| 1.6.1.2 Ensure the SELinux state is enforcing - sestatus | CIS Debian 8 Workstation L2 v2.0.2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.2.2.3 Ensure syslog-ng default file permissions configured | CIS Debian 8 Workstation L1 v2.0.2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.5 Ensure permissions on /etc/cron.weekly are configured | CIS Debian 8 Workstation L1 v2.0.2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.2.8 Ensure users' home directories permissions are 750 or more restrictive | CIS Debian 8 Workstation L1 v2.0.2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.2.13 Ensure users' .netrc Files are not group or world accessible | CIS Debian 8 Server L1 v2.0.2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 7.2.3 Ensure all groups in /etc/passwd exist in /etc/group | CIS Debian Linux 12 v1.0.1 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 7.2.3 Ensure all groups in /etc/passwd exist in /etc/group | CIS Debian Linux 12 v1.0.1 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 7.2.3 Ensure all groups in /etc/passwd exist in /etc/group | CIS AlmaLinux OS 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 7.2.3 Ensure all groups in /etc/passwd exist in /etc/group | CIS Ubuntu Linux 22.04 LTS v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| GEN000253 - The time synchronization configuration file (such as /etc/ntp.conf) must not have an extended ACL. | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN000280 - Direct logins must not be permitted to shared, default, application, or utility accounts - '/etc/security/user rlogin=false' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN000930 - The root account's home directory must not have an extended ACL. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN000930 - The root account's home directory must not have an extended ACL. | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN001210 - All system command files must not have extended ACLs - '/usr/bin/*' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001290 - All manual page files must not have extended ACLs - '/usr/share/info/*' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001310 - All library files must not have extended ACLs - '/lib/*' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN001369 - The /etc/hosts file must not have an extended ACL. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001490 - User home directories must not have extended ACLs. | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN001730 - All global initialization files must not have extended ACLs - '/etc/bashrc' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001730 - All global initialization files must not have extended ACLs - '/etc/csh.login' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001730 - All global initialization files must not have extended ACLs - '/etc/ksh.kshrc' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN001730 - All global initialization files must not have extended ACLs - '/etc/security/.profile' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001890 - Local initialization files must not have extended ACLs - '.bash_profile' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001890 - Local initialization files must not have extended ACLs - '.exrc' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001890 - Local initialization files must not have extended ACLs - '.profile' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN002330 - Audio devices must not have extended ACLs - '/dev/audio*' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN002330 - Audio devices must not have extended ACLs - '/dev/snd/*' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN002560 - The system and user default umask must be 077 - '/etc/*' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN002640 - Default system accounts must be disabled or removed - 'bin' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN002718 - System audit tool executables must not have extended ACLs - '/sbin/aureport' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditselect' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN002990 - The cron.allow file must not have an extended ACL. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN002990 - The cron.allow file must not have an extended ACL. | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN003090 - Crontab files must not have extended ACLs - '/etc/cron.daily' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN003090 - Crontab files must not have extended ACLs - '/var/spool/cron' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN003110 - Cron and crontab directories must not have extended ACLs - '/etc/cron.d' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN003110 - Cron and crontab directories must not have extended ACLs - '/etc/cron.weekly' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN003110 - Cron and crontab directories must not have extended ACLs - '/var/spool/cron' - no acls enabled | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN003210 - The cron.deny file must not have an extended ACL. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN003210 - The cron.deny file must not have an extended ACL. | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN003245 - The at.allow file must not have an extended ACL. | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN003745 - The inetd.conf and xinetd.conf files must not have extended ACLs - 'xinetd.conf' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN003790 - The services file must not have an extended ACL. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN003950 - The printers.conf file must not have an extended ACL. | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN004390 - The alias file must not have an extended ACL - '/etc/postfix/aliases.db' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN004510 - The SMTP service log file must not have an extended ACL. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN004950 - The ftpusers file must not have an extended ACL. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN005040 - All FTP users must have a default umask of 077. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN005375 - The snmpd.conf file must not have an extended ACL - '/etc/snmpd.conf' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN006330 - The /etc/news/passwd.nntp file must not have an extended ACL. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
