| 4.3.2 Ensure DNS Filter logs all DNS queries and responses | CIS Fortigate 7.0.x v1.3.0 L1 | FortiGate | AUDIT AND ACCOUNTABILITY |
| GEN005507 - The SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN005507 - The SSH daemon must be configured to only use Message Authentication Codes (MACs) employing FIPS 140-2 approved cryptographic hash algorithms. | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| PPS9-00-007500 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | ACCESS CONTROL |
| PPS9-00-007700 - The EDB Postgres Advanced Server must utilize centralized management of the content captured in audit records generated by all components of the EDB Postgres Advanced Server. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-007800 - The EDB Postgres Advanced Server must provide centralized configuration of the content to be captured in audit records generated by all components of the EDB Postgres Advanced Server. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-008800 - The EDB Postgres Advanced Server must require users to re-authenticate when organization-defined circumstances or situations require re-authentication. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION |
| PPS9-00-009900 - Security-relevant software updates to the EDB Postgres Advanced Server must be installed within the time period directed by an authoritative source (e.g., IAVM, CTOs, DTMs, and STIGs). | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| PPS9-00-010300 - Audit records must be generated when unsuccessful attempts to access categorized information (e.g., classification levels/security levels) occur. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-010400 - The EDB Postgres Advanced Server must generate audit records when privileges/permissions are added. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-011100 - Audit records must be generated when unsuccessful attempts to create categorized information (e.g., classification levels/security levels) occur. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-011150 - Audit records must be generated when unsuccessful attempts to modify categorized information (e.g., classification levels/security levels) occur. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-011500 - The EDB Postgres Advanced Server must generate audit records when unsuccessful attempts to delete security objects occur. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-011600 - Audit records must be generated when categorized information (e.g., classification levels/security levels) is deleted. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-011800 - The EDB Postgres Advanced Server must generate audit records when successful logons or connections occur. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| PPS9-00-012300 - The EDB Postgres Advanced Server must generate audit records when concurrent logons/connections by the same user from different workstations occur. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| RHEL-09-654205 - Successful/unsuccessful uses of the umount system call in RHEL 9 must generate an audit record. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| RHEL-09-654210 - Successful/unsuccessful uses of the umount2 system call in RHEL 9 must generate an audit record. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030010 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| SLES-15-030040 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| SLES-15-030130 - The SUSE operating system must generate audit records for all uses of the crontab command. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030470 - The SUSE operating system must generate audit records for all modifications to the tallylog file must generate an audit record. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SLES-15-030480 - The SUSE operating system must generate audit records for all modifications to the lastlog file. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception). | DISA STIG Solaris 11 X86 v3r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| UBTU-16-020400 - Successful/unsuccessful uses of the ssh-agent command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020460 - The audit system must be configured to audit any usage of the setxattr system call - user b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020540 - Successful/unsuccessful uses of the fchownat command must generate an audit record - b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020550 - Successful/unsuccessful uses of the lchown command must generate an audit record - b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020570 - Successful/unsuccessful uses of the fchmod command must generate an audit record - b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020570 - Successful/unsuccessful uses of the fchmod command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020610 - Successful/unsuccessful uses of the ftruncate command must generate an audit record - EACCES b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020620 - Successful/unsuccessful uses of the creat command must generate an audit record - EPERM b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020630 - Successful/unsuccessful uses of the openat command must generate an audit record - EPERM b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020640 - Successful/unsuccessful uses of the open_by_handle_at command must generate an audit record - EACCES b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020640 - Successful/unsuccessful uses of the open_by_handle_at command must generate an audit record - EPERM b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020650 - Successful/unsuccessful uses of the sudo command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020670 - Successful/unsuccessful uses of the chsh command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020760 - Successful/unsuccessful uses of the passwd command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020780 - Successful/unsuccessful uses of the gpasswd command must generate an audit record. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020830 - Successful/unsuccessful uses of the init_module command must generate an audit record - b32 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-16-020840 - Successful/unsuccessful uses of the finit_module command must generate an audit record - b64 | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| UBTU-24-200300 - Ubuntu 24.04 LTS must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| VCPG-67-000008 - All VCDB tables must be owned by the 'vc' user account - vc user account. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCPG-67-000020 - VMware Postgres must have log collection enabled. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCPG-67-000023 - VMware Postgres must use Coordinated Universal Time (UTC) for log timestamps. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCPG-70-000002 - VMware Postgres log files must contain required fields. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCPG-70-000006 - All vCenter database (VCDB) tables must be owned by the 'vc' user account. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCPG-70-000009 - VMware Postgres must require authentication on all connections. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCPG-70-000018 - VMware Postgres must be configured to log to 'stderr'. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCPG-70-000020 - VMware Postgres must use Coordinated Universal Time (UTC) for log timestamps. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
