| 1.2.18 Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate | CIS Kubernetes v1.11.1 L1 Master Node | Unix | AUDIT AND ACCOUNTABILITY |
| 1.2.20 Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate | CIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master | Unix | AUDIT AND ACCOUNTABILITY |
| 1.13 Audit Docker files and directories - /etc/docker/daemon.json | CIS Docker 1.11.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.7 Secure permissions for all diagnostic logs | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | |
| 3.1.7 Secure permissions for all diagnostic logs | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | |
| 3.1.7 Secure permissions for all diagnostic logs | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | |
| 3.1.7 Secure permissions for all diagnostic logs | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | |
| 3.1.12 Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate | CIS Kubernetes 1.8 Benchmark v1.2.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.19 Secure permissions for the tertiary archive log location - FAILARCHPATH OS Permission | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | |
| 3.1.19 Secure permissions for the tertiary archive log location - FAILARCHPATH OS Permissions | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | |
| 3.1.19 Secure permissions for the tertiary archive log location - FAILARCHPATH OS Permissions | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | |
| 3.1.19 Secure permissions for the tertiary archive log location - FAILARCHPATH Setting | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | AUDIT AND ACCOUNTABILITY |
| 3.1.19 Secure permissions for the tertiary archive log location - FAILARCHPATH Setting | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.19 Secure permissions for the tertiary archive log location - FAILARCHPATH Setting | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.20 Secure permissions for the log mirror location - MIRROLOGPATH OS Permission | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | |
| 3.1.20 Secure permissions for the log mirror location - MIRRORLOGPATH OS Permissions | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 3.1.20 Secure permissions for the log mirror location - MIRRORLOGPATH Setting | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | AUDIT AND ACCOUNTABILITY |
| 3.8 Ensure the Lock File Is Secured - 'LockFile permissions' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | ACCESS CONTROL |
| 4.3 Review Users, Groups, and Roles - Groups list | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | ACCESS CONTROL |
| 4.3 Review Users, Groups, and Roles - Groups list | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL |
| 4.3 Review Users, Groups, and Roles - Groups list | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | ACCESS CONTROL |
| 4.3 Review Users, Groups, and Roles - Groups list | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | ACCESS CONTROL |
| 4.3 Review Users, Groups, and Roles - Users list | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL |
| 4.3 Review Users, Groups, and Roles - Users list | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | ACCESS CONTROL |
| 4.3 Review Users, Groups, and Roles - Users list | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | ACCESS CONTROL |
| 5.3.22 Ensure SSH MaxStartups is configured | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.24 Ensure SSH MaxStartups is configured | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.11 (L1) Ensure 'LxssManager (LxssManager)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | CONFIGURATION MANAGEMENT |
| 5.11 (L1) Ensure 'LxssManager (LxssManager)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.11 (L1) Ensure 'LxssManager (LxssManager)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | CONFIGURATION MANAGEMENT |
| 5.11 (L1) Ensure 'LxssManager (LxssManager)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL NG | Windows | CONFIGURATION MANAGEMENT |
| 18.10.16.1 Ensure 'Download Mode' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 23.1 (L1) Ensure 'DO Download Mode' is NOT set to 'HTTP blended with Internet Peering' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| APPL-14-000051 The macOS system must configure SSHD ClientAliveInterval to 900. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-14-000052 The macOS system must configure SSHD ClientAliveCountMax to 1. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-14-000053 The macOS system must set Login Grace Time to 30. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-14-001100 The macOS system must disable root logon for SSH. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| APPL-15-000051 - The macOS system must configure SSHD ClientAliveInterval to 900. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-000052 - The macOS system must configure SSHD ClientAliveCountMax to 1. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-000053 - The macOS system must set login grace time to 30. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-001100 - The macOS system must disable root login for SSH. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| ARST-RT-000070 - The Arista Multicast Source Discovery Protocol (MSDP) router must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | ACCESS CONTROL |
| ARST-RT-000070 - The Arista Multicast Source Discovery Protocol (MSDP) router must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| JUEX-L2-000150 - The Juniper EX switch must be configured to enable Storm Control on all host-facing access interfaces. | DISA Juniper EX Series Layer 2 Switch v2r3 | Juniper | CONFIGURATION MANAGEMENT |
| RHEL-07-010030 - The Red Hat Enterprise Linux operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting local or remote access to the system via a graphical user logon. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-010140 - The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed or new passwords are assigned, the new password must contain at least one numeric character. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010150 - The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed or new passwords are established, the new password must contain at least one special character. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-020680 - The Red Hat Enterprise Linux operating system must be configured so that all files and directories contained in local interactive user home directories have a mode of 0750 or less permissive. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-020700 - The Red Hat Enterprise Linux operating system must be configured so that all local initialization files for local interactive users are be group-owned by the users primary group or root. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-020720 - The Red Hat Enterprise Linux operating system must be configured so that all local interactive user initialization files executable search paths contain only paths that resolve to the users home directory. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
