| 1.6.1.1 Ensure SELinux is enabled in the bootloader configuration - security=selinux | CIS Debian 9 Workstation L2 v1.0.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is enabled in the bootloader configuration - selinux = 1 | CIS Debian 9 Server L2 v1.0.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is enabled in the bootloader configuration - selinux = 1 | CIS Debian 9 Workstation L2 v1.0.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration | CIS Distribution Independent Linux Workstation L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration | Huawei EulerOS 2 Server L2 v1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration | Huawei EulerOS 2 Workstation L2 v1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration | CIS Distribution Independent Linux Server L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - /boot/grub/grub.cfg selinux=0 | CIS Distribution Independent Linux Workstation L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - /boot/grub/grub.cfg selinux=0 | CIS Distribution Independent Linux Server L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - /boot/grub/grub.conf enforcing=0 | CIS Distribution Independent Linux Server L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - /boot/grub/grub.conf enforcing=0 | CIS Distribution Independent Linux Workstation L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - /boot/grub/grub.conf selinux=0 | CIS Distribution Independent Linux Workstation L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - /boot/grub/grub.conf selinux=0 | CIS Distribution Independent Linux Server L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - /boot/grub/menu.lst enforcing=0 | CIS Distribution Independent Linux Workstation L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - /boot/grub/menu.lst enforcing=0 | CIS Distribution Independent Linux Server L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - /boot/grub/menu.lst selinux=0 | CIS Distribution Independent Linux Server L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - /boot/grub/menu.lst selinux=0 | CIS Distribution Independent Linux Workstation L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - /boot/grub2/grub.cfg enforcing=0 | CIS Distribution Independent Linux Workstation L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - /boot/grub2/grub.cfg enforcing=0 | CIS Distribution Independent Linux Server L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - /boot/grub2/grub.cfg selinux=0 | CIS Distribution Independent Linux Server L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - /boot/grub2/grub.cfg selinux=0 | CIS Distribution Independent Linux Workstation L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - /boot/grub2/grub.conf enforcing=0 | CIS Distribution Independent Linux Server L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - /boot/grub2/grub.conf enforcing=0 | CIS Distribution Independent Linux Workstation L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - /boot/grub2/grub.conf selinux=0 | CIS Distribution Independent Linux Server L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - /boot/grub2/grub.conf selinux=0 | CIS Distribution Independent Linux Workstation L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - /boot/grub2/menu.lst selinux=0 | CIS Distribution Independent Linux Server L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - enforcing=0 | CIS SUSE Linux Enterprise Workstation 12 L2 v2.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - selinux=0 | CIS SUSE Linux Enterprise Server 12 L2 v2.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.1.1 Ensure SELinux is not disabled in bootloader configuration - selinux=0 | CIS SUSE Linux Enterprise Workstation 12 L2 v2.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.6.2.1 Ensure AppArmor is not disabled in bootloader configuration | CIS Distribution Independent Linux Server L2 v1.1.0 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 1.7 Declare an EJB authorization policy for deployed applications | Redhat JBoss EAP 5.x | Unix | ACCESS CONTROL |
| 1.17 The allRolesMode must be configured to 'strict' - 'allRolesMode = strict' | Redhat JBoss EAP 5.x | Unix | ACCESS CONTROL |
| 2.2.7 Ensure that the certificate authorities file permissions are set to 644 or more restrictive | CIS Kubernetes 1.13 Benchmark v1.4.1 L1 | Unix | ACCESS CONTROL |
| 2.3.10.9 Ensure 'Network access: Restrict anonymous access to Named Pipes and Shares' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL |
| 2.020 - The system must prevent non-privileged users from executing privileged functions. | Tenable Fedora Linux Best Practices v2.0.0 | Unix | ACCESS CONTROL |
| 3.6 JMXInvokerServlet configuration - 'org.jboss.jmx.connector.invoker.RolesAuthorization = true' | Redhat JBoss EAP 5.x | Unix | ACCESS CONTROL |
| 3.6 JMXInvokerServlet configuration - 'rolesProperties = props/jmx-console-roles.properties' | Redhat JBoss EAP 5.x | Unix | ACCESS CONTROL |
| 3.6 JMXInvokerServlet configuration - 'usersProperties = props/jmx-console-users.properties' | Redhat JBoss EAP 5.x | Unix | ACCESS CONTROL |
| 3.6 The JMXInvokerServlet servlet must be configured to prevent unprivileged access using authentication | Redhat JBoss EAP 5.x | Unix | ACCESS CONTROL |
| 5.1 Specify a Secure Connection Authentication Type (SRVCON_AUTH) | CIS IBM DB2 11 v1.1.0 Windows OS Level 1 | Windows | ACCESS CONTROL |
| 5.1.8.1 Ensure that password hash sync is enabled for hybrid deployments | CIS Microsoft 365 Foundations E3 L1 v3.1.0 | microsoft_azure | ACCESS CONTROL |
| 5.4.5 Ensure default user umask is configured - system wide default | CIS Red Hat EL7 Server L1 v3.0.1 | Unix | ACCESS CONTROL |
| 5.10 Ensure Access to .ht* Files Is Restricted | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 10.1 Ensure SELinux Is Enabled in Enforcing Mode - config file | CIS BIND DNS v1.0.0 L2 Caching Only Name Server | Unix | ACCESS CONTROL |
| 10.1 Ensure SELinux Is Enabled in Enforcing Mode - current mode | CIS BIND DNS v1.0.0 L2 Caching Only Name Server | Unix | ACCESS CONTROL |
| 18.9.59.3.11.1 Ensure 'Do not delete temp folders upon exit' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL |
| 18.9.59.3.11.2 Ensure 'Do not use temporary folders per session' is set to 'Disabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL |
| Big Sur - Enforce Approved Authorization for Logical Access | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL |
| Big Sur - Enforce Approved Authorization for Logical Access | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | ACCESS CONTROL |
| Big Sur - Enforce Approved Authorization for Logical Access | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | ACCESS CONTROL |
