| 6.1.15 Ensure the file permissions ownership and group membership of system files and commands match the vendor values | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| AIX7-00-003020 - AIX must use Trusted Execution (TE) Check policy | DISA STIG AIX 7.x v2r9 | Unix | ACCESS CONTROL |
| AIX7-00-003098 - AIX must allow admins to send a message to all the users who logged in currently. | DISA STIG AIX 7.x v2r9 | Unix | ACCESS CONTROL |
| AIX7-00-003099 - AIX must allow admins to send a message to a user who logged in currently. | DISA STIG AIX 7.x v2r9 | Unix | ACCESS CONTROL |
| EP11-00-007300 - EDB Postgres Advanced Server must enforce discretionary access control policies, as defined by the data owner, over defined subjects and objects. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | ACCESS CONTROL |
| MD3X-00-000570 - MongoDB must enforce discretionary access control policies, as defined by the data owner, over defined subjects and objects. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 DB | MongoDB | ACCESS CONTROL |
| MD4X-00-001200 - MongoDB must enforce discretionary access control policies, as defined by the data owner, over defined subjects and objects. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 DB | MongoDB | ACCESS CONTROL |
| O112-C2-006600 - Databases utilizing Discretionary Access Control (DAC) must enforce a policy that limits propagation of access rights. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | ACCESS CONTROL |
| O112-C2-006700 - A DBMS utilizing Discretionary Access Control (DAC) must enforce a policy that includes or excludes access to the granularity of a single user. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | ACCESS CONTROL |
| O121-C2-003000 - The DBMS must enforce Discretionary Access Control (DAC) policy allowing users to specify and control sharing by named individuals, groups of individuals, or by both, limiting propagation of access rights and including or excluding access to the granularity of a single user. | DISA STIG Oracle 12c v3r1 Database | OracleDB | ACCESS CONTROL |
| OL07-00-020020 - The Oracle Linux operating system must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL |
| OL07-00-020021 - The Oracle Linux operating system must confine SELinux users to roles that conform to least privilege. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL |
| OL07-00-020022 - The Oracle Linux operating system must not allow privileged accounts to utilize SSH. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL |
| OL07-00-020023 - The Oracle Linux operating system must elevate the SELinux context when an administrator calls the sudo command. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL |
| OL07-00-020210 - The Oracle Linux operating system must enable SELinux. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| PGS9-00-002200 - PostgreSQL must enforce discretionary access control policies, as defined by the data owner, over defined subjects and objects. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | ACCESS CONTROL |
| RHEL-06-000017 - The system must use a Linux Security Module at boot time. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-06-000020 - The system must use a Linux Security Module configured to enforce limits on system services. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000023 - The system must use a Linux Security Module configured to limit the privileges of system services. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000025 - All device files must be monitored by the system Linux Security Module. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-07-020020 - The Red Hat Enterprise Linux operating system must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-020022 - The Red Hat Enterprise Linux operating system must not allow privileged accounts to utilize SSH. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-020023 - The Red Hat Enterprise Linux operating system must elevate the SELinux context when an administrator calls the sudo command. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-020210 - The Red Hat Enterprise Linux operating system must enable SELinux. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-07-020220 - The Red Hat Enterprise Linux operating system must enable the SELinux targeted policy. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-07-020320 - The Red Hat Enterprise Linux operating system must be configured so that all files and directories have a valid owner. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-020330 - The Red Hat Enterprise Linux operating system must be configured so that all files and directories have a valid group owner. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-09-213030 - RHEL 9 must enable kernel parameters to enforce discretionary access control on hardlinks. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-09-213035 - RHEL 9 must enable kernel parameters to enforce discretionary access control on symlinks. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-09-432035 - RHEL 9 must restrict the use of the 'su' command - su command. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| SLES-12-010690 - All SUSE operating system files and directories must have a valid owner. | DISA SLES 12 STIG v2r13 | Unix | ACCESS CONTROL |
| SLES-12-010700 - All SUSE operating system files and directories must have a valid group owner. | DISA SLES 12 STIG v2r13 | Unix | ACCESS CONTROL |
| SQL6-D0-002800 - SQL Server must enforce discretionary access control policies, as defined by the data owner, over defined subjects and objects. | DISA STIG SQL Server 2016 Database Audit v3r1 | MS_SQLDB | ACCESS CONTROL |
| UBTU-16-010600 - Pam_Apparmor must be configured to allow system administrators to pass information to any other Ubuntu operating system administrator or user, change security attributes, and to confine all non-privileged users from executing functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures - apparmor_status | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | ACCESS CONTROL |
| UBTU-16-010600 - Pam_Apparmor must be configured to allow system administrators to pass information to any other Ubuntu operating system administrator or user, change security attributes, and to confine all non-privileged users from executing functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures - libpam-apparmor | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | ACCESS CONTROL |
| UBTU-16-010700 - All files and directories must have a valid owner. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | ACCESS CONTROL |
| UBTU-16-010710 - All files and directories must have a valid group owner. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | ACCESS CONTROL |
| UBTU-18-010437 - Pam_Apparmor must be configured to allow system administrators to pass information to any other Ubuntu operating system administrator or user, change security attributes, and to confine all non-privileged users from executing functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | ACCESS CONTROL |
| UBTU-20-010439 - The Ubuntu operating system must be configured to use AppArmor. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| UBTU-22-431010 - Ubuntu 22.04 LTS must have the 'apparmor' package installed. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| WN10-00-000095 - Permissions for system files and directories must conform to minimum requirements. | DISA Windows 10 STIG v3r2 | Windows | ACCESS CONTROL |
| WN12-GE-000006 - Permissions for system drive root directory (usually C:\) must conform to minimum requirements. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-GE-000006 - Permissions for system drive root directory (usually C:\) must conform to minimum requirements. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-GE-000007 - Permissions for program file directories must conform to minimum requirements | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-GE-000007 - Permissions for program file directories must conform to minimum requirements | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-GE-000008 - Permissions for Windows installation directory must conform to minimum requirements. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| WN12-GE-000008 - Permissions for Windows installation directory must conform to minimum requirements. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| WN16-00-000160 - Permissions for the system drive root directory (usually C:\) must conform to minimum requirements. | DISA Windows Server 2016 STIG v2r9 | Windows | ACCESS CONTROL |
| WN16-00-000180 - Permissions for the Windows installation directory must conform to minimum requirements. | DISA Windows Server 2016 STIG v2r9 | Windows | ACCESS CONTROL |
| WN19-00-000140 - Windows Server 2019 permissions for the system drive root directory (usually C:\) must conform to minimum requirements. | DISA Windows Server 2019 STIG v3r2 | Windows | ACCESS CONTROL |
