FireEye | FireEye | SYSTEM AND INFORMATION INTEGRITY |
| FireEye - Configuration auditing logs the required number of changes | TNS FireEye | FireEye | CONFIGURATION MANAGEMENT |
| FireEye - Custom SNORT rules are enabled | TNS FireEye | FireEye | SYSTEM AND INFORMATION INTEGRITY |
| FireEye - Email encryption certificates are verified | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| FireEye - FENet security content updates are applied automatically | TNS FireEye | FireEye | |
| FireEye - Greylists are enabled | TNS FireEye | FireEye | CONFIGURATION MANAGEMENT |
| FireEye - Guest images | TNS FireEye | FireEye | CONFIGURATION MANAGEMENT |
| FireEye - IPMI should be connected to a restricted management network | TNS FireEye | FireEye | |
| FireEye - Local logging level is not overridden except by defaults | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - Management interface is only accessible from specific IP ranges | TNS FireEye | FireEye | SYSTEM AND COMMUNICATIONS PROTECTION |
| FireEye - NTP client is synchronized | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - NTP client uses a custom server | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - NTP is enabled | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - Remote syslog is enabled | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - Remote syslog logging level includes all errors and warnings | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - Reports are run on a schedule | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - SNMP trap hosts that use community override use a secure community string | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| FireEye - SNMP uses a secure community string | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| FireEye - SNMP v3 users have passwords | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - SNMP v3 uses AES instead of DES | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - SNMP v3 uses SHA instead of MD5 | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - SSH connections must be SSHv2 | TNS FireEye | FireEye | CONFIGURATION MANAGEMENT |
| FireEye - SSH users are logged out after 15 minutes of inactivity or less | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - Time zone selection | TNS FireEye | FireEye | CONFIGURATION MANAGEMENT |
| FireEye - USB media is not auto-mounted | TNS FireEye | FireEye | MEDIA PROTECTION |
| FireEye - User 'admin' SSH access is disabled | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - User connections are limited by subnet or VLAN | TNS FireEye | FireEye | SYSTEM AND COMMUNICATIONS PROTECTION |
| FireEye - Web interface does not use the system self-signed certificate | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| FireEye - YARA policy applies both customer and FireEye rules | TNS FireEye | FireEye | SECURITY ASSESSMENT AND AUTHORIZATION |
| FireEye - YARA rules are enabled | TNS FireEye | FireEye | SECURITY ASSESSMENT AND AUTHORIZATION |
| NIST_macOS_Monterey_800-53r5_low_v1.0.0.audit from NIST macOS Monterey v1.0.0 | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | |
