| 1.1.16 Ensure nodev option set on /dev/shm partition | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.17 Ensure nosuid option set on /dev/shm partition | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.1.18 Ensure noexec option set on /dev/shm partition | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 1.2 Do Not Install a Multi-Use System - systemctl | CIS BIND DNS v3.0.1 Authoritative Name Server | Unix | CONFIGURATION MANAGEMENT |
| 1.2.4 Disable the rhnsd Daemon | CIS Red Hat Enterprise Linux 5 L2 v2.2.1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.3.3 Ensure AIDE is configured to verify ACLs | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 1.5 Installing ISC BIND 9 - bind9 installation | CIS BIND DNS v1.0.0 L1 Caching Only Name Server | Unix | CONFIGURATION MANAGEMENT |
| 1.5 Installing ISC BIND 9 - bind9 installation | CIS BIND DNS v1.0.0 L1 Authoritative Name Server | Unix | CONFIGURATION MANAGEMENT |
| 1.5 Installing ISC BIND 9 - named location | CIS BIND DNS v3.0.1 Authoritative Name Server | Unix | CONFIGURATION MANAGEMENT |
| 1.5 Installing ISC BIND 9 - named location | CIS BIND DNS v3.0.1 Caching Only Name Server | Unix | CONFIGURATION MANAGEMENT |
| 1.5 Installing ISC BIND 9 - named location | CIS BIND DNS v1.0.0 L1 Authoritative Name Server | Unix | CONFIGURATION MANAGEMENT |
| 1.5 Installing ISC BIND 9 - named location | CIS BIND DNS v1.0.0 L1 Caching Only Name Server | Unix | CONFIGURATION MANAGEMENT |
| 1.8.13 Ensure GNOME Idle activation is set | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 2.2.1.1 Ensure time synchronization is in use | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.2.8 Ensure overriding the screensaver lock-delay setting is prevented | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 2.2.2.9 Ensure session idle-delay settings is enforced | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 2.2.2.10 Ensure screensaver lock-enabled is set. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 2.2.2.11 Ensure the screensaver idle-activation-enabled setting | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | ACCESS CONTROL |
| 3.2.1 Ensure source routed packets are not accepted - /etc/sysctl.conf /etc/sysctl.d/* net.ipv4.conf.all.accept_source_route = 0 | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure source routed packets are not accepted - /etc/sysctl.conf /etc/sysctl.d/* net.ipv4.conf.default.accept_source_route = 0 | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure source routed packets are not accepted - /etc/sysctl.conf /etc/sysctl.d/* net.ipv6.conf.all.accept_source_route = 0 | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure source routed packets are not accepted - sysctl net.ipv4.conf.all.accept_source_route=0 | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure source routed packets are not accepted - sysctl net.ipv4.conf.default.accept_source_route=0 | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure source routed packets are not accepted - sysctl net.ipv6.conf.all.accept_source_route=0 | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.2.1 Ensure source routed packets are not accepted - sysctl net.ipv6.conf.default.accept_source_route=0 | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 3.6 Configure Network Time Protocol (NTP) - OPTIONS=-u ntp:ntp -p /var/run/ntpd.pid | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.6 Configure Network Time Protocol (NTP) - restrict -6 default kod nomodify nopeer notrap noquery | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 3.6 Configure Network Time Protocol (NTP) - server aaa.bbb.ccc.ddd | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2 Verify SELinux security options, if applicable | CIS Docker 1.13.0 v1.0.0 L2 Docker | Unix | ACCESS CONTROL |
| 5.2.26 Ensure only FIPS 140-2 MACs are used for SSH | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.12 Ensure password prohibited reuse is at a minumum '5' | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.4.6 Ensure no accounts are configured with blank or null passwords - password-auth | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 5.4.6 Ensure no accounts are configured with blank or null passwords - system-auth | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 5.10 Ensure enable smartcard authentication is set to true | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.2.7 Ensure all users' home directories exist | CIS Amazon Linux 2 STIG v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 6.2.26 Ensure local interactive users' 'dot' files executable paths resolve to the users home directory. | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | CONFIGURATION MANAGEMENT |
| CIS_Red_Hat_EL8_Server_L1_v3.0.0.audit from CIS Red Hat Enterprise Linux 8 Benchmark v3.0.0 | CIS Red Hat EL8 Server L1 v3.0.0 | Unix | |
| CIS_Red_Hat_EL8_Server_L2_v3.0.0.audit from CIS Red Hat Enterprise Linux 8 Benchmark v3.0.0 | CIS Red Hat EL8 Server L2 v3.0.0 | Unix | |
| CIS_Red_Hat_EL8_Workstation_L1_v3.0.0.audit from CIS Red Hat Enterprise Linux 8 Benchmark v3.0.0 | CIS Red Hat EL8 Workstation L1 v3.0.0 | Unix | |
| CIS_Red_Hat_EL8_Workstation_L2_v3.0.0.audit from CIS Red Hat Enterprise Linux 8 Benchmark v3.0.0 | CIS Red Hat EL8 Workstation L2 v3.0.0 | Unix | |
| DISA_Red_Hat_Enterprise_Linux_9_STIG_v2r3.audit from DISA Red Hat Enterprise Linux 9 STIG v2r3 | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | |
| DISA_STIG_Red_Hat_Enterprise_Linux_7_v3r15.audit from DISA Red Hat Enterprise Linux 7 v3r15 STIG | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | |
| DISA_STIG_Red_Hat_Enterprise_Linux_8_v2r1.audit from DISA Red Hat Enterprise Linux 8 v2r1 STIG | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | |
| DISA_STIG_RHEL_5_v1r18.audit from DISA Red Hat Enterprise Linux 5 STIG v1r18 | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | |
| DISA_STIG_RHEL_6_v2r2.audit from DISA Red Hat Enterprise Linux 6 v2r2 STIG | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | |
| DKER-EE-002780 - PIDs cgroup limits must be used in Docker Enterprise. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JBOS-AS-000010 - HTTP management session traffic must be encrypted. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | ACCESS CONTROL |
| RHEL-07-020210 - The Red Hat Enterprise Linux operating system must enable SELinux. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-08-020090 - RHEL 8 must map the authenticated identity to the user or group account for PKI-based authentication. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-213110 - RHEL 9 must implement nonexecutable data to protect its memory from unauthorized code execution. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
