| 1.6.1.2 Ensure the SELinux state is enforcing - /etc/selinux/config | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | ACCESS CONTROL |
| 1.6.1.3 Ensure SELinux policy is configured - /etc/selinux/config | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | ACCESS CONTROL |
| 2.4 Ensure 'forms authentication' is set to use cookies | CIS IIS 8.0 v1.5.1 Level 2 | Windows | CONFIGURATION MANAGEMENT |
| 3.6 Disable IPv6 | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 4.1.1.2 Ensure system is disabled when audit logs are full - root | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.3 Ensure auditing for processes that start prior to auditd is enabled | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.4 Ensure events that modify date and time information are collected - auditctl /etc/localtime | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.4 Ensure events that modify date and time information are collected - clock_settime | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.5 Ensure events that modify user/group information are collected - /etc/group | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.10 Ensure discretionary access control permission modification events are collected - auditctl chmod/fchmod/fchmodat (32-bit) | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.10 Ensure discretionary access control permission modification events are collected - setxattr/lsetxattr/fsetxattr (32-bit) | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.11 Ensure unsuccessful unauthorized file access attempts are collected - EACCES (32-bit) | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.12 Ensure use of privileged commands is collected | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.14 Ensure file deletion events by users are collected - (64-bit) | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.14 Ensure file deletion events by users are collected - auditctl (32-bit) | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.15 Ensure changes to system administration scope (sudoers) is collected - /etc/sudoers.d | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.1.17 Ensure kernel module loading and unloading is collected - rmmod | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4 Ensure non-ASCII characters in URLs are not allowed | CIS IIS 8.0 v1.5.1 Level 2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.2.3.5 Ensure events that modify the system's network environment are collected | CIS Amazon Linux 2 v3.0.0 L2 | Unix | AUDIT AND ACCOUNTABILITY |
| 5.2.3.20 Ensure the audit configuration is immutable | CIS Amazon Linux 2 v3.0.0 L2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MEDIA PROTECTION |
| 5.2.4.4 Ensure only authorized groups are assigned ownership of audit log files | CIS Amazon Linux 2 v3.0.0 L2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.5 Ensure audit configuration files are 640 or more restrictive | CIS Amazon Linux 2 v3.0.0 L2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.14 Audit system file permissions | CIS Amazon Linux 2 v3.0.0 L2 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.7 Ensure subnets for the App tier are created | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | SYSTEM AND COMMUNICATIONS PROTECTION |
| auditctl /etc/localtime | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| auditctl /etc/sudoers | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| auditctl /usr/bin/kmod | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| auditctl adjtimex x64 | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| auditctl b32 chmod | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| auditctl b32 chown | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| auditctl b32 EPERM | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| auditctl b32 fchmod | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| auditctl b64 removexattr | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| auditctl b64 sethostname | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| auditctl clock_settime x32 | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| auditctl finit_module b64 | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| auditctl wtmp | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| b32 chown | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| b32 fchownat | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| b32 lchown | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| b64 chown | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| b64 lremovexattr | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| b64 setxattr | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| Default | CIS IIS 8.0 v1.5.1 Level 2 | Windows | |
| grubby | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| password-auth preauth root_unlock_time | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| sshd output | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| system-auth preauth root_unlock_time | CIS Amazon Linux 2 v3.0.0 L2 | Unix | |
| Verify IIS 10 installed. | CIS IIS 10 v1.2.1 Level 2 | Windows | |
| Verify IIS is installed. | CIS IIS 10 v1.2.1 Level 2 | Windows | |
