| 6.1.15 Ensure the file permissions ownership and group membership of system files and commands match the vendor values | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| AIX7-00-003020 - AIX must use Trusted Execution (TE) Check policy. | DISA STIG AIX 7.x v3r1 | Unix | ACCESS CONTROL |
| AIX7-00-003098 - AIX must allow admins to send a message to all the users who logged in currently. | DISA STIG AIX 7.x v3r1 | Unix | ACCESS CONTROL |
| AIX7-00-003102 - AIX must turn on enhanced Role-Based Access Control (RBAC) to isolate security functions from nonsecurity functions, to grant system privileges to other operating system admins, and prohibit user installation of system software without explicit privileged status. | DISA STIG AIX 7.x v3r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| DKER-EE-001170 - A policy set using the built-in role-based access control (RBAC) capabilities in the Universal Control Plane (UCP) component of Docker Enterprise must be configured. | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - repositoryAccess | DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - team member access | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| EP11-00-007300 - EDB Postgres Advanced Server must enforce discretionary access control policies, as defined by the data owner, over defined subjects and objects. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | ACCESS CONTROL |
| MD3X-00-000570 - MongoDB must enforce discretionary access control policies, as defined by the data owner, over defined subjects and objects. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 DB | MongoDB | ACCESS CONTROL |
| O112-C2-006600 - Databases utilizing Discretionary Access Control (DAC) must enforce a policy that limits propagation of access rights. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | ACCESS CONTROL |
| O121-C2-003000 - The DBMS must enforce Discretionary Access Control (DAC) policy allowing users to specify and control sharing by named individuals, groups of individuals, or by both, limiting propagation of access rights and including or excluding access to the granularity of a single user. | DISA STIG Oracle 12c v3r1 Database | OracleDB | ACCESS CONTROL |
| OL07-00-020020 - The Oracle Linux operating system must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL |
| OL07-00-020021 - The Oracle Linux operating system must confine SELinux users to roles that conform to least privilege. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL |
| OL07-00-020022 - The Oracle Linux operating system must not allow privileged accounts to utilize SSH. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL |
| OL07-00-020210 - The Oracle Linux operating system must enable SELinux. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| PGS9-00-002200 - PostgreSQL must enforce discretionary access control policies, as defined by the data owner, over defined subjects and objects. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | ACCESS CONTROL |
| RHEL-06-000020 - The system must use a Linux Security Module configured to enforce limits on system services. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000023 - The system must use a Linux Security Module configured to limit the privileges of system services. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000025 - All device files must be monitored by the system Linux Security Module. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-07-010010 - The Red Hat Enterprise Linux operating system must be configured so that the file permissions, ownership, and group membership of system files and commands match the vendor values. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| RHEL-07-020020 - The Red Hat Enterprise Linux operating system must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-020022 - The Red Hat Enterprise Linux operating system must not allow privileged accounts to utilize SSH. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-020210 - The Red Hat Enterprise Linux operating system must enable SELinux. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-07-020220 - The Red Hat Enterprise Linux operating system must enable the SELinux targeted policy. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-07-020330 - The Red Hat Enterprise Linux operating system must be configured so that all files and directories have a valid group owner. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-09-432035 - RHEL 9 must restrict the use of the 'su' command - su command. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010600 - The SUSE operating system Apparmor tool must be configured to control whitelisted applications and user home directory access control. | DISA SLES 12 STIG v2r13 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| SLES-15-010390 - SUSE operating system AppArmor tool must be configured to control whitelisted applications and user home directory access control. | DISA SLES 15 STIG v2r2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| UBTU-16-010600 - Pam_Apparmor must be configured to allow system administrators to pass information to any other Ubuntu operating system administrator or user, change security attributes, and to confine all non-privileged users from executing functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures - apparmor_status | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | ACCESS CONTROL |
| UBTU-16-010600 - Pam_Apparmor must be configured to allow system administrators to pass information to any other Ubuntu operating system administrator or user, change security attributes, and to confine all non-privileged users from executing functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures - libpam-apparmor | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | ACCESS CONTROL |
| UBTU-18-010437 - Pam_Apparmor must be configured to allow system administrators to pass information to any other Ubuntu operating system administrator or user, change security attributes, and to confine all non-privileged users from executing functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | ACCESS CONTROL |
| UBTU-20-010439 - The Ubuntu operating system must be configured to use AppArmor. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| UBTU-22-431010 - Ubuntu 22.04 LTS must have the 'apparmor' package installed. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| WN10-00-000095 - Permissions for system files and directories must conform to minimum requirements. | DISA Windows 10 STIG v3r2 | Windows | ACCESS CONTROL |
| WN12-GE-000006 - Permissions for system drive root directory (usually C:\) must conform to minimum requirements. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-GE-000007 - Permissions for program file directories must conform to minimum requirements | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-GE-000008 - Permissions for Windows installation directory must conform to minimum requirements. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| WN12-GE-000008 - Permissions for Windows installation directory must conform to minimum requirements. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
