| 1.1.2.2.2 Ensure nodev option set on /dev/shm partition | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.2.4 Ensure noexec option set on /dev/shm partition | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.3.2 Ensure nodev option set on /home partition | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.4.2 Ensure nodev option set on /var partition | CIS Red Hat EL8 Server L1 v3.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.5.1 Ensure separate partition exists for /var/tmp | CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.6.4 Ensure noexec option set on /var/log partition | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.7.4 Ensure noexec option set on /var/log/audit partition | CIS Red Hat EL8 Server L1 v3.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.6 Ensure /dev/shm is configured | CIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.7 Ensure noexec option set on /dev/shm partition | CIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.7 Ensure separate partition exists for /var/tmp | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.8 Ensure nodev option set on /dev/shm partition | CIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.8 Ensure nodev option set on /var/tmp partition | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - enforcing | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.6.3 Ensure SELinux or AppArmor are installed | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.7.1.1 Ensure AppArmor is installed | CIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.7.1.4 Ensure permissions on /etc/motd are configured | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.8.1.5 Ensure permissions on /etc/issue are configured | CIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.8.1.6 Ensure permissions on /etc/issue.net are configured | CIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 2.3 Ensure Managed Object Browser (MOB) is disabled | CIS VMware ESXi 6.7 v1.3.0 Level 1 | VMware | ACCESS CONTROL, MEDIA PROTECTION |
| 2.4.1.4 Ensure permissions on /etc/cron.daily are configured | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 2.4.2.1 Ensure at is restricted to authorized users | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.4.4 Ensure permissions on /etc/hosts.allow are configured | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.2.1.5 Ensure remote rsyslog messages are only accepted on designated log hosts - InputTCPServerRun | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.2.2.3 Ensure syslog-ng default file permissions configured | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.2 Ensure permissions on SSH private host key files are configured | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.4 Ensure permissions on /etc/cron.daily are configured | CIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.7 Ensure permissions on /etc/cron.d are configured | CIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.8 Ensure at/cron is restricted to authorized users - at.allow | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.8 Ensure at/cron is restricted to authorized users - at.deny | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.8 Ensure at/cron is restricted to authorized users - cron.allow | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.1 Ensure permissions on /etc/ssh/sshd_config are configured | CIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.4.4 Ensure default user umask is 027 or more restrictive - /etc/profile.d/* | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.6 Ensure access to the su command is restricted | CIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.1 Audit system file permissions | CIS SUSE Linux Enterprise 15 Workstation L2 v1.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.1 Audit system file permissions | CIS SUSE Linux Enterprise Server 11 L2 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.2 Ensure permissions on /etc/passwd are configured | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.3 Ensure permissions on /etc/shadow are configured | CIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.3 Ensure permissions on /etc/shadow are configured | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.4.1 Ensure access to all logfiles has been configured | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.5 Ensure permissions on /etc/passwd.old are configured | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.6 Ensure permissions on /etc/shadow.old are configured | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.8 Ensure no world writable files exist | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.2.4.4 Ensure the audit log file directory mode is configured | CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.2.4.6 Ensure audit configuration files owner is configured | CIS Ubuntu Linux 24.04 LTS v1.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.2.8 Ensure users' dot files are not group or world writable | CIS SUSE Linux Enterprise 15 Workstation L1 v1.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.2.9 Ensure users own their home directories | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.2.10 Ensure users' dot files are not group or world writable | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 7.1.8 Ensure permissions on /etc/gshadow- are configured | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 7.1.8 Ensure permissions on /etc/gshadow- are configured | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 7.1.9 Ensure permissions on /etc/shells are configured | CIS Ubuntu Linux 24.04 LTS v1.0.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
