| 1.1.2.3 Ensure noexec option set on /tmp partition | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.3.2 Ensure nodev option set on /var partition | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.3.4 Ensure nosuid option set on /var partition | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.7.2 Ensure nodev option set on /home partition | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.1.7.3 Ensure nosuid option set on /home partition | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 1.7.4 Ensure permissions on /etc/motd are configured | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.1.1 Require Explicit Authorization for Cataloging (CATALOG_NOAUTH) | CIS IBM DB2 11 v1.1.0 Windows OS Level 1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.1.4 Secure Permissions for All Diagnostic Logs (DIAGPATH) | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.1.11 Secure the Python Runtime Path (PYTHON_PATH) | CIS IBM DB2 11 v1.1.0 Windows OS Level 1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.1.12 Secure the R Runtime Path (R_PATH) | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.1.13 Secure the Communication Buffer Exit Library (COMM_EXIT_LIST) | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2.4 Enable Extended Security (DB2_EXTSECURITY) | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.2.5 Limit OS Privileges of Fenced Mode Process (DB2_LIMIT_FENCED_GROUP) | CIS IBM DB2 11 v1.1.0 Windows OS Level 1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.3.1 Secure Db2 Runtime Library | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.5 Ensure Access to Audit Records Is Controlled | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.5 Ensure Access to Audit Records Is Controlled - /etc/security/audit_control | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.15 Ensure that the Docker socket file ownership is set to root:docker | CIS Docker v1.6.0 L1 Docker Linux | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.4 Restrict Access to SYSIBM.SYSCOLDIST | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.21 Restrict Access to SYSIBM.SYSROLES | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.22 Restrict Access to SYSIBM.SYSROUTINEAUTH | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.24 Restrict Access to SYSIBM.ROUTINES_S | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.27 Restrict Access to SYSIBM.SYSSECURITYLABELACCESS | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.29 Restrict Access to SYSIBM.SYSSECURITYLABELCOMPONENTS | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3.40 Restrict Access to SYSIBM.SYSTBSPACEAUTH | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 4.5.1 Restrict Access to Tablespaces | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.1 Ensure Home Folders Are Secure | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.2 Ensure permissions on /etc/crontab are configured | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.5 Ensure Appropriate Permissions Are Enabled for System Wide Applications | CIS Apple macOS 10.14 v2.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.5 Ensure Appropriate Permissions Are Enabled for System Wide Applications | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.5 Ensure No World Writable Files Exist in the System Folder | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.5 Ensure permissions on /etc/cron.weekly are configured | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1.6 Ensure No World Writable Files Exist in the System Folder | CIS Apple macOS 12.0 Monterey v3.1.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.2 Ensure permissions on SSH private host key files are configured | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.3 Ensure permissions on SSH public host key files are configured | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.2.4 Ensure SSH access is limited | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 5.25 Ensure that cgroup usage is confirmed | CIS Docker v1.6.0 L1 Docker Linux | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.3 Secure SYSMAINT Authority | CIS IBM DB2 11 v1.1.0 Linux OS Level 1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.4 Ensure Guest Access to Shared Folders Is Disabled | CIS Apple macOS 10.15 Catalina v3.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.4 Secure SYSMON Authority | CIS IBM DB2 11 v1.1.0 Windows OS Level 1 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.5 Secure SECADM Authority | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.6 Ensure permissions on /etc/gshadow are configured | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.10 Ensure permissions on /etc/gshadow- are configured | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.12 Ensure no unowned files or directories exist | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.14 Audit SUID executables | CIS Fedora 28 Family Linux Server L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.14 Secure LOAD Authority | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 6.1.16 Secure QUIESCECONNECT Authority | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 6.2.3 Review Role Members | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 6.2.5 Review Roles Granted to PUBLIC | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.1 Review Organization's Policies Against Db2 RCAC Policies | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 6.3.2 Review Row Permission Logic According to Policy | CIS IBM DB2 11 v1.1.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
