| 1.1.22 Disable Mounting of hfsplus Filesystems - install hfsplus /bin/true' | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 1.4.1 Enable SELinux in /etc/grub.conf - enforcing != 0 | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | ACCESS CONTROL |
| 1.6.3 Enable Randomized Virtual Memory Region Placement - kernel.randomize_va_space = 2 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.1.7 Remove tftp | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 2.1.13 Disable chargen-stream | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.1.6 Restrict Published Information (if publishing is required) - publish-binf=no | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.13 Remove Samba | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.4.1.1 Disable IPv6 Router Advertisements - net.ipv6.conf.default.accept_ra = 0 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.6.2 Disable SCTP | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 5.2.1 Install the rsyslog package | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.2 Activate the rsyslog Service - syslog | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3 Configure /etc/rsyslog.conf - lpr,news,uucp,local0,local1,local2,local3,local4,local5,local6 /var/log/unused.log | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.6 Accept Remote rsyslog Messages Only on Designated Log Hosts - $InputTCPServerRun 514 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3.7 Record Events That Modify the System's Network Environment - /etc/issue | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.7 Record Events That Modify the System's Network Environment - /etc/issue.net | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.12 Collect Unsuccessful Unauthorized Access Attempts to Files - arch=b64 EPERM | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3.13 Collect Use of Privileged Commands | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.15 Collect File Deletion Events by User - arch=b32 | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.3.18 Collect Kernel Module Loading and Unloading - /sbin/modprobe | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 5.3.19 Make the Audit Configuration Immutable - -e 2 | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.4 Configure logrotate - '/var/log/boot.log' | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.4 Configure logrotate - '/var/log/spooler' | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.1.5 Set User/Group Owner and Permission on /etc/cron.hourly | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 6.1.6 Set User/Group Owner and Permission on /etc/cron.daily | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 6.1.10 Restrict at/cron to Authorized Users - cron.allow | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 6.3.1 Set Password Creation Requirement Parameters Using pam_cracklib - password required | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.3.2 Set Lockout for Failed Password Attempts - auth required pam_tally2.so deny=5 onerr=fail | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 6.3.6 Remove the pam_ccreds Package | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 6.5 Restrict Access to the su Command - auth required pam_wheel.so use_uid' | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 7.5 Lock Inactive User Accounts - INACTIVE=35 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 8.1.1 Set Warning Banner for Standard Login Services - /etc/issue | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 8.1.1 Set Warning Banner for Standard Login Services - /etc/issue.net | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 8.1.2 Remove OS Information from Login Warning Banners - /etc/issue | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 8.2 Set GNOME Warning Banner | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 9.1.1 Verify System File Permissions | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | ACCESS CONTROL |
| 9.1.5 Verify Permissions on /etc/group | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 9.1.11 Find Un-owned Files and Directories | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | ACCESS CONTROL |
| 9.2.1 Ensure Password Fields are Not Empty | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 9.2.10 Check for Presence of User .rhosts Files | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-010030 - All RHEL 8 local disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at rest protection. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010130 - The RHEL 8 shadow password suite must be configured to use a sufficient number of hashing rounds. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-010201 - RHEL 8 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010230 - The RHEL 8 /var/log/messages file must be group-owned by root. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-08-010240 - The RHEL 8 /var/log directory must have mode 0755 or less permissive. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-08-010250 - The RHEL 8 /var/log directory must be owned by root. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-08-010287 - The RHEL 8 SSH daemon must be configured to use system-wide crypto policies. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | ACCESS CONTROL |
| RHEL-08-010293 - The RHEL 8 operating system must implement DoD-approved encryption in the OpenSSL package. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | ACCESS CONTROL |
| RHEL-08-010310 - RHEL 8 system commands must be owned by root. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010340 - RHEL 8 library files must be owned by root. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010382 - RHEL 8 must restrict privilege elevation to authorized personnel. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
