| 2.06 listener.ora - 'Use IP addresses rather than hostnames' | CIS v1.1.0 Oracle 11g OS L2 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.2 Encrypt user data across the network - 'authentication = Data_Encrypt' | CIS IBM DB2 OS L2 v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.4 Disable data links support - 'datalinks = no' | CIS IBM DB2 OS L2 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.11 Authenticate federated users at the instance level - 'fed_noauth = no' | CIS IBM DB2 OS L2 v1.2.0 | Unix | ACCESS CONTROL |
| 3.1.14 Set maximum connection limits - 'max_coordagents <= 100' | CIS IBM DB2 OS L2 v1.2.0 | Unix | ACCESS CONTROL |
| 3.2.2 Auto-restart after abnormal termination - 'autorestart = on' | CIS IBM DB2 OS L2 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.11 Establish retention set size for backups - 'num_db_backups <= 100' | CIS IBM DB2 OS L2 v1.2.0 | Unix | CONTINGENCY PLANNING, SYSTEM AND INFORMATION INTEGRITY |
| 3.3.4 Do not execute expired tasks - 'exec_exp_task = no' | CIS IBM DB2 OS L2 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.18 spfile<sid>.ora - 'audit_sys_operations = TRUE' | CIS v1.1.0 Oracle 11g OS L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.23 sqlnet.ora - 'sqlnet.inbound_connect_timeout = 3' | CIS v1.1.0 Oracle 11g OS L2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.27 sqlnet.ora - 'sqlnet.allowed_logon_version = 11' | CIS v1.1.0 Oracle 11g OS L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.31 init.ora - 'sec_return_server_release_banner = FALSE' | CIS v1.1.0 Oracle 11g OS L2 | Unix | CONFIGURATION MANAGEMENT |
| 5.0.1 Enable Backup Redundancy | CIS IBM DB2 OS L2 v1.2.0 | Unix | |
| 5.01 OAS - 'General - Review requirement for integrity and confidentiality requirements' | CIS v1.1.0 Oracle 11g OS L2 | Unix | |
| 5.12 OAS - 'SSL Tab - SSL is preferred method. If PKI is not possible, use OAS Integrity/Encryption.' | CIS v1.1.0 Oracle 11g OS L2 | Unix | |
| 5.15 OAS - 'SSL Client DN Match - Set tnsnames file to include ssl_server_cert_dn parameter with the DN of the certificate' | CIS v1.1.0 Oracle 11g OS L2 | Unix | CONFIGURATION MANAGEMENT |
| 5.19 Encryption - 'Use RAW or BLOB for the storage of encrypted data' | CIS v1.1.0 Oracle 11g OS L2 | Unix | |
| 5.20 Encryption - 'If keys are stored in a table in the database, access to the keys should be limited under a secure role' | CIS v1.1.0 Oracle 11g OS L2 | Unix | |
| 7.0.1 Establish an administrator group - 'sysadm_group value' | CIS IBM DB2 OS L2 v1.2.0 | Unix | ACCESS CONTROL |
| 12.37 Alerts on high priority incidents - 'Create processes to alert' | CIS v1.1.0 Oracle 11g OS L2 | Unix | |
| 12.42 Decommissioned applications - 'Remove all components' | CIS v1.1.0 Oracle 11g OS L2 | Unix | |
| 12.47 External account access for batch processes - 'Disallow' | CIS v1.1.0 Oracle 11g OS L2 | Unix | |
| 12.52 Multiple listeners - 'Create separate listeners for client and administratorion' | CIS v1.1.0 Oracle 11g OS L2 | Unix | |
| 12.53 Policy Caching - 'Policy caches must be purged' | CIS v1.1.0 Oracle 11g OS L2 | Unix | |
| 12.56 DataGuard Auth - 'Authenticate Data Guard with SSL cerfiticates' | CIS v1.1.0 Oracle 11g OS L2 | Unix | |
| 14.06 Oracle Label Security - 'Where applicable and possible, store labels in the Oracle Internet Directory(OID)' | CIS v1.1.0 Oracle 11g OS L2 | Unix | |
| 14.09 Backups on system disks - 'Verify permissions' | CIS v1.1.0 Oracle 11g OS L2 | Unix | |
