| 1.1.28 Ensure that the --tls-cert-file and --tls-private-key-file arguments are set as appropriate - cert | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.29 Ensure that the --client-ca-file argument is set as appropriate | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.1.31 Ensure that the --etcd-cafile argument is set as appropriate | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.3.5 Ensure that the --root-ca-file argument is set as appropriate | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.5.1 Ensure that the --cert-file and --key-file arguments are set as appropriate - cert | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.5.1 Ensure that the --cert-file and --key-file arguments are set as appropriate - key | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.5.4 Ensure that the --peer-cert-file and --peer-key-file arguments are set as appropriate - key | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.3 Ensure that the --client-ca-file argument is set as appropriate | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.4 Ensure 'SECURE_REGISTER_' Is Set to 'TCPS' or 'IPC' | CIS Oracle Server 12c Windows v3.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.10 Ensure that the --tls-cert-file and --tls-private-key-file arguments are set as appropriate - cert | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.10 Ensure that the --tls-cert-file and --tls-private-key-file arguments are set as appropriate - key | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1.13 Ensure that the RotateKubeletServerCertificate argument is set to true | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Use Unique Keys for Each Pair of Hosts - unique keys | CIS BIND DNS v1.0.0 L1 Caching Only Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Use Unique Keys for Each Pair of Hosts - unique keys | CIS BIND DNS v1.0.0 L1 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Use Unique Keys for Each Pair of Hosts - unique secret | CIS BIND DNS v1.0.0 L1 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.5 Protect TSIG Key Files During Deployment | CIS BIND DNS v1.0.0 L1 Caching Only Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2 Ensure login via 'host' TCP/IP Socket is configured correctly | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2 Ensure login via "host" TCP/IP Socket is configured correctly | CIS PostgreSQL 11 OS v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - fips_enabled | CIS PostgreSQL 13 OS v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.8 Ensure SSL is enabled and configured correctly | CIS PostgreSQL 11 DB v1.0.0 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.8 Ensure SSL is enabled and configured correctly | CIS PostgreSQL 9.5 DB v1.1.0 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databases | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure 'Symmetric Key encryption algorithm' is set to 'AES_128' or higher in non-system databases | CIS SQL Server 2012 Database L1 AWS RDS v1.6.0 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure mod_ssl and/or mod_nss Is Installed | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure SSL Certificates are Configured For Replication - ssl cert file | CIS PostgreSQL 9.5 DB v1.1.0 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure a Valid Trusted Certificate Is Installed | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure a Valid Trusted Certificate Is Installed | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databases | CIS SQL Server 2008 R2 DB Engine L1 v1.7.0 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databases - greater than or equal to 2048 in non-system databases | CIS SQL Server 2014 Database L1 DB v1.5.0 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure Asymmetric Key Size is set to 'greater than or equal to 2048' in non-system databases - greater than or equal to 2048 in non-system databases | CIS SQL Server 2014 Database L1 AWS RDS v1.5.0 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure Asymmetric Key Size is set to' greater than or equal to 2048' in non-system databases | CIS SQL Server 2012 Database L1 DB v1.6.0 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure Asymmetric Key Size is set to' greater than or equal to 2048' in non-system databases | CIS SQL Server 2012 Database L1 AWS RDS v1.6.0 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.3 Ensure WAL archiving is configured and functional - archive_mode | CIS PostgreSQL 11 OS v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure streaming replication parameters are configured correctly | CIS PostgreSQL 10 DB v1.0.0 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure WAL archiving is configured and functional- archive_command | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure Weak SSL Protocols Are Disabled - 'SSLv2 or SSLv3' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure Weak SSL Protocols Are Disabled - 'TLSv1' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure Weak SSL Protocols Are Disabled - 'TLSv1' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.5 Ensure streaming replication parameters are configured correctly | CIS PostgreSQL 9.5 DB v1.1.0 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.5 Ensure Weak SSL/TLS Ciphers Are Disabled - 'Global SSLCipherSuite' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.5 Ensure Weak SSL/TLS Ciphers Are Disabled - 'VirtualHost SSLCipherSuite' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.5 Ensure Weak SSL/TLS Ciphers Are Disabled - 'VirtualHost SSLCipherSuite' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.5 Ensure Weak SSL/TLS Ciphers Are Disabled - 'VirtualHost SSLHonorCipherOrder = On' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.5 Ensure Weak SSL/TLS Ciphers Are Disabled - 'VirtualHost SSLHonorCipherOrder = On' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.6 Ensure Insecure SSL Renegotiation Is Not Enabled | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.7 Ensure SSL Compression is Not Enabled | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.8 Ensure Medium Strength SSL/TLS Ciphers Are Disabled | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.9 Ensure All Web Content is Accessed via HTTPS | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.9 Ensure All Web Content is Accessed via HTTPS | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.10 Ensure the TLSv1.0 and TLSv1.1 Protocols are Disabled | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
