| 1.1.18 Disable Mounting of cramfs Filesystems '/etc/modprobe.d/CIS - install cramfs /bin/true' | CONFIGURATION MANAGEMENT |
| 1.1.19 Disable Mounting of freevxfs Filesystems '/etc/modprobe.d/CIS - install freevxfs /bin/true' | CONFIGURATION MANAGEMENT |
| 1.1.20 Disable Mounting of jffs2 Filesystems '/etc/modprobe.d/CIS - install jffs2 /bin/true' | CONFIGURATION MANAGEMENT |
| 1.1.21 Disable Mounting of hfs Filesystems '/etc/modprobe.d/CIS - install hfs /bin/true' | CONFIGURATION MANAGEMENT |
| 1.1.22 Disable Mounting of hfsplus Filesystems '/etc/modprobe.d/CIS - install hfsplus /bin/true' | CONFIGURATION MANAGEMENT |
| 1.1.23 Disable Mounting of squashfs Filesystems '/etc/modprobe.d/CIS - install squashfs /bin/true' | CONFIGURATION MANAGEMENT |
| 1.2.4 Disable the rhnsd Daemon | CONFIGURATION MANAGEMENT |
| 1.2.5 Disable yum-updatesd | CONFIGURATION MANAGEMENT |
| 1.3.1 Install AIDE | CONFIGURATION MANAGEMENT |
| 1.3.2 Implement Periodic Execution of File Integrity '/var/spool/cron/root - 0 5 * * * /usr/sbin/aide --check' | SYSTEM AND INFORMATION INTEGRITY |
| 1.4.1 Enable SELinux in /etc/grub.conf 'enforcing != 0' | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.4.1 Enable SELinux in /etc/grub.conf 'selinux != 0' | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.4.2 Set the SELinux State 'SELINUX=enforcing' | ACCESS CONTROL |
| 1.4.3 Set the SELinux Policy 'SELINUXTYPE=targeted' | ACCESS CONTROL |
| 1.4.4 Remove SETroubleshoot | CONFIGURATION MANAGEMENT |
| 1.4.4 Remove SETroubleshoot 'rpm' | CONFIGURATION MANAGEMENT |
| 1.4.5 Disable MCS Translation Service (mcstrans) | CONFIGURATION MANAGEMENT |
| 1.4.6 Check for Unconfined Daemons | ACCESS CONTROL |
| 2.1.11 Remove xinetd | CONFIGURATION MANAGEMENT |
| 4.2.3 Disable Secure ICMP Redirect Acceptance 'net.ipv4.conf.all.secure_redirects = 0' | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.3 Disable Secure ICMP Redirect Acceptance 'net.ipv4.conf.default.secure_redirects = 0' | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.7 Enable RFC-recommended Source Route Validation 'net.ipv4.conf.all.rp_filter = 1' | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2.7 Enable RFC-recommended Source Route Validation 'net.ipv4.conf.default.rp_filter = 1' | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.1.1/5.3.3 Configure Audit Log Storage Size 'max_log_file = MB' | AUDIT AND ACCOUNTABILITY |
| 5.3.1.2/5.3.4 Disable System on Audit Log Full 'action_mail_acct = email' | AUDIT AND ACCOUNTABILITY |
| 5.3.1.2/5.3.4 Disable System on Audit Log Full 'admin_space_left_action = email' | AUDIT AND ACCOUNTABILITY |
| 5.3.1.2/5.3.4 Disable System on Audit Log Full 'space_left_action = email' | AUDIT AND ACCOUNTABILITY |
| 5.3.1.3/5.3.5 Keep All Auditing Information 'max_log_file_action = keep_logs' | AUDIT AND ACCOUNTABILITY |
| 5.3.2 Enable auditd Service | AUDIT AND ACCOUNTABILITY |
| 5.3.6 Enable Auditing for Processes That Start Prior to auditd 'kernel .* audit = 1' | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| 5.3.7 Record Events That Modify Date and Time Information 'adjtimex' | AUDIT AND ACCOUNTABILITY |
| 5.3.7 Record Events That Modify Date and Time Information 'clock_settime' | AUDIT AND ACCOUNTABILITY |
| 5.3.7 Record Events That Modify Date and Time Information 'time-change' | AUDIT AND ACCOUNTABILITY |
| 5.3.8 Record Events That Modify User/Group Information '/etc/group' | AUDIT AND ACCOUNTABILITY |
| 5.3.8 Record Events That Modify User/Group Information '/etc/gshadow' | AUDIT AND ACCOUNTABILITY |
| 5.3.8 Record Events That Modify User/Group Information '/etc/passwd' | AUDIT AND ACCOUNTABILITY |
| 5.3.8 Record Events That Modify User/Group Information '/etc/security/opasswd' | AUDIT AND ACCOUNTABILITY |
| 5.3.8 Record Events That Modify User/Group Information '/etc/shadow' | AUDIT AND ACCOUNTABILITY |
| 5.3.9 Record Events That Modify the System's Network Environment '/etc/hosts' | AUDIT AND ACCOUNTABILITY |
| 5.3.9 Record Events That Modify the System's Network Environment '/etc/issue.net' | AUDIT AND ACCOUNTABILITY |
| 5.3.9 Record Events That Modify the System's Network Environment '/etc/issue' | AUDIT AND ACCOUNTABILITY |
| 5.3.9 Record Events That Modify the System's Network Environment '/etc/sysconfig/network' | AUDIT AND ACCOUNTABILITY |
| 5.3.9 Record Events That Modify the System's Network Environment 'arch=b32 -S sethostname' | AUDIT AND ACCOUNTABILITY |
| 5.3.10 Record Events That Modify the System's Mandatory Access Controls '/etc/selinux/' | AUDIT AND ACCOUNTABILITY |
| 5.3.11 Collect Login and Logout Events '/var/log/btmp' | AUDIT AND ACCOUNTABILITY |
| 5.3.11 Collect Login and Logout Events '/var/log/faillog' | AUDIT AND ACCOUNTABILITY |
| 5.3.11 Collect Login and Logout Events '/var/log/lastlog' | AUDIT AND ACCOUNTABILITY |
| 5.3.11 Collect Login and Logout Events '/var/log/tallylog' | AUDIT AND ACCOUNTABILITY |
| 5.3.12 Collect Session Initiation Information '/var/log/wtmp' | AUDIT AND ACCOUNTABILITY |
| 5.3.12 Collect Session Initiation Information '/var/run/utmp' | AUDIT AND ACCOUNTABILITY |
