| 1.6.1.3 Ensure SELinux policy is configured | CIS Debian 8 Server L2 v2.0.2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 2.008 - Local volumes are not formatted using NTFS. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 4.1.3.41 Ensure the audit configuration is immutable | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1.17 Ensure the audit configuration is immutable | CIS SUSE Linux Enterprise 12 v3.1.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1.18 Ensure the audit configuration is immutable | CIS SUSE Linux Enterprise Workstation 11 L2 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.2 Ensure permissions on /etc/crontab are configured | CIS Debian 8 Server L1 v2.0.2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.4 Ensure permissions on /etc/cron.daily are configured | CIS Debian 8 Server L1 v2.0.2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.6 Ensure permissions on /etc/cron.monthly are configured | CIS Debian 8 Server L1 v2.0.2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.8 Ensure at/cron is restricted to authorized users - at.deny | CIS Debian 8 Server L1 v2.0.2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.5.5 Ensure default user umask is configured - system wide default | CIS Red Hat 6 Server L1 v3.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.5.5 Ensure default user umask is configured - system wide umask | CIS Red Hat 6 Server L1 v3.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.3 Ensure permissions on /etc/shadow are configured | CIS Debian 8 Server L1 v2.0.2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.7 Ensure permissions on /etc/shadow- are configured | CIS Debian 8 Server L1 v2.0.2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.9 Ensure permissions on /etc/gshadow- are configured | CIS Debian 8 Server L1 v2.0.2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.2.10 Ensure users' dot files are not group or world writable | CIS Debian 8 Server L1 v2.0.2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| DTOO200 - Office must be configured to not allow read with browsers. | DISA STIG Microsoft Office System 2013 v1r9 | Windows | ACCESS CONTROL |
| DTOO208 - Office System - Office client polling of Sharepoint servers published links must be disabled. | DISA STIG Office System 2010 v1r13 | Windows | ACCESS CONTROL |
| GEN000290 - The system must not have unnecessary accounts - 'games does not exsit' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN000290 - The system must not have unnecessary accounts - 'gopher does not exsit' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001210 - All system command files must not have extended ACLs - '/usr/lbin/*' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001290 - All manual page files must not have extended ACLs - '/usr/share/man/*' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001310 - All library files must not have extended ACLs - '/usr/lib/*' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001590 - All run control scripts must have no extended ACLs - '/etc/init.d' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001730 - All global initialization files must not have extended ACLs - '/etc/.login' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001730 - All global initialization files must not have extended ACLs - '/etc/profile' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001730 - All global initialization files must not have extended ACLs - '/etc/security/environ' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001810 - Skeleton files must not have extended ACLs - '/etc/security/mkuser.sys' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001890 - Local initialization files must not have extended ACLs - '.login' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN002560 - The system and user default umask must be 077 - '/etc/*' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditpr' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN003090 - Crontab files must not have extended ACLs. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN003110 - Cron and crontab directories must not have extended ACLs - '/etc/crontab' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN003110 - Cron and crontab directories must not have extended ACLs - '/var/spool/cron' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN003190 - The cron log files must not have extended ACLs. | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN003220 - Cron programs must not set the umask to a value less restrictive than 077 - '/etc/cron.daily/*' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN003220 - Cron programs must not set the umask to a value less restrictive than 077 - '/etc/cron.hourly/*' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN003220 - Cron programs must not set the umask to a value less restrictive than 077. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN003410 - The at directory must not have an extended ACL. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN003755 - The xinetd.d directory must not have an extended ACL. | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN004010 - The traceroute file must not have an extended ACL. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN004510 - The SMTP service log file must not have an extended ACL. | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN004820 - Anonymous FTP must not be active on the system unless authorized. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN004950 - The ftpusers file must not have an extended ACL - '/etc/vsftpd/ftpusers' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN005190 - The .Xauthority files must not have extended ACLs. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN005350 - Management Information Base (MIB) files must not have extended ACLs. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN005375 - The snmpd.conf file must not have an extended ACL. | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN006150 - The /etc/samba/smb.conf file must not have an extended ACL. | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN006310 - The /etc/news/nnrp.access file must not have an extended ACL. | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN006330 - The /etc/news/passwd.nntp file must not have an extended ACL. | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN008120 - If the system is using LDAP the /etc/ldap.conf file must not have an extended ACL | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
