| 2.3.9.4 Ensure 'Microsoft network server: Disconnect clients when logon hours expire' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL |
| 2.3.11.6 Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL |
| 4.1.7 Ensure login and logout events are collected - auditctl /var/log/faillog | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl /var/log/lastlog | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl /var/run/faillock/ | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl faillog | CIS Debian Family Server L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl lastlog | CIS Debian Family Server L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - auditctl tallylog | CIS Debian Family Workstation L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - rules.d /var/run/faillock/ | CIS CentOS 6 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.7 Ensure login and logout events are collected - rules.d /var/run/faillock/ | CIS Red Hat 6 Workstation L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - auditctl lastlog | CIS Debian 9 Workstation L2 v1.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - auditctl tallylog | CIS Debian 9 Server L2 v1.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure login and logout events are collected - tallylog | CIS Debian 9 Server L2 v1.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - /var/run/utmp | CIS Debian Family Workstation L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl /var/run/utmp | CIS Oracle Linux 6 Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl btmp | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl btmp | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - auditctl utmp | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - btmp | CIS Fedora 19 Family Linux Server L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - btmp | CIS Ubuntu Linux 16.04 LTS Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - btmp | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - rules.d /var/log/btmp | CIS Oracle Linux 6 Server L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - rules.d /var/log/wtmp | CIS CentOS 6 Server L2 v3.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.8 Ensure session initiation information is collected - utmp | CIS Ubuntu Linux 16.04 LTS Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - /var/log/wtmp | CIS Debian 9 Workstation L2 v1.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - /var/run/utmp | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - auditctl /var/log/btmp | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - auditctl /var/log/wtmp | CIS Debian 9 Workstation L2 v1.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.1.9 Ensure session initiation information is collected - auditctl /var/run/utmp | CIS Debian 9 Server L2 v1.0.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 4.2.15 Ensure sshd MaxAuthTries is configured | CIS Ubuntu Linux 18.04 LTS v2.2.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.16 Ensure SSH MaxAuthTries is set to 4 or less | CIS Amazon Linux 2023 Server L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.2.16 Ensure sshd MaxAuthTries is configured | CIS Oracle Linux 7 v4.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.7 Ensure SSH MaxAuthTries is set to 4 or less | CIS Google Container-Optimized OS v1.2.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.16 Ensure sshd MaxAuthTries is configured | CIS Ubuntu Linux 20.04 LTS v3.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.16 Ensure sshd MaxAuthTries is configured | CIS SUSE Linux Enterprise 15 v2.0.1 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.16 Ensure sshd MaxAuthTries is configured | CIS Debian Linux 11 v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.16 Ensure sshd MaxAuthTries is configured | CIS Oracle Linux 10 v1.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.16 Ensure sshd MaxAuthTries is configured | CIS Red Hat Enterprise Linux 10 v1.0.1 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.18 Ensure sshd MaxAuthTries is configured | CIS Red Hat Enterprise Linux 8 v4.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.2.6 (L1) Enable Identity Protection user risk policies | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.2.7 (L1) Enable Identity Protection sign-in risk policies | CIS Microsoft 365 Foundations v5.0.0 L1 E5 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 5.3 Ensure 'Login Auditing' is set to 'failed logins' | CIS SQL Server 2017 Database L1 DB v1.3.0 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.3 Ensure 'Login Auditing' is set to 'failed logins' | CIS Microsoft SQL Server 2019 v1.5.0 L1 Database Engine | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| 5.3.9 Collect Login and Logout Events - /var/log/btmp | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.3.9 Collect Login and Logout Events - /var/log/faillog | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.3.9 Collect Login and Logout Events - /var/log/lastlog | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.3.9 Collect Login and Logout Events - /var/log/tallylog | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.3.9 Ensure SSH MaxAuthTries is set to 4 or less | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3.10 Collect Session Initiation Information - /var/log/wtmp | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.3.10 Collect Session Initiation Information - /var/run/utmp | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
