| 1.4.1 Alter the Advertised server.info String (verify server.info is not set to default) | CIS Apache Tomcat5.5/6.0 L2 v1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.4.2 Alter the Advertised server.number String (verify server.number is not set to default) | CIS Apache Tomcat5.5/6.0 L2 v1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.4.3 Alter the Advertised server.built String (verify server.built is not set to default) | CIS Apache Tomcat5.5/6.0 L2 v1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.4.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connecters (verify if xpoweredBy is set to false) | CIS Apache Tomcat5.5/6.0 L2 v1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.4.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connecters (verify the server value is blank) | CIS Apache Tomcat5.5/6.0 L2 v1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.12.9 Do not allow custom header status messages | CIS Apache Tomcat5.5/6.0 L2 v1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1 Alter the Advertised server.info String | CIS Apache Tomcat 8 L2 v1.0.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1 Alter the Advertised server.info String | CIS Apache Tomcat 7 L2 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1 Alter the Advertised server.info String | CIS Apache Tomcat 7 L2 v1.1.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2 Alter the Advertised server.number String | CIS Apache Tomcat 8 L2 v1.0.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2 Alter the Advertised server.number String | CIS Apache Tomcat 7 L2 v1.1.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2 Alter the Advertised server.number String | CIS Apache Tomcat 7 L2 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3 Alter the Advertised server.built Date | CIS Apache Tomcat 8 L2 v1.0.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3 Alter the Advertised server.built Date | CIS Apache Tomcat 7 L2 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors | CIS Apache Tomcat 8 L2 v1.0.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors | CIS Apache Tomcat 7 L2 v1.1.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.4 Disable X-Powered-By HTTP Header and Rename the Server Value for all Connectors | CIS Apache Tomcat 7 L2 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1 Hide BIND Version String | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.9 Disable instance discoverability | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.9 Disable instance discoverability | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.10 Disable instance discoverability | CIS v1.1.0 IBM DB2 v10 Linux OS Level 2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.10 Disable instance discoverability | CIS v1.1.0 IBM DB2 v10 Linux OS Level 1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.10 Disable instance discoverability - 'discover_inst = disable' | CIS IBM DB2 OS L2 v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.16 Disable database discovery | CIS IBM DB2 v10 v1.1.0 Linux OS Level 1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.16 Disable database discovery | CIS IBM DB2 v10 v1.1.0 Linux OS Level 2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.17 Disable database discovery | CIS v1.1.0 IBM DB2 v10 Linux OS Level 2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.1.17 Disable database discovery | CIS v1.1.0 IBM DB2 v10 Linux OS Level 1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2.3 Disable database discover - 'discover_db = disable' | CIS IBM DB2 OS L2 v1.2.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.8 - Http banner reveals server information - Send Server Header | TNS Oracle WebLogic Server 11 Windows Best Practices | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.8 - Http banner reveals server information - X-Powered-By Header | TNS Oracle WebLogic Server 11 Linux Best Practices | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.8 - Http banner reveals server information - X-Powered-By Header | TNS Oracle WebLogic Server 11 Windows Best Practices | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.2 Remove Nameserver ID | CIS ISC BIND 9.0/9.5 v2.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 4.3 Enable Randomized Virtual Memory Region Placement | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.1 Hide BIND Version String | CIS BIND DNS v3.0.0 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.1 Hide BIND Version String | CIS BIND DNS v3.0.0 Caching Only Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.2 Hide Nameserver ID | CIS BIND DNS v3.0.0 Caching Only Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 6.2 Hide Nameserver ID | CIS BIND DNS v3.0.0 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 10.9 Do not allow custom header status messages | CIS Apache Tomcat 7 L2 v1.1.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 10.9 Do not allow custom header status messages | CIS Apache Tomcat 8 L2 v1.0.1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 10.9 Do not allow custom header status messages | CIS Apache Tomcat 7 L2 v1.1.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 12 - Remove and mask informational headers - JSP Configuration | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 12 - Remove and mask informational headers - Server Property Override | TNS Best Practice JBoss 7 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 14 - Hide BIND Version String | BIND - TNS BIND Best Practices Audit v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Fortigate - Obfuscate HTTP headers | TNS Fortigate FortiOS Best Practices | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
| Server version information parameters should be turned off - 'ServerSignature Off' | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Server version information parameters should be turned off - 'ServerSignature Off' | TNS IBM HTTP Server Best Practice Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Server version information parameters should be turned off - 'ServerSignature Off' | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Server version information parameters should be turned off - 'ServerTokens Prod' | TNS IBM HTTP Server Best Practice | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Server version information parameters should be turned off - 'ServerTokens Prod' | TNS IBM HTTP Server Best Practice Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Server version information parameters should be turned off - 'ServerTokens Prod' | TNS IBM HTTP Server Best Practice | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