| AOSX-14-001044 - The macOS system must generate audit records for DoD-defined events such as successful/unsuccessful logon attempts, successful/unsuccessful direct access attempts, starting and ending time for user access, and concurrent logons to the same account from different sources. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001044 - The macOS system must generate audit records for DoD-defined events such as successful/unsuccessful logon attempts, successful/unsuccessful direct access attempts, starting and ending time for user access, and concurrent logons to the same account from different sources. | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-12-001044 - The macOS system must generate audit records for DoD-defined events such as successful/unsuccessful logon attempts, successful/unsuccessful direct access attempts, starting and ending time for user access, and concurrent logons to the same account from different sources. | DISA STIG Apple macOS 12 v1r9 | Unix | AUDIT AND ACCOUNTABILITY |
| CIS_Apache_HTTP_Server_2.4_v2.2.0_L1.audit from CIS Apache HTTP Server 2.4 Benchmark v2.2.0 | CIS Apache HTTP Server 2.4 v2.2.0 L1 | Unix | |
| CIS_Fedora_28_Family_Linux_Server_L1_v2.0.0.audit from CIS Fedora 28 Family Linux Benchmark v2.0.0 | CIS Fedora 28 Family Linux Server L2 v2.0.0 | Unix | |
| CIS_Google_Kubernetes_Engine_GKE_v1.7.0_L1.audit from CIS Google Kubernetes Engine (GKE) Benchmark v1.7.0 | CIS Google Kubernetes Engine (GKE) v1.7.0 L1 | Unix | |
| CIS_Microsoft_Intune_for_Office_v1.1.0_L1.audit from CIS Microsoft Intune for Office Benchmark v1.1.0 | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | |
| CIS_Microsoft_Windows_10_Enterprise_v4.0.0_L2.audit from CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 | CIS Microsoft Windows 10 Enterprise v4.0.0 L2 | Windows | |
| CIS_Microsoft_Windows_11_Enterprise_v4.0.0_L1.audit from CIS Microsoft Windows 11 Enterprise Benchmark v4.0.0 | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | |
| CIS_Microsoft_Windows_Server_2016_STIG_v3.0.0_L1_MS.audit from CIS Microsoft Windows Server 2016 STIG Benchmark v3.0.0 | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | |
| CIS_Microsoft_Windows_Server_2022_STIG_v2.0.0_L2_Member_Server.audit from CIS Microsoft Windows Server 2022 STIG Benchmark v2.0.0 | CIS Microsoft Windows Server 2022 STIG v2.0.0 L2 Member Server | Windows | |
| CIS_MS_Office_Word_2013_v1.1.0.audit from CIS Microsoft Office Word 2013 Benchmark v1.1.0 | CIS Microsoft Office Word 2013 v1.1.0 | Windows | |
| CIS_Red_Hat_Enterprise_Linux_7_v4.0.0_L2_Workstation.audit from CIS Red Hat Enterprise Linux 7 Benchmark v4.0.0 | CIS Red Hat Enterprise Linux 7 v4.0.0 L2 Workstation | Unix | |
| GEN007980 - If the system is using LDAP for authentication or account information, the system must use a TLS connection using FIPS 140-2 approved cryptographic algorithms - configured | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| OL08-00-030260 - OL 8 must generate audit records for any uses of the "chcon" command. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-08-030290 - Successful/unsuccessful uses of the passwd command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030300 - Successful/unsuccessful uses of the mount command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030311 - Successful/unsuccessful uses of postdrop in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030312 - Successful/unsuccessful uses of postqueue in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030313 - Successful/unsuccessful uses of semanage in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030316 - Successful/unsuccessful uses of setsebool in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030330 - Successful/unsuccessful uses of the setfacl command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030340 - Successful/unsuccessful uses of the pam_timestamp_check command in RHEL 8 must generate an audit record. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
