| * hard core 0 | CIS Google Container-Optimized OS v1.2.0 L2 Server | Unix | |
| 1.4.2 Ensure XD/NX support is enabled | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.5.1.2 Ensure local login warning banner is configured properly | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 1.5.1.5 Ensure permissions on /etc/issue are configured | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 2.2.5 Ensure 'REMOTE_LISTENER' Is Empty | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.10 Ensure 'SEC_MAX_FAILED_LOGIN_ATTEMPTS' Is '3' or Less | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL |
| 2.2.10 Ensure 'SEC_MAX_FAILED_LOGIN_ATTEMPTS' Is '3' or Less | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL |
| 2.2.11 Ensure 'SEC_PROTOCOL_ERROR_FURTHER_ACTION' Is Set to '(DROP,3)' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.16 Ensure 'RESOURCE_LIMIT' Is Set to 'TRUE' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2.8 Ensure TCP SYN Cookies is enabled | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, PLANNING, PROGRAM MANAGEMENT, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3 Ensure 'PASSWORD_LIFE_TIME' Is Less than or Equal to '90' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL |
| 3.5 Ensure 'PASSWORD_REUSE_TIME' Is Greater than or Equal to '365' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 4.1 Ensure All Default Passwords Are Changed | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| 4.2 Ensure All Sample Data And Users Have Been Removed | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.2 Ensure All Sample Data And Users Have Been Removed | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 4.3 Ensure 'DBA_USERS.AUTHENTICATION_TYPE' Is Not Set to 'EXTERNAL' for Any User | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL |
| 5.1.1.2 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "File System" Packages | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.1.5 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "Job Scheduler" Packages | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.1.5 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "Job Scheduler" Packages | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.1.7 Ensure 'EXECUTE' is revoked from 'PUBLIC' on "DBMS_CREDENTIAL" Package | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.1.2.1 Ensure 'EXECUTE' is not granted to 'PUBLIC' on "Non-default" Packages | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.5 Ensure SSH LogLevel is appropriate | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 5.1.6 Ensure SSH X11 forwarding is disabled | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.1.9 Ensure SSH HostbasedAuthentication is disabled | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.2.6 Ensure 'SELECT ANY TABLE' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.8 Ensure 'EXEMPT ACCESS POLICY' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.10 Ensure 'CREATE PROCEDURE' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.11 Ensure 'ALTER SYSTEM' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.13 Ensure 'CREATE LIBRARY' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.16 Ensure 'GRANT ANY PRIVILEGE' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.3.1 Ensure 'SELECT_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.3.2 Ensure 'EXECUTE_CATALOG_ROLE' Is Revoked from Unauthorized 'GRANTEE' | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.5 Ensure the 'DATABASE LINK' Audit Option Is Enabled | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.1.9 Ensure the 'DIRECTORY' Audit Option Is Enabled | CIS Oracle Server 19c DB Traditional Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.1 Ensure password fields are not empty | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 6.2.2 Ensure no legacy "+" entries exist in /etc/passwd | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | ACCESS CONTROL |
| 6.2.2 Ensure the 'ALTER USER' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.3 Ensure no legacy "+" entries exist in /etc/shadow | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | ACCESS CONTROL |
| 6.2.6 Ensure the 'DROP ROLE' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.8 Ensure the 'REVOKE' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.12 Ensure the 'CREATE DATABASE LINK' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.15 Ensure the 'CREATE SYNONYM' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.17 Ensure the 'DROP SYNONYM' Action Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| 6.2.20 Ensure shadow group is empty | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 6.2.27 Ensure the 'LOGON' AND 'LOGOFF' Actions Audit Is Enabled | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | AUDIT AND ACCOUNTABILITY |
| mount | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | |
| Multitenant Check | CIS Oracle Server 19c DB Unified Auditing v1.2.0 | OracleDB | |
| on disk - net.ipv4.icmp_echo_ignore_broadcasts | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | |
| platform flags | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | |
| systemd-sulogin-shell emergency | CIS Google Container-Optimized OS v1.2.0 L1 Server | Unix | |
