| 1.6.3 Enable Randomized Virtual Memory Region Placement 'kernel.randomize_va_space = 2' | CIS Red Hat Enterprise Linux 5 L1 v2.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1 Alter the Advertised server.info String | CIS Apache Tomcat 9 L2 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1 Alter the Advertised server.info String | CIS Apache Tomcat 9 L2 v1.0.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2 Alter the Advertised server.number String | CIS Apache Tomcat 9 L2 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2 Alter the Advertised server.number String | CIS Apache Tomcat 9 L2 v1.0.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3 Alter the Advertised server.built Date | CIS Apache Tomcat 7 L2 v1.1.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3 Alter the Advertised server.built Date | CIS Apache Tomcat 9 L2 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3 Alter the Advertised server.built Date | CIS Apache Tomcat 9 L2 v1.0.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors | CIS Apache Tomcat 9 L2 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors | CIS Apache Tomcat 9 L2 v1.0.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.7 Ensure Sever Header is Modified To Prevent Information Disclosure | CIS Apache Tomcat 9 L2 v1.0.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.7 Ensure Sever Header is Modified To Prevent Information Disclosure | CIS Apache Tomcat 9 L2 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.8 - Http banner reveals server information - Send Server Header | TNS Oracle WebLogic Server 11 Linux Best Practices | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.11 Ensure Server Header is removed - Applications | CIS IIS 10 v1.1.0 Level 2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.11 Ensure Server Header is removed - Default | CIS IIS 10 v1.1.0 Level 2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.11 Ensure X-Powered-By Header is removed - Applications | CIS IIS 10 v1.1.0 Level 2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.11 Ensure X-Powered-By Header is removed - Default | CIS IIS 10 v1.1.0 Level 2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.1 Hide BIND Version String | CIS BIND DNS v3.0.1 Caching Only Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.1 Hide BIND Version String | CIS BIND DNS v3.0.1 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.2 Hide Nameserver ID | CIS BIND DNS v3.0.1 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.2 Hide Nameserver ID | CIS BIND DNS v3.0.1 Caching Only Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.1 Ensure ServerTokens Provides Minimal Information | CIS Apache HTTP Server 2.2 L1 v3.5.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.2 Ensure ServerSignature Is Not Enabled | CIS Apache HTTP Server 2.2 L1 v3.5.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.4 Ensure All Default Apache Content Is Removed - 'httpd.conf Alias /icons/ /var/www/icons/ does not exists' | CIS Apache HTTP Server 2.2 L2 v3.5.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.4 Ensure All Default Apache Content Is Removed - 'httpd.conf Include conf/extra/httpd-autoindex.conf does not exists' | CIS Apache HTTP Server 2.2 L2 v3.5.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN003540 - The system must implement non-executable program stacks - 'kernel.randomize_va_space' | DISA STIG for Red Hat Enterprise Linux 5 v1r17 Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN003540 - The system must implement non-executable program stacks - 'kernel.randomize_va_space' | DISA STIG for Oracle Linux 5 v1r14 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN004560 - The SMTP service's SMTP greeting must not provide version information. | DISA STIG AIX 6.1 v1r13 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WA000-WI120 IIS7 - The Content Location header must not contain proprietary IP addresses. | DISA IIS 7.0 Web Site v1r19 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WDNS-SI-000003 - The DNS Name Server software must be configured to refuse queries for its version information. | DISA Microsoft Windows 2012 Server DNS STIG v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WDNS-SI-000003 - The DNS Name Server software must be configured to refuse queries for its version information. | DISA Microsoft Windows 2012 Server DNS STIG v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WDNS-SI-000003 - The DNS Name Server software must be configured to refuse queries for its version information. | DISA Microsoft Windows 2012 Server DNS STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG520 A22 - Web server and/or operating system information must be protected. | DISA STIG Apache Server 2.2 Unix v1r10 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG520 A22 - Web server and/or operating system information must be protected. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
