| 1.7.2 Ensure local login warning banner is configured properly | CIS Debian 10 Server L1 v2.0.0 | Unix | ACCESS CONTROL |
| 1.7.3 Ensure remote login warning banner is configured properly | CIS Debian 10 Server L1 v2.0.0 | Unix | ACCESS CONTROL |
| 1.8.18 Ensure graphical user interface automounter is disabled - automount=false | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 1.8.18 Ensure graphical user interface automounter is disabled - autorun-never | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| 2.2.2 Ensure 'AUDIT_TRAIL' Is Set to 'DB', 'XML', 'OS', 'DB,EXTENDED', or 'XML,EXTENDED' | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 2.2.2 Ensure 'AUDIT_TRAIL' Is Set to 'DB', 'XML', 'OS', 'DB,EXTENDED', or 'XML,EXTENDED' | CIS Oracle Server 18c DB Traditional Auditing v1.1.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 2.2.2 Ensure 'AUDIT_TRAIL' Is Set to 'DB', 'XML', 'OS', 'DB,EXTENDED', or 'XML,EXTENDED' | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 2.7 Ensure 'password_lifetime' is Less Than or Equal to '365' | CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 Database | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 2.7 Ensure 'password_lifetime' is Less Than or Equal to '365' | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L1 Database | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| 5.9 Ensure DML/DDL Grants are Limited to Specific Databases and Users | CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 Database | MySQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.10 Securely Define Stored Procedures and Functions DEFINER and INVOKER | CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 Database | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 5.10 Securely Define Stored Procedures and Functions DEFINER and INVOKER | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L1 Database | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 6.5 Ensure Audit Filters Capture Connection Attempts | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L1 Database | MySQLDB | AUDIT AND ACCOUNTABILITY |
| 7.4 Set 'default_password_lifetime' to Require a Yearly Password Change | CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 Database | MySQLDB | ACCESS CONTROL |
| 7.5 Ensure Password Complexity Policies are in Place | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L1 Database | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-004750 - AlmaLinux OS 9 must automatically expire temporary accounts within 72 hours. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| ALMA-09-007280 - AlmaLinux OS 9 must audit uses of the "execve" system call. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL |
| ALMA-09-009700 - AlmaLinux OS 9 must ensure cryptographic verification of vendor software packages. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-016080 - AlmaLinux OS 9 /etc/passwd- file must be owned by root. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-017070 - AlmaLinux OS 9 /etc/shadow file must be owned by root. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-021140 - AlmaLinux OS 9 SSH daemon must not allow known hosts authentication. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-021910 - AlmaLinux OS 9 effective dconf policy must match the policy keyfiles. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-023780 - AlmaLinux OS 9 must prevent special devices on nonroot local partitions. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-025430 - AlmaLinux OS 9 must use a separate file system for /var. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-026640 - AlmaLinux OS 9 must mount /dev/shm with the noexec option. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-026750 - AlmaLinux OS 9 must mount /dev/shm with the nosuid option. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-028180 - AlmaLinux OS 9 must mount /var/tmp with the nosuid option. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-030600 - AlmaLinux OS 9 must not have the nfs-utils package installed. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-035440 - AlmaLinux OS 9 must block unauthorized peripherals before establishing a connection. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-036320 - AlmaLinux OS 9 must enforce password complexity by requiring that at least one special character be used. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-044350 - AlmaLinux OS 9 /var/log directory must be owned by root. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| ALMA-09-049300 - AlmaLinux OS 9 must audit all uses of the kmod command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-050180 - AlmaLinux OS 9 must generate audit records for any use of the "setfacl" command. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| AOSX-14-001001 - The macOS system must generate audit records for all account creations, modifications, disabling, and termination events; privileged activities or other system-level access; all kernel module load, unload, and restart actions; all program initiations; and organizationally defined events for all non-local maintenance and diagnostic sessions. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| APPL-11-001001 - The macOS system must generate audit records for all account creations, modifications, disabling, and termination events; privileged activities or other system-level access; all kernel module load, unload, and restart actions; all program initiations; and organizationally defined events for all non-local maintenance and diagnostic sessions. | DISA STIG Apple macOS 11 v1r8 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| APPL-13-004022 - The macOS system must require users to reauthenticate for privilege escalation when using the "sudo" command. | DISA STIG Apple macOS 13 v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-14-003050 The macOS system must enforce multifactor authentication for logon. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ESXI-80-000049 - The ESXi host must uniquely identify and must authenticate organizational users by using Active Directory. | DISA VMware vSphere 8.0 ESXi STIG v2r3 | VMware | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| OL08-00-030190 - OL 8 must generate audit records for any use of the "su" command. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL08-00-030602 - OL 8 must allocate an "audit_backlog_limit" of sufficient size to capture processes that start prior to the audit daemon. | DISA Oracle Linux 8 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| PHTN-40-000107 The Photon operating system must audit the execution of privileged functions. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| RHEL-09-255035 - RHEL 9 SSHD must accept public key authentication. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-271035 - RHEL 9 must prevent a user from overriding the disabling of the graphical user interface autorun function. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-654045 - RHEL 9 must audit all uses of the chcon command. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-671010 - RHEL 9 must enable FIPS mode. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| SLES-12-010114 - The SUSE operating system must not be configured to bypass password requirements for privilege escalation. | DISA SLES 12 STIG v3r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-15-030290 - The SUSE operating system must generate audit records for all uses of the chmod, fchmod, and fchmodat system calls. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SRG-OS-000193-ESXI5 - The Image Profile and VIB Acceptance Levels must be verified. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| SRG-OS-99999-ESXI5-000147 - The system must ensure uniqueness of CHAP authentication secrets. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| SRG-OS-99999-ESXI5-000156 - The contents of exposed configuration files must be verified. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
