| ALMA-09-007280 | V1R2 | AlmaLinux OS 9 must audit uses of the "execve" system call. | |
| ALMA-09-031920 | V1R2 | AlmaLinux OS 9 must require users to provide authentication for privilege escalation. | |
| ALMA-09-032030 | V1R2 | AlmaLinux OS 9 must require users to provide a password for privilege escalation. | |
| ALMA-09-032140 | V1R2 | AlmaLinux OS 9 must not be configured to bypass password requirements for privilege escalation. | |
| ALMA-09-032250 | V1R2 | AlmaLinux OS 9 must require reauthentication when using the "sudo" command. | |
| OL07-00-030360 | V3R2 | The Oracle Linux operating system must audit all executions of privileged functions. | |
| OL09-00-002362 | V1R1 | OL 9 must require users to reauthenticate for privilege escalation. | |
| OL09-00-002363 | V1R1 | OL 9 must require users to provide a password for privilege escalation. | |
| OL09-00-002364 | V1R1 | OL 9 must not be configured to bypass password requirements for privilege escalation. | |
| RHEL-07-030360 | V3R9 | The Red Hat Enterprise Linux operating system must audit all executions of privileged functions. | |
| SLES-12-020240 | V3R2 | The SUSE operating system must generate audit records for all uses of the privileged functions. | |
| SLES-15-030640 | V2R4 | The SUSE operating system must generate audit records for all uses of the privileged functions. | |
| WN10-AU-000105 | V3R4 | The system must be configured to audit Policy Change - Authentication Policy Change successes. | |
| WN10-AU-000110 | V3R4 | The system must be configured to audit Privilege Use - Sensitive Privilege Use failures. | |
| WN10-AU-000115 | V3R4 | The system must be configured to audit Privilege Use - Sensitive Privilege Use successes. | |
| WN10-AU-000140 | V3R4 | The system must be configured to audit System - Security State Change successes. | |
| WN10-AU-000150 | V3R4 | The system must be configured to audit System - Security System Extension successes. | |
| WN10-AU-000155 | V3R4 | The system must be configured to audit System - System Integrity failures. | |
| WN10-AU-000160 | V3R4 | The system must be configured to audit System - System Integrity successes. | |
| WN11-AU-000110 | V2R3 | The system must be configured to audit Privilege Use - Sensitive Privilege Use failures. | |
| WN16-AU-000100 | V2R9 | Windows Server 2016 must be configured to audit Account Management - Other Account Management Events successes. | |
| WN16-AU-000170 | V2R9 | Windows Server 2016 must be configured to audit Detailed Tracking - Process Creation successes. | |
| WN16-AU-000310 | V2R9 | Windows Server 2016 must be configured to audit Policy Change - Audit Policy Change successes. | |
| WN16-AU-000320 | V2R9 | Windows Server 2016 must be configured to audit Policy Change - Audit Policy Change failures. | |
| WN16-AU-000330 | V2R9 | Windows Server 2016 must be configured to audit Policy Change - Authentication Policy Change successes. | |
| WN16-AU-000340 | V2R9 | Windows Server 2016 must be configured to audit Policy Change - Authorization Policy Change successes. | |
| WN16-AU-000350 | V2R9 | Windows Server 2016 must be configured to audit Privilege Use - Sensitive Privilege Use successes. | |
| WN16-AU-000360 | V2R9 | Windows Server 2016 must be configured to audit Privilege Use - Sensitive Privilege Use failures. | |
| WN16-AU-000370 | V2R9 | Windows Server 2016 must be configured to audit System - IPsec Driver successes. | |
| WN16-AU-000380 | V2R9 | Windows Server 2016 must be configured to audit System - IPsec Driver failures. | |
| WN16-AU-000390 | V2R9 | Windows Server 2016 must be configured to audit System - Other System Events successes. | |
| WN16-AU-000400 | V2R9 | Windows Server 2016 must be configured to audit System - Other System Events failures. | |
| WN16-AU-000410 | V2R9 | Windows Server 2016 must be configured to audit System - Security State Change successes. | |
