| 1.1.1.2 Ensure mounting of squashfs filesystems is disabled - lsmod | CIS Fedora 19 Family Linux Workstation L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.2 Ensure mounting of squashfs filesystems is disabled - lsmod | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.1.1.2 Ensure mounting of squashfs filesystems is disabled - lsmod | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.1.1.2 Ensure mounting of squashfs filesystems is disabled - modprobe | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.2 Ensure mounting of squashfs filesystems is disabled - modprobe | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.1.1.6 Ensure mounting of squashfs filesystems is disabled - modprobe | CIS Debian Family Workstation L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.5 Ensure version 7.2 or newer booted with a BIOS have a unique name for the grub superusers account | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 1.4.6 Ensure version 7.2 or newer booted with UEFI have a unique name for the grub superusers account - UEFI must have a unique name for the grub superusers account when booting into single-user mode and maintenance. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 2.1 Secure DB2 Runtime Library | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | |
| 2.1 Secure DB2 Runtime Library | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | |
| 2.1 Secure DB2 Runtime Library | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | |
| 2.1 Secure DB2 Runtime Library | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | |
| 2.6 Ensure aufs storage driver is not used | CIS Docker v1.7.0 L1 Docker - Linux | Unix | SYSTEM AND SERVICES ACQUISITION |
| 3.8 Ensure the Lock File Is Secured - 'LockFile permissions' | CIS Apache HTTP Server 2.4 L1 v2.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.8 Ensure the Lock File Is Secured - configured | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.8 Ensure the Lock File Is Secured - permissions | CIS Apache HTTP Server 2.4 L1 v2.1.0 Middleware | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.20 Do not share the host's UTS namespace | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.20 Do not share the host's UTS namespace | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure that the MaxZoneParts setting for Web Part limits is set to 100. | CIS Microsoft SharePoint 2016 OS v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 9.6 Secure the permission of the IBMLDAPSecurity.ini file | CIS IBM DB2 v10 v1.1.0 Windows OS Level 2 | Windows | |
| 9.6 Secure the permission of the IBMLDAPSecurity.ini file | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | |
| 9.6 Secure the permission of the IBMLDAPSecurity.ini file | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | |
| 9.6 Secure the permission of the IBMLDAPSecurity.ini file | CIS IBM DB2 v10 v1.1.0 Windows OS Level 1 | Windows | |
| APPL-14-001150 - The macOS system must disable password authentication for SSH. | DISA Apple macOS 14 (Sonoma) STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| CISC-RT-000710 - The Cisco PE switch must be configured to implement Internet Group Management Protocol (IGMP) or Multicast Listener Discovery (MLD) snooping for each Virtual Private LAN Services (VPLS) bridge domain. | DISA STIG Cisco NX-OS Switch RTR v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000710 - The Cisco PE switch must be configured to implement Internet Group Management Protocol (IGMP) or Multicast Listener Discovery (MLD) snooping for each Virtual Private LAN Services (VPLS) bridge domain. | DISA STIG Cisco IOS XE Switch RTR v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTAVSEL-002 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to receive automatic updates. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Extension 2 | CIS Google Chrome L1 v3.0.0 | Windows | |
| FFOX-00-000013 - Firefox must be configured to disable the installation of extensions. | DISA STIG Mozilla Firefox Windows v6r5 | Windows | CONFIGURATION MANAGEMENT |
| FFOX-00-000023 - Firefox fingerprinting protection must be enabled. | DISA STIG Mozilla Firefox Windows v6r5 | Windows | CONFIGURATION MANAGEMENT |
| FFOX-00-000024 - Firefox cryptomining protection must be enabled. | DISA STIG Mozilla Firefox Windows v6r5 | Windows | CONFIGURATION MANAGEMENT |
| FFOX-00-000027 - Firefox deprecated ciphers must be disabled. | DISA STIG Mozilla Firefox Linux v6r5 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000027 - Firefox deprecated ciphers must be disabled. | DISA STIG Mozilla Firefox Windows v6r5 | Windows | CONFIGURATION MANAGEMENT |
| FFOX-00-000028 - Firefox must not recommend extensions as the user is using the browser. | DISA STIG Mozilla Firefox Linux v6r5 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000028 - Firefox must not recommend extensions as the user is using the browser. | DISA STIG Mozilla Firefox MacOS v6r5 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000028 - Firefox must not recommend extensions as the user is using the browser. | DISA STIG Mozilla Firefox Windows v6r5 | Windows | CONFIGURATION MANAGEMENT |
| FFOX-00-000033 - Firefox must be configured so that DNS over HTTPS is disabled. | DISA STIG Mozilla Firefox Windows v6r5 | Windows | CONFIGURATION MANAGEMENT |
| MADB-10-004400 - MariaDB must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations. | DISA MariaDB Enterprise 10.x v2r2 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| MADB-10-004400 - MariaDB must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations. | DISA MariaDB Enterprise 10.x v2r2 OS Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| nameserver 2 | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | |
| nameserver 2 | DISA Oracle Linux 8 STIG v2r2 | Unix | |
| nameserver 2 | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | |
| PANW-NM-000144 - The Palo Alto Networks security platform must generate an audit log record when the Data Plane CPU utilization is 100%. | DISA STIG Palo Alto NDM v3r2 | Palo_Alto | CONFIGURATION MANAGEMENT |
| RHEL-07-010492 - Red Hat Enterprise Linux operating systems version 7.2 or newer booted with United Extensible Firmware Interface (UEFI) must have a unique name for the grub superusers account when booting into single-user mode and maintenance. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-030350 - The Red Hat Enterprise Linux operating system must immediately notify the System Administrator (SA) and Information System Security Officer (ISSO) (at a minimum) when the threshold for the repository maximum audit record storage capacity is reached. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653095 - RHEL 9 must periodically flush audit records to disk to prevent the loss of audit records. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCST-67-000019 - The Security Token Service must limit the number of allowed connections. | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCUI-80-000126 The vCenter UI service must limit the number of times that each Transmission Control Protocol (TCP) connection is kept alive. | DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1 | Unix | ACCESS CONTROL |
| WINER-000012 - The maximum number of error reports to archive on a system must be configured to 100 or greater. | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WN10-CC-000206 - Windows Update must not obtain updates from other PCs on the internet. | DISA Windows 10 STIG v3r2 | Windows | CONFIGURATION MANAGEMENT |
