| 1.1 Ensure packages are obtained from authorized repositories | CIS PostgreSQL 13 OS v1.2.0 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 1.3 Ensure systemd Service Files Are Enabled | CIS PostgreSQL 13 OS v1.2.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 2.3.10.8 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configured | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.10.9 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configured | CIS Windows Server 2012 DC L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.3.10.9 (L1) Configure 'Network access: Remotely accessible registry paths and sub-paths' is configured | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.3.11.6 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM' | CIS Azure Compute Microsoft Windows Server 2019 v1.0.0 L1 MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM' | CIS Microsoft Windows Server 2019 STIG v2.0.0 L1 DC | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.3.11.7 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM' | CIS Microsoft Windows Server 2008 R2 Domain Controller Level 1 v3.3.1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.13.1 Ensure 'Shutdown: Allow system to be shut down without having to log on' is set to 'Disabled' | CIS Azure Compute Microsoft Windows Server 2022 v1.0.0 L1 MS | Windows | ACCESS CONTROL |
| 3.1.4 Ensure the log file destination directory is set correctly | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.6 Ensure the log file permissions are set correctly | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.1.10 Ensure the correct syslog facility is selected | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.14 Ensure the correct messages are written to the server log | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.15 Ensure the correct SQL statements generating errors are recorded | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.16 Ensure 'debug_print_parse' is disabled | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.1.17 Ensure 'debug_print_rewritten' is disabled | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.1.18 Ensure 'debug_print_plan' is disabled | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.1.19 Ensure 'debug_pretty_print' is enabled | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.20 Ensure 'log_connections' is enabled | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.23 Ensure 'log_hostname' is set correctly | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 3.1.24 Ensure 'log_line_prefix' is set correctly | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.25 Ensure 'log_statement' is set correctly | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 3.1.26 Ensure 'log_timezone' is set correctly | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | AUDIT AND ACCOUNTABILITY |
| 4.2 Ensure sudo is configured correctly | CIS PostgreSQL 13 OS v1.2.0 | Unix | ACCESS CONTROL |
| 4.3 Ensure excessive administrative privileges are revoked | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.5 Ensure excessive function privileges are revoked | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 4.7 Ensure Row Level Security (RLS) is configured correctly | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.8 Ensure the set_user extension is installed | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | ACCESS CONTROL |
| 5.3 Ensure login via 'local' UNIX Domain Socket is configured correctly | CIS PostgreSQL 13 OS v1.2.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4 Ensure login via 'host' TCP/IP Socket is configured correctly | CIS PostgreSQL 13 OS v1.2.0 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.5 Ensure per-account connection limits are used | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | ACCESS CONTROL |
| 5.6 Ensure Password Complexity is configured | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION |
| 6.4 Ensure 'SIGHUP' Runtime Parameters are Configured | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 6.6 Ensure 'User' Runtime Parameters are Configured | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| 6.9 Ensure the TLSv1.0 and TLSv1.1 Protocols are Disabled | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.11 Ensure the pgcrypto extension is installed and configured correctly | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure a replication-only user is created and used for streaming replication | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | ACCESS CONTROL |
| 7.2 Ensure logging of replication commands is configured | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | ACCESS CONTROL |
| 7.4 Ensure WAL archiving is configured and functional | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 45.25 (L1) Ensure 'Network security: LAN Manager authentication level' is set to 'Send LM and NTLMv2 responses only. Refuse LM and NTLM' | CIS Microsoft Intune for Windows 10 v3.0.1 L1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Change Check | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | |
| data_directory | CIS PostgreSQL 13 OS v1.2.0 | Unix | |
| ignore_system_indexes | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | |
| log_connections | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | |
| log_disconnections | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | |
| pgaudit installed | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | |
| post_auth_delay | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | |
| SELECT from system catalog view | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | |
| show ssl | CIS PostgreSQL 13 DB v1.2.0 | PostgreSQLDB | |
