| 1.5.1.4 Ensure permissions on /etc/motd are configured | CIS Google Container-Optimized OS v1.2.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 2.0 Install & Config - 'Disable SNMPv3' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable SSHv1' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable SSLv2' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.0 Install & Config - 'Disable Telnet' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Enable SSHv2' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 7 v1.1.0 L1 MongoDB | Unix | IDENTIFICATION AND AUTHENTICATION |
| 2.2 Ensure that MongoDB does not bypass authentication via the localhost exception | CIS MongoDB 6 v1.2.0 L1 MongoDB | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.2.2 Ensure rsh client is not installed | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.2.2 Ensure rsh client is not installed | CIS Debian Linux 12 v1.1.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.2 Ensure rsh client is not installed | CIS Debian Linux 12 v1.1.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.3.2 Ensure rsh client is not installed | CIS SUSE Linux Enterprise 12 v3.2.1 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.3.2 Ensure rsh client is not installed | CIS Debian 10 Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.4 Password Security - 'security.passwd.lockout.numtries = 6' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.5 Autologout - 'autologout.console.timeout <= 5' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.8 Protocol Access Controls - 'interface.blocked.cifs is not blank' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8 Protocol Access Controls - 'interface.blocked.ftpd has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8 Protocol Access Controls - 'interface.blocked.ndmp has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8 Protocol Access Controls - 'telnet.access has been configured' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 3.1 Storage System (Hardware) Management - 'Change the root account password after each use' | TNS NetApp Data ONTAP 7G | NetApp | |
| 3.1 Storage System (Hardware) Management - 'FW version >= 4.0' | TNS NetApp Data ONTAP 7G | NetApp | |
| 3.2 Data ONTAP (Software) Mgmt - 'httpd.admin.hostsequiv.enable = off' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2 Data ONTAP (Software) Mgmt - 'Place e0M on a management VLAN' | TNS NetApp Data ONTAP 7G | NetApp | |
| 3.2 Data ONTAP (Software) Mgmt - 'ssh2.banner.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 3.3 Role-Based Access Control (RBAC) - 'RBAC has been implemented' | TNS NetApp Data ONTAP 7G | NetApp | |
| 5.4 CIFS - 'CIFS protocol is disabled' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 5.4 CIFS - 'cifs.audit.autosave.file.extension has been configured' | TNS NetApp Data ONTAP 7G | NetApp | AUDIT AND ACCOUNTABILITY |
| 5.4 CIFS - 'cifs.audit.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | AUDIT AND ACCOUNTABILITY |
| 5.4 CIFS - 'cifs.audit.logon_events.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | AUDIT AND ACCOUNTABILITY |
| 5.4 CIFS - 'cifs.smb2.client.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND INFORMATION INTEGRITY |
| 5.4 CIFS - 'ldap.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | IDENTIFICATION AND AUTHENTICATION |
| 5.4 CIFS - 'timed.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | AUDIT AND ACCOUNTABILITY |
| 5.5 NFS - 'nfs.kerberos.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.5 NFS - 'nfs.kerberos.realm has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.5 NFS - 'nfs.v3.enable = off' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 5.5 NFS - 'nfs.v4.acl.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 5.5 NFS - 'nfs.v4.enable = off' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 5.5 NFS - 'wafl.default_nt_user has been configured' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 5.5 NFS - 'wafl.wcc_minutes_valid has been configured' | TNS NetApp Data ONTAP 7G | NetApp | IDENTIFICATION AND AUTHENTICATION |
| 18.9.31.1 (L2) Ensure 'Allow Clipboard synchronization across devices' is set to 'Disabled' | CIS Microsoft Windows Server 2025 v1.0.0 L2 DC | Windows | CONFIGURATION MANAGEMENT |
| 18.9.31.1 (L2) Ensure 'Allow Clipboard synchronization across devices' is set to 'Disabled' | CIS Microsoft Windows Server 2019 v4.0.0 L2 MS | Windows | CONFIGURATION MANAGEMENT |
| ALMA-09-054250 - AlmaLinux OS 9 must take appropriate action when a critical audit processing failure occurs. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-001001 The macOS system must be configured to audit all administrative action events. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| CISC-RT-000510 - The Cisco BGP switch must be configured to reject inbound route advertisements from a customer edge (CE) switch for prefixes that are not allocated to that customer. | DISA STIG Cisco IOS XE Switch RTR v3r1 | Cisco | ACCESS CONTROL |
| DG0041-ORACLE11 - Use of the DBMS installation account should be logged. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| EX16-MB-000550 - The Exchange Receive connector timeout must be limited. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | ACCESS CONTROL |
| EX19-MB-000158 - The Exchange receive connector timeout must be limited. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | ACCESS CONTROL |
| O19C-00-010700 - Use of the Oracle Database installation account must be logged. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O19C-00-013800 - Oracle Database must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users). | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| UBTU-16-020340 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/security/opasswd. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
