| 1.1.1.7 Ensure mounting of udf filesystems is disabled - modprobe | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.2 Ensure /tmp is configured | CIS CentOS 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.6 Ensure separate partition exists for /var | CIS CentOS 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.9 Ensure nosuid option set on /var/tmp partition | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.16 Ensure nosuid option set on /dev/shm partition | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.18 Ensure nodev option set on removable media partitions | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.19 Ensure nosuid option set on removable media partitions | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.2 Ensure bootloader password is set | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.4 Ensure interactive boot is not enabled | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.5.3 Ensure address space layout randomization (ASLR) is enabled - sysctl | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is installed | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL |
| 1.7.2 Ensure local login warning banner is configured properly - banner text | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.8.3 Ensure last logged in user display is disabled - disable user list | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.8.3 Ensure last logged in user display is disabled - system-db:gdm | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.8.3 Ensure last logged in user display is disabled - user-db:user | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.3 Ensure discard services are not enabled - discard-dgram | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.3 Ensure discard services are not enabled - discard-stream | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.5 Ensure time services are not enabled - time-stream | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.6 Ensure rsh server is not enabled - rlogin | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.1.9 Ensure rsync service is not enabled | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.1.1 Ensure time synchronization is in use | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.1.2 Ensure chrony is configured - OPTIONS | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.1.3 Ensure ntp is configured - restrict -4 | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.1.3 Ensure ntp is configured - restrict -6 | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.9 Ensure HTTP server is not installed | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.16 Ensure nfs-utils is not installed or the nfs-server service is disabled | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.1.4 Ensure auditing for processes that start prior to auditd is enabled | CIS CentOS 6 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.3 Ensure system is disabled when audit logs are full - 'space_left_action = email' | CIS CentOS 6 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3 Ensure events that modify date and time information are collected - auditctl /etc/localtime | CIS CentOS 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.3 Ensure events that modify date and time information are collected - auditctl clock_settime 32-bit | CIS CentOS 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.3 Ensure events that modify date and time information are collected - rules.d clock_settime 64-bit | CIS CentOS 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/group | CIS CentOS 6 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/gshadow | CIS CentOS 6 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.4 Ensure events that modify user/group information are collected - auditctl /etc/shadow | CIS CentOS 6 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.4 Ensure events that modify user/group information are collected - rules.d /etc/passwd | CIS CentOS 6 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.4 Ensure events that modify user/group information are collected - rules.d /etc/security/opasswd | CIS CentOS 6 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.5 Ensure events that modify the system's network environment are collected - rules.d /etc/hosts | CIS CentOS 6 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 4.1.5 Ensure events that modify the system's network environment are collected - rules.d /etc/issue | CIS CentOS 6 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 4.1.6 Ensure events that modify the system's Mandatory Access Controls are collected - auditctl /etc/selinux/ | CIS CentOS 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.8 Ensure session initiation information is collected - rules.d /var/log/wtmp | CIS CentOS 6 Server L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl chown 64-bit | CIS CentOS 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.9 Ensure discretionary access control permission modification events are collected - auditctl setxattr 32-bit | CIS CentOS 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.9 Ensure discretionary access control permission modification events are collected - rules.d chmod 64-bit | CIS CentOS 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.9 Ensure discretionary access control permission modification events are collected - rules.d setxattr 32-bit | CIS CentOS 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - rules.d EACCES 32-bit | CIS CentOS 6 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure unsuccessful unauthorized file access attempts are collected - rules.d EACCES 64-bit | CIS CentOS 6 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.11 Ensure use of privileged commands is collected | CIS CentOS 6 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.15 Ensure system administrator command executions (sudo) are collected - rules.d 32-bit | CIS CentOS 6 Server L2 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.16 Ensure kernel module loading and unloading is collected - rules.d modules | CIS CentOS 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.7 Ensure SSH X11 forwarding is disabled - sshd_config | CIS CentOS 6 Server L2 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
