| 1.1 Ensure packages are obtained from authorized repositories | CIS PostgreSQL 11 OS v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.3 Ensure Installation of Community Packages | CIS PostgreSQL 11 OS v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.3.2 RedHat bind-chroot Rpm '/var/named/chroot/var/log' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | |
| 2.3.2 RedHat bind-chroot Rpm 'bind-chroot' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | |
| 2.3.2 RedHat bind-chroot Rpm 'bind-libs' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | |
| 2.3.2 RedHat bind-chroot Rpm 'bind-utils' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | |
| 2.3.2 RedHat bind-chroot Rpm 'bind' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | |
| 2.3.2 RedHat bind-chroot Rpm 'ROOTDIR' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.2 RedHat bind-chroot Rpm 'syslog' | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | |
| 2.19 Set 'Require client MAPI encryption' to 'True' | CIS Microsoft Exchange Server 2013 CAS v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.19 Set 'Require client MAPI encryption' to 'True' | CIS Microsoft Exchange Server 2016 CAS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.1.1 Create baseline of executables that elevate to a different GUID (Not scored) | CIS IBM AIX 7.2 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 7 - File system permissions of log files | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| Adtran : Disable WEP security mode | TNS Adtran AOS Best Practice Audit | Adtran | ACCESS CONTROL |
| Adtran : Enable security mode on virtual access point (VAP) | TNS Adtran AOS Best Practice Audit | Adtran | ACCESS CONTROL |
| AMLS-L2-000140 - The Arista Multilayer Switch must re-authenticate all endpoint devices every 60 minutes or less - dot1x reauthentication | DISA STIG Arista MLS DCS-7000 Series L2S v1r2 | Arista | IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000120 - JBoss must be configured to produce log records that establish which hosted application triggered the events. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000125 - JBoss must be configured to record the IP address and port information used by management interface network traffic. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000135 - JBoss ROOT logger must be configured to utilize the appropriate logging level. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000170 - File permissions must be configured to protect log information from unauthorized modification. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000175 - File permissions must be configured to protect log information from unauthorized deletion. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000210 - mgmt-users.properties file permissions must be set to allow access to authorized users only. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| JBOS-AS-000225 - Google Analytics must be disabled in EAP Console. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| JBOS-AS-000260 - The JBoss Server must be configured to utilize a centralized authentication mechanism such as AD or LDAP. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000290 - JBoss management Interfaces must be integrated with a centralized authentication mechanism that is configured to manage accounts according to DoD policy. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000300 - JBoss KeyStore and Truststore passwords must not be stored in clear text. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000310 - JBoss must utilize encryption when using LDAP for authentication. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000320 - The JBoss server must be configured to restrict access to the web servers private key to authenticated system administrators - directory | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000320 - The JBoss server must be configured to restrict access to the web servers private key to authenticated system administrators - keystore file | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000425 - Access to JBoss log files must be restricted to authorized users. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| JBOS-AS-000470 - Network access to HTTP management must be disabled on domain-enabled application servers not designated as the domain controller. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | ACCESS CONTROL |
| JBOS-AS-000480 - The JBoss server must be configured to log all admin activity. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | ACCESS CONTROL |
| JBOS-AS-000505 - The JBoss server must be configured to utilize syslog logging. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000545 - Production JBoss servers must not allow automatic application deployment. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| JBOS-AS-000625 - JBoss must be configured to use DoD PKI-established certificate authorities for verification of the establishment of protected sessions. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JBOS-AS-000680 - Production JBoss servers must be supported by the vendor. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| JBOS-AS-000685 - The JRE installed on the JBoss server must be kept up to date. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| JBOS-AS-000690 - JBoss must be configured to generate log records when successful/unsuccessful attempts to modify privileges occur. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000705 - JBoss must be configured to generate log records for privileged activities. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000715 - JBoss must be configured to generate log records when concurrent logons from different workstations occur to the application server management interface. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000720 - JBoss must be configured to generate log records for all account creations, modifications, disabling, and termination events. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000730 - The JBoss server must be configured to use DoD- or CNSS-approved PKI Class 3 or Class 4 certificates. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JBOS-AS-000735 - JBoss servers must be configured to roll over and transfer logs on a minimum weekly basis. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| JBoss is installed | TNS Best Practice JBoss 7 Linux | Unix | |
| TNS_Best_Practice_RedHat_JBoss_v7_Linux.audit from TNS Best Practice JBoss 7 Linux | TNS Best Practice JBoss 7 Linux | Unix | |
| VMWare vCenter and vSphere 5.x Hardening Guide | VMWare vSphere 5.X Hardening Guide | VMware | |
| WN12-00-000220 - Windows PowerShell 2.0 must not be installed on Windows 2012/2012 R2. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000220 - Windows PowerShell 2.0 must not be installed on Windows 2012/2012 R2. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN19-00-000410 - Windows Server 2019 must not have Windows PowerShell 2.0 installed. | DISA Windows Server 2019 STIG v2r8 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000410 - Windows Server 2022 must not have Windows PowerShell 2.0 installed. | DISA Windows Server 2022 STIG v1r4 | Windows | CONFIGURATION MANAGEMENT |