| WN16-AU-000420 | V2R9 | Windows Server 2016 must be configured to audit System - Security System Extension successes. | |
| WN16-AU-000440 | V2R9 | Windows Server 2016 must be configured to audit System - System Integrity successes. | |
| WN16-AU-000450 | V2R9 | Windows Server 2016 must be configured to audit System - System Integrity failures. | |
| WN16-DC-000170 | V2R9 | Active Directory Group Policy objects must be configured with proper audit settings. | |
| WN16-DC-000180 | V2R9 | The Active Directory Domain object must be configured with proper audit settings. | |
| WN16-DC-000190 | V2R9 | The Active Directory Infrastructure object must be configured with proper audit settings. | |
| WN16-DC-000200 | V2R9 | The Active Directory Domain Controllers Organizational Unit (OU) object must be configured with proper audit settings. | |
| WN16-DC-000210 | V2R9 | The Active Directory AdminSDHolder object must be configured with proper audit settings. | |
| WN16-DC-000220 | V2R9 | The Active Directory RID Manager$ object must be configured with proper audit settings. | |
| WN16-DC-000240 | V2R9 | Windows Server 2016 must be configured to audit DS Access - Directory Service Access successes. | |
| WN16-DC-000250 | V2R9 | Windows Server 2016 must be configured to audit DS Access - Directory Service Access failures. | |
| WN16-DC-000260 | V2R9 | Windows Server 2016 must be configured to audit DS Access - Directory Service Changes successes. | |
| WN19-AU-000090 | V3R4 | Windows Server 2019 must be configured to audit Account Management - Other Account Management Events successes. | |
| WN19-AU-000140 | V3R4 | Windows Server 2019 must be configured to audit Detailed Tracking - Process Creation successes. | |
| WN19-AU-000260 | V3R4 | Windows Server 2019 must be configured to audit Policy Change - Audit Policy Change successes. | |
| WN19-AU-000270 | V3R4 | Windows Server 2019 must be configured to audit Policy Change - Audit Policy Change failures. | |
| WN19-AU-000280 | V3R4 | Windows Server 2019 must be configured to audit Policy Change - Authentication Policy Change successes. | |
| WN19-AU-000290 | V3R4 | Windows Server 2019 must be configured to audit Policy Change - Authorization Policy Change successes. | |
| WN19-AU-000300 | V3R4 | Windows Server 2019 must be configured to audit Privilege Use - Sensitive Privilege Use successes. | |
| WN19-AU-000310 | V3R4 | Windows Server 2019 must be configured to audit Privilege Use - Sensitive Privilege Use failures. | |
| WN19-AU-000320 | V3R4 | Windows Server 2019 must be configured to audit System - IPsec Driver successes. | |
| WN19-AU-000330 | V3R4 | Windows Server 2019 must be configured to audit System - IPsec Driver failures. | |
| WN19-AU-000340 | V3R4 | Windows Server 2019 must be configured to audit System - Other System Events successes. | |
| WN19-AU-000350 | V3R4 | Windows Server 2019 must be configured to audit System - Other System Events failures. | |
| WN19-AU-000360 | V3R4 | Windows Server 2019 must be configured to audit System - Security State Change successes. | |
| WN19-AU-000370 | V3R4 | Windows Server 2019 must be configured to audit System - Security System Extension successes. | |
| WN19-AU-000380 | V3R4 | Windows Server 2019 must be configured to audit System - System Integrity successes. | |
| WN19-AU-000390 | V3R4 | Windows Server 2019 must be configured to audit System - System Integrity failures. | |
| WN19-DC-000170 | V3R4 | Windows Server 2019 Active Directory Group Policy objects must be configured with proper audit settings. | |
| WN19-DC-000180 | V3R4 | Windows Server 2019 Active Directory Domain object must be configured with proper audit settings. | |
| WN19-DC-000190 | V3R4 | Windows Server 2019 Active Directory Infrastructure object must be configured with proper audit settings. | |
