| 1.1.18 Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.2.22 Ensure that the maximumRetainedFiles argument is set to 10 or as appropriate | CIS RedHat OpenShift Container Platform v1.6.0 L1 | OpenShift | AUDIT AND ACCOUNTABILITY |
| 1.2.23 Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate | CIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master | Unix | AUDIT AND ACCOUNTABILITY |
| 1.13 Audit Docker files and directories - /etc/docker/daemon.json | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 2.1 Secure the DB2 Runtime Library | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Windows | Windows | |
| 2.1 Secure the DB2 Runtime Library | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 OS Linux | Unix | |
| 3.1.12 Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate | CIS Kubernetes 1.7.0 Benchmark v1.1.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.1.17 Secure permissions for the primary archive log location - LOGARCHMETH1 OS Permissions | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| 3.2.6 Secure permissions for the tertiary archive log location | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB | IBM_DB2DB | |
| 3.2.7 Secure permissions for the log mirror location | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB | IBM_DB2DB | |
| 4.8 (L1) Host must store one week of audit records | CIS VMware ESXi 8.0 v1.1.0 L1 | VMware | AUDIT AND ACCOUNTABILITY |
| 5.3.22 Ensure SSH MaxStartups is configured | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.22 Ensure SSH MaxStartups is configured | CIS Ubuntu Linux 16.04 LTS Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.22 Ensure SSH MaxStartups is configured - sshd | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.22 Ensure SSH MaxStartups is configured - sshd | CIS CentOS 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.22 Ensure SSH MaxStartups is configured - sshd | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.3.22 Ensure SSH MaxStartups is configured - sshd | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.22 Ensure SSH MaxStartups is configured - sshd | CIS Red Hat 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.3.22 Ensure SSH MaxStartups is configured - sshd_config | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.22 Ensure SSH MaxStartups is configured - sshd_config | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.22 Ensure SSH MaxStartups is configured - sshd_config | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.22 Ensure SSH MaxStartups is configured - sshd_config | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.3.22 Ensure SSH MaxStartups is configured - sshd_config | CIS CentOS 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.22 Ensure SSH MaxStartups is configured - sshd_config | CIS Red Hat 6 Server L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.3.24 Ensure SSH MaxStartups is configured | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.4 Ensure Default HTML Content Is Removed | CIS Apache HTTP Server 2.4 v2.2.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-14-001100 The macOS system must disable root logon for SSH. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| ARST-RT-000070 - The Arista Multicast Source Discovery Protocol (MSDP) router must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| ARST-RT-000080 - The Arista Multicast Source Discovery Protocol (MSDP) router must be configured to filter source-active multicast advertisements to external MSDP peers to avoid global visibility of local-only multicast sources and groups. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| DTAVSEL-100 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to run a scheduled On-Demand scan at least once a week. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-102 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find unknown program viruses. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-103 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find unknown macro viruses. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| FFOX-00-000034 - Firefox accounts must be disabled. | DISA STIG Mozilla Firefox Linux v6r5 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000034 - Firefox accounts must be disabled. | DISA STIG Mozilla Firefox MacOS v6r5 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000036 - Firefox feedback reporting must be disabled. | DISA STIG Mozilla Firefox MacOS v6r5 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000036 - Firefox feedback reporting must be disabled. | DISA STIG Mozilla Firefox Linux v6r5 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000038 - Pocket must be disabled. | DISA STIG Mozilla Firefox Linux v6r5 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000038 - Pocket must be disabled. | DISA STIG Mozilla Firefox MacOS v6r5 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000039 - Firefox Studies must be disabled. | DISA STIG Mozilla Firefox Linux v6r5 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000039 - Firefox Studies must be disabled. | DISA STIG Mozilla Firefox MacOS v6r5 | Unix | CONFIGURATION MANAGEMENT |
| Out-of-Band Management port | ArubaOS Switch 16.x Hardening Guide v1.0.0 | ArubaOS | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-07-010030 - The Red Hat Enterprise Linux operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting local or remote access to the system via a graphical user logon. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-010040 - The Red Hat Enterprise Linux operating system must display the approved Standard Mandatory DoD Notice and Consent Banner before granting local or remote access to the system via a graphical user logon. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-010140 - The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed or new passwords are assigned, the new password must contain at least one numeric character. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010150 - The Red Hat Enterprise Linux operating system must be configured so that when passwords are changed or new passwords are established, the new password must contain at least one special character. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-020680 - The Red Hat Enterprise Linux operating system must be configured so that all files and directories contained in local interactive user home directories have a mode of 0750 or less permissive. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-020700 - The Red Hat Enterprise Linux operating system must be configured so that all local initialization files for local interactive users are be group-owned by the users primary group or root. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-020720 - The Red Hat Enterprise Linux operating system must be configured so that all local interactive user initialization files executable search paths contain only paths that resolve to the users home directory. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-031010 - The Red Hat Enterprise Linux operating system must be configured so that the rsyslog daemon does not accept log messages from other servers unless the server is being used for log aggregation. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-040720 - The Red Hat Enterprise Linux operating system must be configured so that if the Trivial File Transfer Protocol (TFTP) server is required, the TFTP daemon is configured to operate in secure mode. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
