| 1.1.2 Ensure 'Enable Log on High DP Load' is enabled | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 1.1.2.3 Set 'Audit Policy: Logon-Logoff: IPsec Quick Mode' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.5 Set 'Audit Policy: DS Access: Directory Service Access' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.14 Set 'Audit Policy: Logon-Logoff: Network Policy Server' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.15 Set 'Audit Policy: Detailed Tracking: DPAPI Activity' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.19 Set 'Audit Policy: Object Access: Registry' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.21 Set 'Audit Policy: Policy Change: Filtering Platform Policy Change' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.22 Set 'Audit Policy: Object Access: Central Access Policy Staging' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.24 Set 'Audit Policy: Account Logon: Kerberos Authentication Service' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.29 Set 'Audit Policy: Policy Change: Other Policy Change Events' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.33 Set 'Audit Policy: Object Access: File Share' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.37 Set 'Audit Policy: DS Access: Directory Service Replication' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.38 Set 'Audit Policy: Object Access: Filtering Platform Packet Drop' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.47 Set 'Audit Policy: Logon-Logoff: IPsec Main Mode' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.3.2.4 Configure 'Audit: Audit the access of global system objects' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 3.2 Enable Stack Protection - set noexec_user_stack_log = 1 | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.4 Enable remote logging for Desktops on trusted networks | CIS Apple OSX 10.10 Yosemite L2 v1.2.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_ACCEPT : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable Auditing of Incoming Network Connections - AUE_SOCKACCEPT : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2 Enable stack protection - Check if 'noexec_user_stack_log' is set to 1 in /etc/system (Solaris 2.6 or later) | CIS Solaris 9 v1.3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 Enable Auditing of File Metadata Modification Events - AUE_ACLSET : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 Enable Auditing of File Metadata Modification Events - AUE_ACLSET : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 Enable Auditing of File Metadata Modification Events - AUE_LCHOWN : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 Enable Debug Level Daemon Logging - Check if daemon.debug is set to /var/log/connlog | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_CHROOT : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_PFEXEC : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETEUID : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETGID : cis | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETREGID : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETREUID : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - active non-attributable flags = lo | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - audit_binfile (active) | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - audit_binfile attributes: p_minfree=1; | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - configured user flags = cis,ex,aa,ua,as,ss,lo,ft | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - userattr audit_flags root | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - var/audit/*.not_terminated.* | CIS Solaris 11.1 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.8 Enable System Accounting - Check if contents of /var/spool/cron/crontabs/sys (/usr/lib/sa/sa1)are OK. | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.9 Enable Kernel Level Auditing, Check if 'flags:lo,ad,cc' is set in /etc/security/audit_control. | CIS Solaris 10 L1 v5.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1 Turn on inetd tracing, Check if 'ENABLE_CONNECTION_LOGGING' is set to YES in /etc/default/inetd. | CIS Solaris 9 v1.3 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2 Ensure that audit filters are configured properly | CIS MongoDB L1 Windows Audit v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure that logging captures as much information as possible | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.4 Ensure that new entries are appended to the end of the log file | CIS MongoDB L2 Windows Audit v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 5.8 Enable 'DROP PROFILE' Audit Option | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 5.15 Enable 'GRANT ANY OBJECT PRIVILEGE' Audit Option | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 5.19 Enable 'PROCEDURE' Audit Option | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 8.1.8 Collect Login and Logout Events - /var/log/lastlog | CIS Debian Linux 7 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 17.6.2 Ensure 'Audit File Share' is set to 'Success and Failure' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.3 Ensure 'Audit Authorization Policy Change' is set to include 'Success' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.9.3 Ensure 'Audit Security State Change' is set to include 'Success' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 20.13 Ensure 'Audit records must be backed up to a different system or media than the system being audited' | CIS Microsoft Windows Server 2022 STIG v1.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
