| 1.2.21 Ensure that the --service-account-lookup argument is set to true | CIS Kubernetes Benchmark v1.9.0 L1 Master | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.5.1.5 Ensure the SELinux mode is enforcing | CIS CentOS Linux 7 v4.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.1.1 Require Explicit Authorization for Cataloging (CATALOG_NOAUTH) | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.1.8 Set Maximum Connection Limits (MAX_CONNECTIONS and MAX_COORDAGENTS) | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.1.13 Secure the Communication Buffer Exit Library (COMM_EXIT_LIST) | CIS IBM DB2 11 v1.1.0 Windows OS Level 1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2.3 Disable Grants During Restore (DB2_RESTORE_GRANT_ADMIN_AUTHORITIES) | CIS IBM DB2 11 v1.1.0 Windows OS Level 1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.3.1 Secure Db2 Runtime Library | CIS IBM DB2 11 v1.1.0 Windows OS Level 1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.5 Ensure Access to Audit Records Is Controlled | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.5 Ensure Access to Audit Records Is Controlled - /var/audit | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1 Restrict access to $CATALINA_HOME | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1 Restrict access to $CATALINA_HOME | CIS Apache Tomcat 9 L1 v1.2.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1.5 Secure Permissions for the Primary Archive Log Location (LOGARCHMETH1) | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1.5 Secure Permissions for the Primary Archive Log Location (LOGARCHMETH1) | CIS IBM DB2 11 v1.1.0 Windows OS Level 1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1.6 Secure Permissions for the Secondary Archive Log Location (LOGARCHMETH2) | CIS IBM DB2 11 v1.1.0 Windows OS Level 1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1.7 Ensure that the certificate authorities file permissions are set to 600 or more restrictive | CIS Kubernetes Benchmark v1.9.0 L1 Worker | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1.8 Secure Permissions for the Log Mirror Location (MIRRORLOGPATH) | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1.9 Secure Permissions for the Log Overflow Location (OVERFLOWLOGPATH) | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1.9 Secure Permissions for the Log Overflow Location (OVERFLOWLOGPATH) | CIS IBM DB2 11 v1.1.0 Windows OS Level 1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.1.14 Specify a Secure Location for External Tables (EXTBL_LOCATION) | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.6 Restrict Access to SYSIBM.SYSCOLUMNS | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.8 Restrict Access to SYSIBM.SYSCONTEXTS | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.15 Restrict Access to SYSIBM.SYSINDEXAUTH | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.16 Restrict Access to SYSIBM.SYSMODULEAUTH | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.18 Restrict Access to SYSIBM.SYSPLANAUTH | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.28 Restrict Access to SYSIBM.SYSSECURITYLABELCOMPONENTELEMENTS | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.31 Restrict Access to SYSIBM.SYSSECURITYPOLICIES | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.35 Restrict Access to SYSIBM.SYSSEQUENCEAUTH | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.43 Restrict Access to SYSIBM.SYSVARIABLES | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.46 Restrict Access to SYSIBM.SYSXSROBJECTAUTH | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.4.3 Restrict Access to SYSIBMADM.PRIVILEGES | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.4.9 Restrict Access to SYSIBMADM.PRIVILEGES | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.6 Restrict access to Tomcat bin directory | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.6 Restrict access to Tomcat binaries directory | CIS Apache Tomcat 9 L1 v1.2.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.7 Restrict access to Tomcat web application directory | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.9 Restrict access to Tomcat catalina.policy | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.10 Restrict access to Tomcat context.xml | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.11 Restrict access to Tomcat logging.properties | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.13 Restrict access to Tomcat tomcat-users.xml | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.15 Restrict access to jaspic-providers.xml | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.1 Ensure Home Folders Are Secure | CIS Apple macOS 13.0 Ventura Cloud-tailored v1.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.6 Ensure No World Writable Files Exist in the System Folder | CIS Apple macOS 12.0 Monterey Cloud-tailored v1.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.1 Ensure the audit log directory is 0750 or more restrictive | CIS CentOS Linux 7 v4.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.8 Ensure audit tools are 755 or more restrictive | CIS CentOS Linux 7 v4.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.1 Secure SYSADM Authority | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.4 Ensure Guest Access to Shared Folders Is Disabled | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.4 Ensure Guest Access to Shared Folders Is Disabled | CIS Apple macOS 12.0 Monterey v3.1.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.4 Secure SYSMON Authority | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.14 Audit system file permissions | CIS CentOS Linux 7 v4.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.2.4 Nested Roles | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 7.4 Ensure directory in context.xml is a secure location - permissions | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL, MEDIA PROTECTION |
