| 1.3.1 Ensure AIDE is installed | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 1.3.5 Ensure AIDE is configured to use FIPS 140-2 | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 1.5 Installing ISC BIND 9 - bind9 installation | CIS BIND DNS v3.0.1 Authoritative Name Server | Unix | |
| 3.2.2 Ensure ICMP redirects are not accepted - /etc/sysctl.conf /etc/sysctl.d/* net.ipv4.conf.all.accept_redirects=0 | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.2 Ensure ICMP redirects are not accepted - /etc/sysctl.conf /etc/sysctl.d/* net.ipv4.conf.default.accept_redirects=0 | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.2 Ensure ICMP redirects are not accepted - /etc/sysctl.conf /etc/sysctl.d/* net.ipv6.conf.all.accept_redirects=0 | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.2 Ensure ICMP redirects are not accepted - /etc/sysctl.conf /etc/sysctl.d/* net.ipv6.conf.default.accept_redirects=0 | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.2 Ensure ICMP redirects are not accepted - sysctl net.ipv4.conf.all.accept_redirects=0 | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.2 Ensure ICMP redirects are not accepted - sysctl net.ipv4.conf.default.accept_redirects=0 | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.2 Ensure ICMP redirects are not accepted - sysctl net.ipv6.conf.all.accept_redirects=0 | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.2 Ensure ICMP redirects are not accepted - sysctl net.ipv6.conf.default.accept_redirects=0 | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.7 Remove LDAP | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.2.1 Ensure all uses of the passwd command are audited. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.3 Ensure audit of the gpasswd command | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.6 Ensure audit all uses of the chsh command. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.7 Ensure audit the umount command | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.8 Ensure audit of postdrop command | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.9 Ensure audit of postqueue command. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.10 Ensure audit ssh-keysign command. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.21 Ensure audit of the chcon command | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.2.23 Ensure audit of the userhelper command | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.22 Ensure only FIPS 140-2 ciphers are used for SSH | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.27 Ensure SSH does not permit GSSAPI | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | CONFIGURATION MANAGEMENT |
| 5.2.28 Ensure SSH does not permit Kerberos authentication | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.34 Ensure remote X connections are encrypted. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | CONFIGURATION MANAGEMENT |
| 5.4.6 Ensure users must provide password for escalation | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 5.5.1.9 Ensure inactive password lock is 0 days - individuals, groups, roles, and devices if the password expires. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.3.4 Upgrade Password Hashing Algorithm to SHA-512 | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.1 Ensure mod_ssl and/or mod_nss Is Installed | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure mod_ssl and/or mod_nss Is Installed - 'mod_ssl is loaded' | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.1 Ensure mod_ssl and/or mod_nss Is Installed - 'mod_ssl is loaded' | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS_Red_Hat_EL5_v2.2.1_L1.audit from Red Hat Enterprise Linux 5 Benchmark | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | |
| CIS_Red_Hat_EL5_v2.2.1_L2.audit from Red Hat Enterprise Linux 5 Benchmark | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | |
| CIS_Red_Hat_EL7_STIG_v2.0.0_L1_Server.audit from CIS Red Hat Enterprise Linux 7 STIG v2.0.0 | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | |
| CIS_Red_Hat_EL7_STIG_v2.0.0_L1_Workstation.audit from CIS Red Hat Enterprise Linux 7 STIG v2.0.0 | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | |
| CIS_Red_Hat_EL7_STIG_v2.0.0_L2_Server.audit from CIS Red Hat Enterprise Linux 7 STIG v2.0.0 | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Server | Unix | |
| CIS_Red_Hat_EL7_STIG_v2.0.0_L2_Workstation.audit from CIS Red Hat Enterprise Linux 7 STIG v2.0.0 | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L2 Workstation | Unix | |
| CIS_Red_Hat_EL7_STIG_v2.0.0_STIG.audit from CIS Red Hat Enterprise Linux 7 STIG v2.0.0 | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | |
| CIS_Red_Hat_Enterprise_Linux_7_v4.0.0_L1_Server.audit from CIS Red Hat Enterprise Linux 7 Benchmark v4.0.0 | CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Server | Unix | |
| CIS_Red_Hat_Enterprise_Linux_7_v4.0.0_L1_Workstation.audit from CIS Red Hat Enterprise Linux 7 Benchmark v4.0.0 | CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Workstation | Unix | |
| CIS_Red_Hat_Enterprise_Linux_7_v4.0.0_L2_Server.audit from CIS Red Hat Enterprise Linux 7 Benchmark v4.0.0 | CIS Red Hat Enterprise Linux 7 v4.0.0 L2 Server | Unix | |
| CIS_Red_Hat_Enterprise_Linux_7_v4.0.0_L2_Workstation.audit from CIS Red Hat Enterprise Linux 7 Benchmark v4.0.0 | CIS Red Hat Enterprise Linux 7 v4.0.0 L2 Workstation | Unix | |
| CIS_Red_Hat_Enterprise_Linux_9_v2.0.0_L1_Server.audit from CIS Red Hat Enterprise Linux 9 Benchmark v2.0.0 | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | |
| CIS_Red_Hat_Enterprise_Linux_9_v2.0.0_L1_Workstation.audit from CIS Red Hat Enterprise Linux 9 Benchmark v2.0.0 | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | |
| CIS_Red_Hat_Enterprise_Linux_9_v2.0.0_L2_Server.audit from CIS Red Hat Enterprise Linux 9 Benchmark v2.0.0 | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Server | Unix | |
| CIS_Red_Hat_Enterprise_Linux_9_v2.0.0_L2_Workstation.audit from CIS Red Hat Enterprise Linux 9 Benchmark v2.0.0 | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | |
| Ensure system accounts are non-login | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | ACCESS CONTROL |
| JBOS-AS-000010 - HTTP management session traffic must be encrypted. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | ACCESS CONTROL |
| JBOS-AS-000225 - Google Analytics must be disabled in EAP Console. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| JBOS-AS-000685 - The JRE installed on the JBoss server must be kept up to date. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
