| 2.1 EFS - implementation | CIS IBM AIX 7.1 L2 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2 Ensure system Microcode Discovery Service (MDS) is performed regularly | CIS IBM AIX 7 v1.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.2.2 aixmibd | CIS IBM AIX 7.1 L2 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.3.3 ndpd-router | CIS IBM AIX 7.1 L2 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.4.2 NFS - enable both nosuid and nodev options on NFS client mounts - nodev | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.1.5.3 comsat | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.5.4 daytime | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.5.7 exec | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.5.12 klogin | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.5.13 kshell | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.5.18 pop3 | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.5.20 rquotad | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.5.22 rusersd | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.5.25 sprayd | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.5.29 tftp | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.5 CDE - sgid/suid binary lockdown - /usr/dt/bin/dtaction | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2.7 CDE - screensaver lock - dtsession*saverTimeout | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | ACCESS CONTROL |
| 3.2.8 CDE - login screen hostname masking - dtlogin.greeting.labelString | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | ACCESS CONTROL |
| 3.2.10 CDE - /etc/dt/config/Xservers permissions and ownership - permissions and ownership | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.3.2 clean_partial_conns | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.3.8 ipsrcrouteforward | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3.10 ipsrcroutesend | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3.16 tcp_tcpsecure | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3.17 udp_pmtu_discover | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.4.3 loginretries | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | ACCESS CONTROL |
| 3.4.4 herald (logon message) - logon message | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | ACCESS CONTROL |
| 3.6.1.1 OpenSSH - Installation | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 3.6.1.3 OpenSSH - Banner - banner path | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | ACCESS CONTROL |
| 3.6.1.5 Ensure SSH PermitEmptyPasswords is disabled | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 3.6.1.9 Configuring SSH - set LogLevel to INFO or VERBOSE | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.6.1.10 OpenSSH - configure sftp-server | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.7.1.2 Home directory must deny write to all except owner | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.7.1.7 /var/adm/sa | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.7.1.8 /var/spool/cron/crontabs | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.7.2.7 /etc/passwd | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.7.2.9 /etc/ssh/sshd_config | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.8.1 TE - implementation - CHKEXEC | CIS IBM AIX 7.1 L2 v2.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.8.1 TE - implementation - CHKSCRIPT | CIS IBM AIX 7.1 L2 v2.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.8.1 TE - implementation - STOP_ON_CHKFAIL | CIS IBM AIX 7.1 L2 v2.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.8.1 TE - implementation - TE | CIS IBM AIX 7.1 L2 v2.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.8.1 TE - implementation - TEP | CIS IBM AIX 7.1 L2 v2.1.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.10 Disable core dumps - lssec | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | ACCESS CONTROL |
| 3.12 Remove current working directory from root's PATH | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.3.3.3 Ensure ndpd-router is not in use | CIS IBM AIX 7 v1.1.0 L1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 5.1.1 Privilege escalation: enhanced RBAC | CIS IBM AIX 7.1 L2 v2.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| CIS AIX 5.3 and 6.1 v1.1.0 Level 1 | CIS AIX 5.3/6.1 L1 v1.1.0 | Unix | |
| CIS AIX 5.3 and 6.1 v1.1.0 Level 2 | CIS AIX 5.3/6.1 L2 v1.1.0 | Unix | |
| CIS Docker Community Edition v1.1.0 L1 Docker | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | |
| CIS_IBM_AIX_7_v1.1.0_L1.audit from CIS IBM AIX 7 Benchmark v1.1.0 | CIS IBM AIX 7 v1.1.0 L1 | Unix | |
| CIS_IBM_AIX_7_v1.1.0_L2.audit from CIS IBM AIX 7 Benchmark v1.1.0 | CIS IBM AIX 7 v1.1.0 L2 | Unix | |
