| 1.1 Ensure packages are obtained from authorized repositories | CONFIGURATION MANAGEMENT |
| 1.2 Ensure Installation of Binary Packages | CONFIGURATION MANAGEMENT |
| 1.3 Ensure Installation of Community Packages | SYSTEM AND INFORMATION INTEGRITY |
| 1.4 Ensure Service Runlevel Is Registered And Set Correctly | SYSTEM AND SERVICES ACQUISITION |
| 2.1 Ensure the file permissions mask is correct | ACCESS CONTROL |
| 2.2 Ensure the PostgreSQL pg_wheel group membership is correct - /etc/group | ACCESS CONTROL |
| 2.2 Ensure the PostgreSQL pg_wheel group membership is correct - /etc/passwd | ACCESS CONTROL |
| 4.1 Ensure sudo is configured correctly | ACCESS CONTROL |
| 4.2 Ensure excessive administrative privileges are revoked | ACCESS CONTROL |
| 5.1 Ensure login via 'local' UNIX Domain Socket is configured correctly | IDENTIFICATION AND AUTHENTICATION |
| 5.2 Ensure login via 'host' TCP/IP Socket is configured correctly | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - fips_enabled | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - openssl version | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure WAL archiving is configured and functional - archive_command | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.4 Ensure WAL archiving is configured and functional - archive_mode | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.3 Ensure the backup and restore tool, 'pgBackRest', is installed and configured | CONTINGENCY PLANNING |
| CIS_PostgreSQL_9.6_v1.0.0_L1_OS_Linux.audit from CIS Benchmark for PostgreSQL 9.6 | |
