| 1.1.1.2 Ensure mounting of squashfs filesystems is disabled - lsmod | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.1.1.2 Ensure mounting of squashfs filesystems is disabled - lsmod | CIS Fedora 19 Family Linux Workstation L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.2 Ensure mounting of squashfs filesystems is disabled - lsmod | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.1.1.2 Ensure mounting of squashfs filesystems is disabled - modprobe | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.2 Ensure mounting of squashfs filesystems is disabled - modprobe | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.1.1.6 Ensure mounting of squashfs filesystems is disabled - lsmod | CIS Debian Family Server L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.6 Ensure mounting of squashfs filesystems is disabled - modprobe | CIS Debian Family Workstation L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.5 Ensure version 7.2 or newer booted with a BIOS have a unique name for the grub superusers account | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 1.6.3 Ensure system wide crypto policy disables sha1 hash and signature support | CIS Rocky Linux 9 v2.0.0 L1 Server | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1 Secure DB2 Runtime Library | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | |
| 2.1 Secure DB2 Runtime Library | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | |
| 2.1 Secure DB2 Runtime Library | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | |
| 2.1 Secure DB2 Runtime Library | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | |
| 2.6 Ensure aufs storage driver is not used | CIS Docker v1.7.0 L1 Docker - Linux | Unix | SYSTEM AND SERVICES ACQUISITION |
| 3.1.14 Set maximum connection limits - 'maxappls <= 99' | CIS IBM DB2 OS L2 v1.2.0 | Unix | ACCESS CONTROL |
| 3.2.11 Establish retention set size for backups - 'num_db_backups <= 100' | CIS IBM DB2 OS L2 v1.2.0 | Unix | CONTINGENCY PLANNING, SYSTEM AND INFORMATION INTEGRITY |
| 3.5.1.1 Ensure firewalld is installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.4 Defend against Denial of Service Attacks | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | |
| 5.20 Do not share the host's UTS namespace | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 9.6 Secure the permission of the IBMLDAPSecurity.ini file | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | |
| 9.6 Secure the permission of the IBMLDAPSecurity.ini file | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | |
| 9.6 Secure the permission of the IBMLDAPSecurity.ini file | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | |
| 9.6 Secure the permission of the IBMLDAPSecurity.ini file | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | |
| APPL-14-001150 The macOS system must disable password authentication for SSH. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| APPL-15-001150 - The macOS system must disable password authentication for SSH. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| AS24-W2-000010 - The Apache web server must limit the number of allowed simultaneous session requests. | DISA STIG Apache Server 2.4 Windows Site v2r2 | Windows | ACCESS CONTROL |
| DTAVSEL-002 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to receive automatic updates. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| ESXI-70-000084 - The ESXi host must enable audit logging. | DISA STIG VMware vSphere 7.0 ESXi OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| Excel 2 worksheets | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Excel 2 worksheets | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Excel 2 worksheets | MSCT M365 Apps for enterprise 2412 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Excel 2 worksheets | Microsoft 365 Apps for Enterprise 2306 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Excel 2 worksheets | MSCT Office 2016 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Excel 2 worksheets | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| FFOX-00-000024 - Firefox cryptomining protection must be enabled. | DISA STIG Mozilla Firefox Windows v6r6 | Windows | CONFIGURATION MANAGEMENT |
| FFOX-00-000027 - Firefox deprecated ciphers must be disabled. | DISA STIG Mozilla Firefox Windows v6r6 | Windows | CONFIGURATION MANAGEMENT |
| FFOX-00-000028 - Firefox must not recommend extensions as the user is using the browser. | DISA STIG Mozilla Firefox Windows v6r6 | Windows | CONFIGURATION MANAGEMENT |
| FFOX-00-000033 - Firefox must be configured so that DNS over HTTPS is disabled. | DISA STIG Mozilla Firefox Windows v6r6 | Windows | CONFIGURATION MANAGEMENT |
| MADB-10-004400 - MariaDB must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| MADB-10-004400 - MariaDB must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations. | DISA MariaDB Enterprise 10.x v2r3 OS Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| PANW-NM-000144 - The Palo Alto Networks security platform must generate an audit log record when the Data Plane CPU utilization is 100%. | DISA STIG Palo Alto NDM v3r2 | Palo_Alto | CONFIGURATION MANAGEMENT |
| PGS9-00-007000 - PostgreSQL, when utilizing PKI-based authentication, must validate certificates by performing RFC 5280-compliant certification path validation. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-020670 - The Red Hat Enterprise Linux operating system must be configured so that all files and directories contained in local interactive user home directories are group-owned by a group of which the home directory owner is a member. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-030340 - The Red Hat Enterprise Linux operating system must immediately notify the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) via email when the threshold for the repository maximum audit record storage capacity is reached. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-07-030350 - The Red Hat Enterprise Linux operating system must immediately notify the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) when the threshold for the repository maximum audit record storage capacity is reached. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLU-70-000019 - Lookup Service must limit the number of allowed connections. | DISA STIG VMware vSphere 7.0 Lookup Service v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCST-67-000019 - The Security Token Service must limit the number of allowed connections. | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCST-70-000019 - The Security Token Service must limit the number of allowed connections. | DISA STIG VMware vSphere 7.0 STS Tomcat v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WINER-000012 - The maximum number of error reports to archive on a system must be configured to 100 or greater. | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WN10-CC-000206 - Windows Update must not obtain updates from other PCs on the internet. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
