| 'local2,local3.* -/var/log/localmessages' | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| 'mail.* -/var/log/mail' | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| /etc/cron.deny file permissions | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| /etc/security/opasswd.old file permissions | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| /etc/security/pwquality.conf | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| /usr/lib/systemd/system/rescue.service | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| 1.1.1.1 Ensure cramfs kernel module is not available | CIS Amazon Linux 2 v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.1.2 Ensure freevxfs kernel module is not available | CIS Amazon Linux 2 v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.2.1.1 Ensure /tmp is a separate partition | CIS Amazon Linux 2 v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.2.1.3 Ensure nosuid option set on /tmp partition | CIS Amazon Linux 2 v3.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.2.2 Ensure nodev option set on /dev/shm partition | CIS Amazon Linux 2 v3.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.2.3 Ensure nosuid option set on /dev/shm partition | CIS Amazon Linux 2 v3.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.6.4 Ensure noexec option set on /var/log partition | CIS Amazon Linux 2 v3.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.3 Ensure nodev option set on /tmp partition | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.18 Ensure sticky bit is set on all world-writable directories | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.19 Disable Automounting | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.2.2 Ensure GPG keys are configured | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.2.5 Ensure updates, patches, and additional security software are installed | CIS Amazon Linux 2 v3.0.0 L1 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.3.1 Ensure authentication required for single user mode | CIS Amazon Linux 2 v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 1.4.4 Ensure core dump storage is disabled | CIS Amazon Linux 2 v3.0.0 L1 | Unix | ACCESS CONTROL |
| 1.5.1.1 Ensure SELinux is installed | CIS Amazon Linux 2 v3.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.6.3 Ensure remote login warning banner is configured properly | CIS Amazon Linux 2 v3.0.0 L1 | Unix | ACCESS CONTROL |
| 2.1.1.2 Ensure ntp is configured - restrict -4 | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.1.1.3 Ensure chrony is configured - chrony server/pool | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.1.7 Ensure NFS and RPC are not enabled - nfs | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.7 Ensure NFS and RPC are not enabled - nfs-server | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.7 Ensure NFS and RPC are not enabled - nfs-server status | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.7 Ensure NFS and RPC are not enabled - rpcbind status | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.11 Ensure IMAP and POP3 server is not enabled | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.15 Ensure mail transfer agent is configured for local-only mode - status | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.17 Ensure rsh server is not enabled - rexec.socket | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.19 Ensure tftp server is not enabled - status | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.20 Ensure rsync service is not enabled | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.5 Ensure LDAP client is not installed | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.7 Ensure ftp server services are not in use | CIS Amazon Linux 2 v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.11 Ensure print server services are not in use | CIS Amazon Linux 2 v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.13 Ensure rsync services are not in use | CIS Amazon Linux 2 v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.17 Ensure web proxy server services are not in use | CIS Amazon Linux 2 v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.21 Ensure mail transfer agents are configured for local-only mode | CIS Amazon Linux 2 v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.3.1 Ensure ftp client is not installed | CIS Amazon Linux 2 v3.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.1 Ensure IP forwarding is disabled - sysctl | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.2 Ensure packet redirect sending is disabled - sysctl.conf sysctl.d net.ipv4.conf.default.send_redirects | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - fips_enabled | CIS PostgreSQL 11 OS v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.7 Ensure FIPS 140-2 OpenSSL Cryptography Is Used - fips_enabled | CIS PostgreSQL 9.5 OS v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| tftp.socket tftp.service active | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| useradd | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| Verify the current GRUB 2 configuration disables virtual system calls | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | |
| vsftpd.service active | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| xinetd services are installed | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
| xinetd.service active | CIS Amazon Linux 2 v3.0.0 L1 | Unix | |
