| 1.1 Install the latest fix packs | SYSTEM AND INFORMATION INTEGRITY |
| 1.2 Use IP address rather than hostname | CONFIGURATION MANAGEMENT |
| 1.4 Use non-default account names | ACCESS CONTROL |
| 2.1 Secure the DB2 Runtime Library | |
| 2.2 Secure the database container directory | |
| 2.3 Set umask value for DB2 admin user .profile file | ACCESS CONTROL |
| 3.1.2 Encrypt user data across the network | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.6 Secure permissions for default database file path | AUDIT AND ACCOUNTABILITY |
| 3.1.8 Secure all diagnostic logs | AUDIT AND ACCOUNTABILITY |
| 3.2.4 Secure permissions for the primary archive log location | AUDIT AND ACCOUNTABILITY |
| 3.2.5 Secure permissions for the secondary archive log location | AUDIT AND ACCOUNTABILITY |
| 3.2.6 Secure permissions for the tertiary archive log location | AUDIT AND ACCOUNTABILITY |
| 3.2.7 Secure permissions for the log mirror location | AUDIT AND ACCOUNTABILITY |
| 3.3.1 Establish DAS administrative group | ACCESS CONTROL |
| 7.3 Establish a system maintenance group | ACCESS CONTROL |
| 7.4 Establish a system monitoring group | ACCESS CONTROL |
| 8.1 Restrict access to starting and stopping DB2 instances | ACCESS CONTROL |
| 8.5 Remove default databases | CONFIGURATION MANAGEMENT |
| 8.6 Enable SSL communication with LDAP server | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.7 Secure the permissions of the IBMLDAPSecurity.ini file | |
| 8.8 Secure the permissions of the SSLconfig.ini file | |
| 10.1 Restrict access to the DB2 Control Center | ACCESS CONTROL |
| 10.2 Restrict access to the DB2 Configuration Assistant utility | ACCESS CONTROL |
| 10.3 Restrict access to the DB2 Health Monitor utility | ACCESS CONTROL |
| 10.4 Restrict access to the DB2 Activity Monitor utility | ACCESS CONTROL |
| CIS_IBM_DB2_9_Benchmark_v3.0.1_Level_1_OS_Linux.audit from CIS IBM DB2 9 Benchmark v3.0.1 | |
