| 6.1.15 Ensure the file permissions ownership and group membership of system files and commands match the vendor values | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| AIX7-00-003098 - AIX must allow admins to send a message to all the users who logged in currently. | DISA STIG AIX 7.x v3r1 | Unix | ACCESS CONTROL |
| AIX7-00-003102 - AIX must turn on enhanced Role-Based Access Control (RBAC) to isolate security functions from nonsecurity functions, to grant system privileges to other operating system admins, and prohibit user installation of system software without explicit privileged status. | DISA STIG AIX 7.x v3r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| DKER-EE-001170 - A policy set using the built-in role-based access control (RBAC) capabilities in the Universal Control Plane (UCP) component of Docker Enterprise must be configured. | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - repositoryAccess | DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - team member access | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| MD3X-00-000570 - MongoDB must enforce discretionary access control policies, as defined by the data owner, over defined subjects and objects. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 DB | MongoDB | ACCESS CONTROL |
| MD4X-00-001200 - MongoDB must enforce discretionary access control policies, as defined by the data owner, over defined subjects and objects. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 DB | MongoDB | ACCESS CONTROL |
| O112-C2-003000 - The DBMS must enforce Discretionary Access Control (DAC) policy allowing users to specify and control sharing by named individuals, groups of individuals, or by both, limiting propagation of access rights and includes or excludes access to the granularity of a single user. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | ACCESS CONTROL |
| O112-C2-006700 - A DBMS utilizing Discretionary Access Control (DAC) must enforce a policy that includes or excludes access to the granularity of a single user. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | ACCESS CONTROL |
| O121-C2-006600 - Databases utilizing Discretionary Access Control (DAC) must enforce a policy that limits propagation of access rights. | DISA STIG Oracle 12c v3r2 Database | OracleDB | ACCESS CONTROL |
| OL07-00-020020 - The Oracle Linux operating system must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. | DISA Oracle Linux 7 STIG v3r1 | Unix | ACCESS CONTROL |
| OL07-00-020021 - The Oracle Linux operating system must confine SELinux users to roles that conform to least privilege. | DISA Oracle Linux 7 STIG v3r1 | Unix | ACCESS CONTROL |
| OL07-00-020210 - The Oracle Linux operating system must enable SELinux. | DISA Oracle Linux 7 STIG v3r1 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-06-000020 - The system must use a Linux Security Module configured to enforce limits on system services. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000023 - The system must use a Linux Security Module configured to limit the privileges of system services. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000025 - All device files must be monitored by the system Linux Security Module. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-07-010010 - The Red Hat Enterprise Linux operating system must be configured so that the file permissions, ownership, and group membership of system files and commands match the vendor values. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| RHEL-07-020020 - The Red Hat Enterprise Linux operating system must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-020021 - The Red Hat Enterprise Linux operating system must confine SELinux users to roles that conform to least privilege. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-020023 - The Red Hat Enterprise Linux operating system must elevate the SELinux context when an administrator calls the sudo command. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-020210 - The Red Hat Enterprise Linux operating system must enable SELinux. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-07-020220 - The Red Hat Enterprise Linux operating system must enable the SELinux targeted policy. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-432035 - RHEL 9 must restrict the use of the "su" command. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010600 - The SUSE operating system Apparmor tool must be configured to control whitelisted applications and user home directory access control. | DISA SLES 12 STIG v3r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| SLES-12-010690 - All SUSE operating system files and directories must have a valid owner. | DISA SLES 12 STIG v3r1 | Unix | ACCESS CONTROL |
| SLES-12-010700 - All SUSE operating system files and directories must have a valid group owner. | DISA SLES 12 STIG v3r1 | Unix | ACCESS CONTROL |
| SLES-15-010390 - SUSE operating system AppArmor tool must be configured to control whitelisted applications and user home directory access control. | DISA SLES 15 STIG v2r2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| UBTU-16-010600 - Pam_Apparmor must be configured to allow system administrators to pass information to any other Ubuntu operating system administrator or user, change security attributes, and to confine all non-privileged users from executing functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures - apparmor_status | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | ACCESS CONTROL |
| UBTU-16-010600 - Pam_Apparmor must be configured to allow system administrators to pass information to any other Ubuntu operating system administrator or user, change security attributes, and to confine all non-privileged users from executing functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures - libpam-apparmor | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | ACCESS CONTROL |
| UBTU-16-010700 - All files and directories must have a valid owner. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | ACCESS CONTROL |
| UBTU-18-010437 - Pam_Apparmor must be configured to allow system administrators to pass information to any other Ubuntu operating system administrator or user, change security attributes, and to confine all non-privileged users from executing functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | ACCESS CONTROL |
| UBTU-20-010439 - The Ubuntu operating system must be configured to use AppArmor. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| UBTU-22-431010 - Ubuntu 22.04 LTS must have the "apparmor" package installed. | DISA Canonical Ubuntu 22.04 LTS STIG v2r3 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| UBTU-24-100500 - Ubuntu 24.04 LTS must have AppArmor installed. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| WN12-GE-000006 - Permissions for system drive root directory (usually C:\) must conform to minimum requirements. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-GE-000008 - Permissions for Windows installation directory must conform to minimum requirements. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| WN12-GE-000008 - Permissions for Windows installation directory must conform to minimum requirements. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| WN16-00-000170 - Permissions for program file directories must conform to minimum requirements. | DISA Windows Server 2016 STIG v2r9 | Windows | ACCESS CONTROL |
| WN19-00-000140 - Windows Server 2019 permissions for the system drive root directory (usually C:\) must conform to minimum requirements. | DISA Microsoft Windows Server 2019 STIG v3r3 | Windows | ACCESS CONTROL |
| WN19-00-000150 - Windows Server 2019 permissions for program file directories must conform to minimum requirements. | DISA Microsoft Windows Server 2019 STIG v3r3 | Windows | ACCESS CONTROL |
