| 1.1.2.1.4 Ensure noexec option set on /tmp partition | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.2.3 Ensure nosuid option set on /dev/shm partition | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.2.4 Ensure noexec option set on /dev/shm partition | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.3.1 Ensure separate partition exists for /home | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.3.1 Ensure separate partition exists for /home | CIS Rocky Linux 8 Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.4.1 Ensure separate partition exists for /var | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.4.1 Ensure separate partition exists for /var | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.5.1 Ensure separate partition exists for /var/tmp | CIS Rocky Linux 8 Server L2 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.5.1 Ensure separate partition exists for /var/tmp | CIS Rocky Linux 8 Workstation L2 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.2.6.2 Ensure nodev option set on /var/log partition | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.3.1.5 Ensure the SELinux mode is enforcing | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.3.1.5 Ensure the SELinux mode is enforcing | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.3.1.6 Ensure no unconfined services exist | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 2.4.1.6 Ensure permissions on /etc/cron.monthly are configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 2.4.1.8 Ensure crontab is restricted to authorized users | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2 Ensure 'log_bin_basename' Files Have Appropriate Permissions | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2 Ensure 'log_bin_basename' Files Have Appropriate Permissions | CIS MySQL 5.7 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2 Ensure 'log_bin_basename' Files Have Appropriate Permissions | CIS MySQL 5.7 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.3 Ensure 'log_error' Has Appropriate Permissions | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.3 Ensure 'log_error' Has Appropriate Permissions | CIS MySQL 5.7 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.4 Ensure 'slow_query_log' Has Appropriate Permissions | CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.5 Ensure 'relay_log_basename' Files Have Appropriate Permissions | CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.6 Ensure 'general_log_file' Has Appropriate Permissions | CIS MySQL 5.6 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.6 Ensure 'general_log_file' Has Appropriate Permissions | CIS MySQL 5.7 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.7 Ensure SSL Key Files Have Appropriate Permissions | CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.8 Ensure Plugin Directory Has Appropriate Permissions | CIS MySQL 5.6 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.8 Ensure Plugin Directory Has Appropriate Permissions | CIS MySQL 5.6 Enterprise Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.9 Secure MySQL Keyring - keyring_aws_conf_file | CIS MySQL 5.7 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.9 Secure MySQL Keyring - keyring_file_data_path | CIS MySQL 5.7 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - --skip-grant-tables | CIS MySQL 5.6 Enterprise Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - %PROGRAMDATA%\MySQL\MySQL Server 5.7\my.ini | CIS MySQL 5.7 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - %WINDIR%\my.cnf | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - %WINDIR%\my.ini | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - %WINDIR%\my.ini | CIS MySQL 5.7 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5 Ensure 'mysqld' is Not Started with '--skip-grant-tables' - MYSQL_INSTALL\my.cnf | CIS MySQL 5.7 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.8 Ensure the 'secure_file_priv' is Configured Correctly | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.1 Ensure permissions on /etc/ssh/sshd_config are configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.1 Ensure the audit log directory is 0750 or more restrictive | CIS Rocky Linux 8 Server L2 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.8 Ensure audit tools are 755 or more restrictive | CIS Rocky Linux 8 Server L2 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4.9 Ensure audit tools are owned by root | CIS Rocky Linux 8 Server L2 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.4.2.8 Ensure accounts without a valid login shell are locked | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.2.1.2 Ensure journald log file access is configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.2 Ensure audit log files mode is configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.5 Ensure audit configuration files mode is configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Server | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.6 Ensure audit configuration files owner is configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.4.7 Ensure audit configuration files group owner is configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L2 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 7.1.4 Ensure permissions on /etc/group- are configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 7.1.8 Ensure permissions on /etc/gshadow- are configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 7.1.9 Ensure permissions on /etc/shells are configured | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 7.1.13 Ensure SUID and SGID files are reviewed | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | ACCESS CONTROL, MEDIA PROTECTION |
