| 3.10 Ensure Windows local groups are not SQL Logins | CIS SQL Server 2016 Database L1 DB v1.4.0 | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.10 Ensure Windows local groups are not SQL Logins | CIS SQL Server 2016 Database L1 AWS RDS v1.4.0 | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.10 Ensure Windows local groups are not SQL Logins | CIS SQL Server 2022 Database L1 DB v1.1.0 | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.10 Ensure Windows local groups are not SQL Logins | CIS SQL Server 2017 Database L1 AWS RDS v1.3.0 | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.10 Ensure Windows local groups are not SQL Logins | CIS SQL Server 2017 Database L1 DB v1.3.0 | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.10 Ensure Windows local groups are not SQL Logins | CIS SQL Server 2022 Database L1 AWS RDS v1.1.0 | MS_SQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1 Ensure Database and Application User Input is Sanitized | CIS SQL Server 2008 R2 DB Engine L1 v1.7.0 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| 6.1.1.4 Ensure only one logging system is in use | CIS Debian Linux 12 v1.1.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.1.4 Ensure only one logging system is in use | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.1.4 Ensure only one logging system is in use | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.1.4 Ensure only one logging system is in use | CIS Debian Linux 12 v1.1.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1.4 Ensure only one logging system is in use | CIS AlmaLinux OS 9 v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1.4 Ensure only one logging system is in use | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1.4 Ensure only one logging system is in use | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1.4 Ensure only one logging system is in use | CIS SUSE Linux Enterprise 15 v2.0.1 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1.4 Ensure only one logging system is in use | CIS AlmaLinux OS 9 v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1.4 Ensure only one logging system is in use | CIS Rocky Linux 9 v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1.4 Ensure only one logging system is in use | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1.4 Ensure only one logging system is in use | CIS Rocky Linux 9 v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1.4 Ensure only one logging system is in use | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.1.4 Ensure only one logging system is in use | CIS SUSE Linux Enterprise 15 v2.0.1 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3 Mask and zone SAN resources appropriately | CIS VMware ESXi 5.5 v1.2.0 Level 1 | VMware | |
| SQL2-00-002400 - SQL Server must enforce access control policies to restrict the Alter any event session permission to only authorized roles. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-002500 - SQL Server must enforce access control policies to restrict the Alter any event notification permission to only authorized roles. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-002600 - SQL Server must enforce access control policies to restrict the Alter any endpoint permission to only authorized roles. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-002800 - SQL Server must enforce access control policies to restrict the Alter any credential permission to only authorized roles. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-003100 - SQL Server must not grant users direct access to the Alter any server role permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-003200 - SQL Server must not grant users direct access to the View server state permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-003400 - SQL Server must enforce access control policies to restrict the Authenticate server permission to only authorized roles. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-003600 - SQL Server must enforce access control policies to restrict the Alter any server role permission to only authorized roles. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-003700 - SQL Server must not grant users direct access to the Create server role permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-003900 - SQL Server must not grant users direct access to the Unsafe assembly permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-004200 - SQL Server must not grant users direct access control to the Shutdown permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-004300 - SQL Server must enforce access control policies to restrict the Alter any linked server permission to only authorized roles. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-004400 - SQL Server must not grant users direct access to the View Any Database permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL2-00-004600 - SQL Server must enforce access control policies to restrict the Alter any availability group permission to only authorized roles. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-004900 - SQL Server must not grant users direct access to the Alter resources permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-005100 - SQL Server must not grant users direct access to the Alter Settings permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-005200 - SQL Server must not grant users direct access to the Alter trace permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-005500 - SQL Server must not grant users direct access to the Alter any linked server permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-005900 - SQL Server must not grant users direct access to the Create any database permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-006200 - SQL Server must not grant users direct access to the Create endpoint permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-006400 - SQL Server must not grant users direct access to the Authenticate server permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-006600 - SQL Server must enforce access control policies to restrict the Alter any server audit permission to only authorized roles. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-007000 - SQL Server must enforce access control policies to restrict the Create server role permission to only authorized roles. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-007400 - SQL Server must not grant users direct access to the Alter any server audit permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-007600 - SQL Server must not grant users direct access to the Alter any event notification permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-007800 - SQL Server must not grant users direct access to the Alter server state permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-008200 - SQL Server must not grant users direct access to the Alter any database permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
| SQL2-00-008300 - SQL Server must not grant users direct access to the Alter any endpoint permission. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | ACCESS CONTROL |
