| 1.1 Ensure packages are obtained from authorized repositories | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.2 Ensure Installation of Binary Packages | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.3 Ensure Installation of Community Packages | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.4 Ensure Service Runlevel Is Registered And Set Correctly | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | SYSTEM AND SERVICES ACQUISITION |
| 1.5 Ensure Data Cluster Initialized Successfully | CIS PostgreSQL 9.6 DB v1.0.0 | PostgreSQLDB | ACCESS CONTROL |
| 2.1 Ensure the file permissions mask is correct | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | ACCESS CONTROL |
| 2.2 Ensure the PostgreSQL pg_wheel group membership is correct - /etc/group | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | ACCESS CONTROL |
| 2.2 Ensure the PostgreSQL pg_wheel group membership is correct - /etc/passwd | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | ACCESS CONTROL |
| 2.2.4 Ensure 'LOCAL_LISTENER' Is Set Appropriately | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | |
| 3.1.3 Ensure the logging collector is enabled | CIS PostgreSQL 9.6 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.3 Ensure the logging collector is enabled | CIS PostgreSQL 10 DB v1.0.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 4.1 Ensure sudo is configured correctly | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | ACCESS CONTROL |
| 4.2 Ensure excessive administrative privileges are revoked | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | ACCESS CONTROL |
| 5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2 Ensure login via 'host' TCP/IP Socket is configured correctly | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - fips_enabled | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl version | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure WAL archiving is configured and functional - archive_command | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure WAL archiving is configured and functional - archive_mode | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1 Ensure PostgreSQL configuration files are outside the data cluster | CIS PostgreSQL 9.6 DB v1.0.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 8.1 Ensure PostgreSQL configuration files are outside the data cluster | CIS PostgreSQL 9.5 DB v1.1.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 8.3 Ensure the backup and restore tool, 'pgBackRest', is installed and configured | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | CONTINGENCY PLANNING |
| ACLs: Filter for RFC 3330 addresses (192.0.2.0/24) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| ACLs: Filter for RFC 3330 addresses (240.0.0.0/4) | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| Authentication: local authentication is available as a last resort | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | IDENTIFICATION AND AUTHENTICATION |
| BGP: Disable Capability Negotiation | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS_PostgreSQL_9.6_v1.0.0_L1_OS_Linux.audit from CIS Benchmark for PostgreSQL 9.6 | CIS PostgreSQL 9.6 OS v1.0.0 | Unix | |
| CPM Filtering: Filter for ICMP - dest-unreachable | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| CPM Filtering: Filter for ICMP - echo request | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| CPM Filtering: Filter for ICMP - echo-reply | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| CPM Filtering: Filter for ICMP - source quench | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| CPM Filtering: Filter for ICMP - time exceeded | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| CPM Filtering: Filter for IGMP | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| CPM Filtering: Filter for IGP | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| CPM Filtering: Filter for L2TP | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| CPM Filtering: Filter for PIM | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| CPM Filtering: Filter for RSVP | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| CPM Filtering: Filter for VRRP | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| FireEye - TNS Best Practices FireEye Audit | TNS FireEye | FireEye | |
| ICMP: Do not return Proxy ARP requests | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
| Logging: capture level is set to at least info | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | AUDIT AND ACCOUNTABILITY |
| Logging: Use an external syslog host | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | AUDIT AND ACCOUNTABILITY |
| Password Complexity: Require a minimum length of 8 characters | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | IDENTIFICATION AND AUTHENTICATION |
| SNMP: Use SNMPv3 only | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | IDENTIFICATION AND AUTHENTICATION |
| Tenable_Best_Practices_Citrix_ADC_v1.0.0.audit from Tenable Best Practices | Tenable Best Practice Citrix ADC v1.0.0 | Citrix_Application_Delivery | |
| Tenable_Best_Practices_Citrix_ADM_v1.0.0.audit from Tenable Best Practices | Tenable Best Practice Citrix ADM v1.0.0 | Citrix_Application_Delivery | |
| TNS_Alcatel_Nokia_TiMOS_Best_Practices.audit from TNS Alcatel/Nokia TiMOS Best Practices | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | |
| TNS_Best_Practice_RedHat_JBoss_v7_Linux.audit from TNS Best Practice JBoss 7 Linux | TNS Best Practice JBoss 7 Linux | Unix | |
| TNS_BestPractice_Citrix_XenServer.audit from TNS Citrix XenServer Best Practices | TNS Citrix XenServer | Unix | |
| TNS_Salesforce_Best_Practices_v1.2.0.audit from TNS Salesforce Best Practices Audit v1.2.0 | TNS Salesforce Best Practices Audit v1.2.0 | Salesforce.com | |
