| 1.2.3 Ensure gpgcheck is globally activated | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.4 Ensure software packages have been digitally signed by a Certificate Authority (CA) | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.3 Ensure Apache Is Installed From the Appropriate Binaries | CIS Apache HTTP Server 2.4 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.3 Ensure Apache Is Installed From the Appropriate Binaries | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 1.3 Ensure Apache Is Installed From the Appropriate Binaries | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 1.3 Ensure Apache Is Installed From the Appropriate Binaries | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.3 Ensure Apache Is Installed From the Appropriate Binaries | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.5.5 Ensure kernel core dumps are disabled. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | CONFIGURATION MANAGEMENT |
| 1.6.1.4 Ensure SELinux policy is configured - config | CIS Amazon Linux 2 STIG v1.0.0 L2 | Unix | ACCESS CONTROL |
| 1.6.1.4 Ensure SELinux policy is configured - sestatus | CIS Amazon Linux 2 STIG v1.0.0 L2 | Unix | ACCESS CONTROL |
| 1.10 Ensure required packages for multifactor authentication are installed - esc | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.10 Ensure required packages for multifactor authentication are installed - pam_pkcs11 | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.11 Ensure host-based intrusion detection tool is used - MFEhiplsm package | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.11 Ensure host-based intrusion detection tool is used - MFEhiplsm process | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.1.2 Ensure the ypserv package has been removed | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 2.2.2.1 Ensure the screen package is installed. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 2.2.3 Ensure X Window System is not installed | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.10 Ensure FTP Server is not enabled | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.27 Ensure ldap_id_use_start_tls is set for LDAP. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.3 Ensure network interfaces are not in promiscuous mode | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.5 Ensure broadcast ICMP requests are ignored - /etc/sysctl.conf /etc/sysctl.d/* | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.5 Ensure broadcast ICMP requests are ignored - sysctl | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.1.2 Ensure system is disabled when audit logs are full - action_mail_acct | CIS Amazon Linux 2 STIG v1.0.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.1.2 Ensure system is disabled when audit logs are full - admin_space_left_action | CIS Amazon Linux 2 STIG v1.0.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.1.2 Ensure system is disabled when audit logs are full - space_left_action | CIS Amazon Linux 2 STIG v1.0.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.22 Ensure auditd service is active | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.32 Ensure no '.shosts' files exist on the system - .shosts files exist on the system | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | CONFIGURATION MANAGEMENT |
| 5.2.33 Ensure no 'shosts.equiv' files exist on the system - shosts.equiv files exist on the system | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | CONFIGURATION MANAGEMENT |
| 5.4.1.6 Ensure encrypted respresentation of passwords is set. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.4.1.7 Ensure account administration utilities are configured to store only encrypted representations of passwords. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.4.1.8 Ensure password expiration is 60 Day maximum for new users | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.9 Ensure password expiration is 60 Day maximum for exisiting passwords | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.1.10 Ensure no world writable files exist | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 6.1.11 Ensure no unowned files or directories exist | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 6.1.12 Ensure no ungrouped files or directories exist | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.25 Ensure users' 'dot' files have '0740' or less set. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 6.2.28 Ensure upon user creation a home directory is assigned. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | CONFIGURATION MANAGEMENT |
| 6.3 Ensure removal of software components after update | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 7.2 Disable System Accounts | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| JBOS-AS-000680 - Production JBoss servers must be supported by the vendor. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Red Hat Enterprise Linux 7 is installed | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | |
| Red Hat Enterprise Linux 9 is installed | CIS Red Hat EL9 Workstation L1 v1.0.0 | Unix | |
| Red Hat Enterprise Linux 9 is installed | CIS Red Hat EL9 Server L1 v1.0.0 | Unix | |
| Red Hat Linux 8 is installed | CIS Fedora 28 Family Linux Workstation L1 v2.0.0 | Unix | |
| Red Hat Linux 8 is installed | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | |
| RHEL-06-000011 - System security patches and updates must be installed and up-to-date. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-06-000275 - The operating system must employ cryptographic mechanisms to protect information in storage. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000276 - The operating system must protect the confidentiality and integrity of data at rest. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-06-000277 - The operating system must employ cryptographic mechanisms to prevent unauthorized disclosure of data at rest unless otherwise protected by alternative physical measures. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-030211 - The Red Hat Enterprise Linux operating system must label all off-loaded audit logs before sending them to the central log server. | DISA Red Hat Enterprise Linux 7 STIG v3r14 | Unix | AUDIT AND ACCOUNTABILITY |
