| 1.7.3 If a Local Time Zone is used, Configure Daylight Savings | CIS Cisco NX-OS L1 v1.1.0 | Cisco | AUDIT AND ACCOUNTABILITY |
| 2.2.2.4 Ensure GNOME Idle activation is set. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 2.2.2.11 Ensure the screensaver idle-activation-enabled setting | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 2.2.30 Ensure NFS is configured to use RPCSEC_GSS. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.10 Ensure rate limiting measures are set - config | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.1.2.7 Ensure audit the umount command | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.14 Ensure audit of the rmdir syscall - 32 bit | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.17 Ensure audit of the create_module syscall - 32 bit | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.17 Ensure audit of the create_module syscall - 64 bit | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.18 Ensure audit of the finit_module syscall - 32 bit | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.21 Ensure audit of the chcon command | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.23 Ensure audit of the userhelper command | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.24 Ensure audit of the su command | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.25 Ensure audit of the mount command and syscall - 64 bit | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.21 Ensure auditing of all privileged functions - setuid 64 bit | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.8 Enure off-load of audit logs - type | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.1 Ensure SSH is installed | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.30 Ensure SSH uses privilege seperation | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.5 Ensure minimum and maximum requirements are set for password changes - minlen | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.7 Ensure lockout for unsuccessful root logon attempts - password-auth required | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 5.3.8 Ensure date and time of last successful logon - showfailed | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 5.3.8 Ensure date and time of last successful logon - silent | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 5.3.9 Ensure multifactor authentication for access to privileged accounts | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.1.9 Ensure password expiration is 60 Day maximum for exisiting passwords | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.7 Ensure multi-factor authentication is enable for users - enabled | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.7 Ensure multi-factor authentication is enable for users - removal action | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.9 Ensure number of concurrent sessions is limited | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 6.2.20 Ensure all local interactive user home directories are group-owned | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.24 Ensure local interactive users' dot files are group-owned by the users group or root. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.25 Ensure users' 'dot' files have '0740' or less set. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 6.2.27 Ensure nosuid is set on users' home directories. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 6.3 Ensure removal of software components after update | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 6.4 Ensure system device files are labeled - unlabeled_t | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 18.10.6.1 Ensure 'Turn off Inventory Collector' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 18.10.6.1 Ensure 'Turn off Inventory Collector' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 19.7.15.1.2 Ensure 'Turn on off details pane' is set to 'Enabled: Always hide' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.31 Ensure 'Host-based firewall is installed and enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 20.31 Ensure 'Host-based firewall is installed and enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 20.31 Ensure 'Host-based firewall is installed and enabled' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-ND-000810 - The network device must be configured to use an authentication server to authenticate users prior to granting administrative access. | DISA STIG Arista MLS EOS 4.2x NDM v2r1 | Arista | CONFIGURATION MANAGEMENT |
| CASA-ND-000550 - The Cisco ASA must be configured to enforce password complexity by requiring that at least one numeric character be used. | DISA STIG Cisco ASA NDM v2r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-000940 - The Cisco ASA must be configured to synchronize its clock with the primary and secondary time sources using redundant authoritative time sources. | DISA STIG Cisco ASA NDM v2r2 | Cisco | AUDIT AND ACCOUNTABILITY |
| Enforce Password Change Interval | Tenable Cisco ACI | Cisco_ACI | IDENTIFICATION AND AUTHENTICATION |
| GEN000280 - Direct logins must not be permitted to shared, default, application, or utility accounts. | DISA STIG Solaris 10 SPARC v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SNMP Destination - Version | Tenable Cisco ACI | Cisco_ACI | CONFIGURATION MANAGEMENT |
| Syslog - Admin State | Tenable Cisco ACI | Cisco_ACI | AUDIT AND ACCOUNTABILITY |
| Syslog - Console Destination - Severity | Tenable Cisco ACI | Cisco_ACI | AUDIT AND ACCOUNTABILITY |
| Syslog Remote Destination - Severity | Tenable Cisco ACI | Cisco_ACI | AUDIT AND ACCOUNTABILITY |
| Web Session Idle Timeout (s) | Tenable Cisco ACI | Cisco_ACI | ACCESS CONTROL |
| WN12-AD-000008-DC - The time synchronization tool must be configured to enable logging of time source switching. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
