| 1.1.2.9 Set 'Audit Policy: Object Access: Detailed File Share' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.20 Set 'Audit Policy: Privilege Use: Other Privilege Use Events' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.23 Set 'Audit Policy: Policy Change: Authorization Policy Change' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.39 Set 'Audit Policy: DS Access: Detailed Directory Service Replication' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.40 Set 'Audit Policy: Object Access: Other Object Access Events' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 1.1.2.41 Set 'Audit Policy: Object Access: Filtering Platform Connection' to 'No Auditing' | CIS Windows 8 L1 v1.0.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 3.2 Enable security auditing | CIS Apple OSX 10.11 El Capitan L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit successful/failed file attribute modification events' | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.3 Configure Security Auditing Flags - 'audit successful/failed login/logout events' | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.4 Enable remote logging for Desktops on trusted networks | CIS Apple OSX 10.11 El Capitan L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.3 Enable Auditing of File Metadata Modification Events - AUE_ACLSET : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_CHROOT : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_CHROOT : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_NICE : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETGID : cis | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Enable Auditing of Process and Privilege Events - AUE_SETUID : cis | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - active audit policies | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - active user flags = cis,ex,aa,ua,as,ss,lo,ft | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - configured audit policies = argv,cnt,zonename | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - configured user flags = cis,ex,aa,ua,as,ss,lo,ft | CIS Solaris 11 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.5 Configure Solaris Auditing - Plugin | CIS Solaris 11.2 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure that logging captures as much information as possible | CIS MongoDB L2 Unix Audit v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.5 Enable 'SYSTEM GRANT' Audit Option | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 5.6 Enable 'PROFILE' Audit Option | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 5.7 Enable 'ALTER PROFILE' Audit Option | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 5.10 Enable 'PUBLIC DATABASE LINK' Audit Option | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 5.20 Enable 'ALTER SYSTEM' Audit Option | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 5.22 Enable 'CREATE SESSION' Audit Option | CIS Oracle Server 11g R2 DB v2.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 8.1.4 Record Events That Modify Date and Time Information - '64bit clock_settime' | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.4 Record Events That Modify Date and Time Information- '32bit clock_settime' | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.5 Record Events That Modify User/Group Information - '/etc/group' | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.5 Record Events That Modify User/Group Information - '/etc/passwd' | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.6 Record Events That Modify the System's Network Environment- '64bit sethostname' | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.7 Record Events That Modify the System's Mandatory Access Controls | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.10 Collect Discretionary Access Control Permission Modification Events- '64bit chown/fchown/fchownat/lchown' | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.11 Collect Unsuccessful Unauthorized Access Attempts to Files- '32bit EACCES' | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.13 Collect Successful File System Mounts - '32bit mount' | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.15 Collect Changes to System Administration Scope (sudoers) | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 8.1.17 Collect Kernel Module Loading and Unloading - '/sbin/modprobe' | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 9.3.2 Set LogLevel to INFO | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 17.3.1 Ensure 'Audit Process Creation' is set to include 'Success' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.3 Ensure 'Audit Authorization Policy Change' is set to include 'Success' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.7.4 Ensure 'Audit MPSSVC Rule-Level Policy Change' is set to 'Success and Failure' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 17.9.3 Ensure 'Audit Security State Change' is set to include 'Success' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| 18.8.3.1 Ensure 'Include command line in process creation events' is set to 'Disabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | AUDIT AND ACCOUNTABILITY |
| Fortigate - External Logging - 'syslogd' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
| Fortigate - Local Logging is enabled | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
| Fortigate - Log WAN optimization messages | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | AUDIT AND ACCOUNTABILITY |
| WatchGuard : IPS Logging Threat Level HIGH - Enabled | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | AUDIT AND ACCOUNTABILITY |
| WatchGuard : Logging - IKE Packet Tracing | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | AUDIT AND ACCOUNTABILITY |
