| 1.1.17 Ensure noexec option set on /dev/shm partition | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.20 Ensure noexec option set on removable media partitions | CIS SUSE Linux Enterprise Workstation 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.20 Ensure that IAM Access analyzer is enabled for all regions | CIS Amazon Web Services Foundations L1 3.0.0 | amazon_aws | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1.3.41 Ensure the audit configuration is immutable | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 7.2.3 Ensure all groups in /etc/passwd exist in /etc/group | CIS Rocky Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 7.2.3 Ensure all groups in /etc/passwd exist in /etc/group | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| DG0009-ORACLE11 - Access to DBMS software files and directories should not be granted to unauthorized users - '/etc/profile umask < 022' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| GEN000020 - The system must require authentication upon booting into single-user and maintenance modes. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000253 - The time synchronization configuration file (such as /etc/ntp.conf) must not have an extended ACL. | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
| GEN000290-4 - The system must not have the unnecessary ftp account - ftp account. | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
| GEN001210 - All system command files must not have extended ACLs - '/bin/*' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001210 - All system command files must not have extended ACLs - '/etc/*' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001210 - All system command files must not have extended ACLs - '/usr/lbin' | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
| GEN001210 - All system command files must not have extended ACLs - '/usr/ucb/*' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001310 - All library files must not have extended ACLs - '/lib/*' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001361 - NIS/NIS+/yp command files must not have extended ACLs. | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN001365 - The /etc/resolv.conf file must not have an extended ACL. | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN001394 - The /etc/group file must not have an extended ACL. | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN001394 - The /etc/group file must not have an extended ACL. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001394 - The /etc/group file must not have an extended ACL. | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
| GEN001430 - The /etc/security/passwd file must not have an extended ACL. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001430 - The /etc/shadow (or equivalent) file must not have an extended ACL. | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN001490 - User home directories must not have extended ACLs. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001590 - All run control scripts must have no extended ACLs - '/etc/init.d' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN001590 - All run control scripts must have no extended ACLs - '/etc/init.d' | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
| GEN001590 - All run control scripts must have no extended ACLs - '/etc/rc.d/*' | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
| GEN001730 - All global initialization files must not have extended ACLs - '/etc/bashrc' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN001730 - All global initialization files must not have extended ACLs - '/etc/environment' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN001730 - All global initialization files must not have extended ACLs - '/etc/environment' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001730 - All global initialization files must not have extended ACLs - '/etc/ksh.kshrc' | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
| GEN001810 - Skeleton files must not have extended ACLs. | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN001890 - Local initialization files must not have extended ACLs - '.cshrc' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001890 - Local initialization files must not have extended ACLs - '.emacs' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN001890 - Local initialization files must not have extended ACLs - '.env' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN002330 - Audio devices must not have extended ACLs - '/dev/audio*' | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
| GEN002640 - Default system accounts must be disabled or removed - 'daemon' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN002640 - Default system accounts must be disabled or removed - 'nuucp' | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
| GEN002640 - Default system accounts must be disabled or removed - 'uucp' | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
| GEN002718 - System audit tool executables must not have extended ACLs - '/sbin/autrace' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditbin' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditconv' | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN003090 - Crontab files must not have extended ACLs - '/etc/cron.weekly' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN003110 - Cron and crontab directories must not have extended ACLs - '/etc/cron.hourly' | DISA STIG for Oracle Linux 5 v1r14 | Unix | ACCESS CONTROL |
| GEN003110 - Cron and crontab directories must not have extended ACLs - '/var/spool/cron' - acls disabled | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN003523 - The kernel core dump data directory must not have an extended ACL. | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN003950 - The hosts.lpd (or equivalent) file must not have an extended ACL. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN004950 - The ftpusers file must not have an extended ACL - '/etc/ftpusers' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN005395 - The /etc/syslog.conf file must not have an extended ACL. | DISA STIG AIX 6.1 v1r13 | Unix | ACCESS CONTROL |
| GEN008360 - If using LDAP for auth or acct info, the LDAP TLS key file must not have an extended ACL - '/etc/openldap/cacerts/key.pem' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | ACCESS CONTROL |
| GEN008620 - System BIOS or system controllers supporting password protection must have administrator accounts/passwords configured. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
