| 1.1.3 Ensure 'Enable Log on High DP Load' is enabled | CIS Palo Alto Firewall 10 v1.3.0 L1 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| 3.1.11 Set maximum connection limits - MAX_CONNECTIONS | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.11 Set maximum connection limits - MAX_CONNECTIONS | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.11 Set maximum connection limits - MAX_CONNECTIONS | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL |
| 3.1.11 Set maximum connection limits - MAX_CONNECTIONS | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | ACCESS CONTROL |
| 3.1.11 Set maximum connection limits - MAX_COORDAGENTS | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL |
| 3.1.11 Set maximum connection limits - MAX_COORDAGENTS | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.11 Set maximum connection limits - MAX_COORDAGENTS | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.11 Set maximum connection limits - MAX_COORDAGENTS | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | ACCESS CONTROL |
| 3.1.11 Set maximum connection limits - MAXAPPLS | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.11 Set maximum connection limits - MAXAPPLS | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL |
| 3.1.11 Set maximum connection limits - MAXAPPLS | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.11 Set maximum connection limits - MAXAPPLS | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | ACCESS CONTROL |
| 5.1 Do not disable AppArmor | CIS Docker 1.12.0 v1.0.0 L2 Docker | Unix | ACCESS CONTROL |
| 5.1 Verify AppArmor | CIS Docker 1.11.0 v1.0.0 L2 Docker | Unix | ACCESS CONTROL |
| 5.2.21 Ensure SSH MaxStartups is configured | CIS Debian Family Workstation L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.2.21 Ensure SSH MaxStartups is configured | CIS Debian Family Server L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.4.2 Ensure system accounts are non-login | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.3 Ensure MaxKeepAliveRequests Is Set Properly | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 9.3 Ensure MaxKeepAliveRequests Is Set Properly | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.3 Ensure MaxKeepAliveRequests Is Set Properly | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 10.2 Ensure the LimitRequestFields Directive is Set to 100 or Less but not 0 | CIS Apache HTTP Server 2.4 v2.3.0 L2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| EX13-MB-000325 - The Exchange SMTP automated banner response must not reveal server details. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000630 - The Exchange SMTP automated banner response must not reveal server details. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| OS10-L2S-000170 - The Dell OS10 Switch must have IGMP or MLD Snooping configured on all VLANs | DISA Dell OS10 Switch Layer 2 Switch STIG v1r1 | Dell_OS10 | CONFIGURATION MANAGEMENT |
| OS10-RTR-000140 - The Dell OS10 multicast router must be configured to bind a Protocol Independent Multicast (PIM) neighbor filter to interfaces that have PIM enabled. | DISA Dell OS10 Switch Router STIG v1r1 | Dell_OS10 | ACCESS CONTROL |
| RHEL-07-010020 - The Red Hat Enterprise Linux operating system must be configured so that the cryptographic hash of system files and commands matches vendor values. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-010062 - The Red Hat Enterprise Linux operating system must prevent a user from overriding the screensaver lock-enabled setting for the graphical user interface. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-010081 - The Red Hat Enterprise Linux operating system must prevent a user from overriding the screensaver lock-delay setting for the graphical user interface. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-010082 - The Red Hat Enterprise Linux operating system must prevent a user from overriding the session idle-delay setting for the graphical user interface. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-010100 - The Red Hat Enterprise Linux operating system must initiate a session lock for the screensaver after a period of inactivity for graphical user interfaces. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-010101 - The Red Hat Enterprise Linux operating system must prevent a user from overriding the screensaver idle-activation-enabled setting for the graphical user interface. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-010300 - The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon does not allow authentication using an empty password. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010440 - The Red Hat Enterprise Linux operating system must not allow an unattended or automatic logon to the system via a graphical user interface. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-020028 - The Red Hat Enterprise Linux operating system must be configured to allow sending email notifications of configuration changes and adverse events to designated personnel. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-020101 - The Red Hat Enterprise Linux operating system must be configured so that the Datagram Congestion Control Protocol (DCCP) kernel module is disabled unless required. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-020610 - The Red Hat Enterprise Linux operating system must be configured so that all local interactive user accounts, upon creation, are assigned a home directory. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-020630 - The Red Hat Enterprise Linux operating system must be configured so that all local interactive user home directories have mode 0750 or less permissive. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-020900 - The Red Hat Enterprise Linux operating system must be configured so that all system device files are correctly labeled to prevent unauthorized modification. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-021120 - The Red Hat Enterprise Linux operating system must be configured so that the cron.allow file, if it exists, is group-owned by root. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-030300 - The Red Hat Enterprise Linux operating system must off-load audit records onto a different system or media from the system being audited. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-07-030872 - The Red Hat Enterprise Linux operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| RHEL-07-030873 - The Red Hat Enterprise Linux operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| RHEL-07-040330 - The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon does not allow authentication using RSA rhosts authentication. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-040360 - The Red Hat Enterprise Linux operating system must display the date and time of the last successful account logon upon an SSH logon. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-040380 - The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon does not allow authentication using known hosts authentication. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-040390 - The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon is configured to only use the SSHv2 protocol. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-040420 - The Red Hat Enterprise Linux operating system must be configured so that the SSH private host key files have mode 0640 or less permissive. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-040640 - The Red Hat Enterprise Linux operating system must prevent Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect messages from being accepted. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-040810 - The Red Hat Enterprise Linux operating system access control program must be configured to grant or deny system access to specific hosts and services. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