| WN19-DC-000200 | V3R4 | Windows Server 2019 Active Directory Domain Controllers Organizational Unit (OU) object must be configured with proper audit settings. | |
| WN19-DC-000210 | V3R4 | Windows Server 2019 Active Directory AdminSDHolder object must be configured with proper audit settings. | |
| WN19-DC-000220 | V3R4 | Windows Server 2019 Active Directory RID Manager$ object must be configured with proper audit settings. | |
| WN19-DC-000240 | V3R4 | Windows Server 2019 must be configured to audit DS Access - Directory Service Access successes. | |
| WN19-DC-000250 | V3R4 | Windows Server 2019 must be configured to audit DS Access - Directory Service Access failures. | |
| WN19-DC-000260 | V3R4 | Windows Server 2019 must be configured to audit DS Access - Directory Service Changes successes. | |
| WN22-AU-000090 | V2R4 | Windows Server 2022 must be configured to audit Account Management - Other Account Management Events successes. | |
| WN22-AU-000140 | V2R4 | Windows Server 2022 must be configured to audit Detailed Tracking - Process Creation successes. | |
| WN22-AU-000260 | V2R4 | Windows Server 2022 must be configured to audit Policy Change - Audit Policy Change successes. | |
| WN22-AU-000270 | V2R4 | Windows Server 2022 must be configured to audit Policy Change - Audit Policy Change failures. | |
| WN22-AU-000280 | V2R4 | Windows Server 2022 must be configured to audit Policy Change - Authentication Policy Change successes. | |
| WN22-AU-000290 | V2R4 | Windows Server 2022 must be configured to audit Policy Change - Authorization Policy Change successes. | |
| WN22-AU-000300 | V2R4 | Windows Server 2022 must be configured to audit Privilege Use - Sensitive Privilege Use successes. | |
| WN22-AU-000310 | V2R4 | Windows Server 2022 must be configured to audit Privilege Use - Sensitive Privilege Use failures. | |
| WN22-AU-000320 | V2R4 | Windows Server 2022 must be configured to audit System - IPsec Driver successes. | |
| WN22-AU-000330 | V2R4 | Windows Server 2022 must be configured to audit System - IPsec Driver failures. | |
| WN22-AU-000340 | V2R4 | Windows Server 2022 must be configured to audit System - Other System Events successes. | |
| WN22-AU-000350 | V2R4 | Windows Server 2022 must be configured to audit System - Other System Events failures. | |
| WN22-AU-000360 | V2R4 | Windows Server 2022 must be configured to audit System - Security State Change successes. | |
| WN22-AU-000370 | V2R4 | Windows Server 2022 must be configured to audit System - Security System Extension successes. | |
| WN22-AU-000380 | V2R4 | Windows Server 2022 must be configured to audit System - System Integrity successes. | |
| WN22-AU-000390 | V2R4 | Windows Server 2022 must be configured to audit System - System Integrity failures. | |
| WN22-DC-000170 | V2R4 | Windows Server 2022 Active Directory Group Policy objects must be configured with proper audit settings. | |
| WN22-DC-000180 | V2R4 | Windows Server 2022 Active Directory Domain object must be configured with proper audit settings. | |
| WN22-DC-000190 | V2R4 | Windows Server 2022 Active Directory Infrastructure object must be configured with proper audit settings. | |
| WN22-DC-000200 | V2R4 | Windows Server 2022 Active Directory Domain Controllers Organizational Unit (OU) object must be configured with proper audit settings. | |
| WN22-DC-000210 | V2R4 | Windows Server 2022 Active Directory AdminSDHolder object must be configured with proper audit settings. | |
| WN22-DC-000220 | V2R4 | Windows Server 2022 Active Directory RID Manager$ object must be configured with proper audit settings. | |
| WN22-DC-000240 | V2R4 | Windows Server 2022 must be configured to audit DS Access - Directory Service Access successes. | |
| WN22-DC-000250 | V2R4 | Windows Server 2022 must be configured to audit DS Access - Directory Service Access failures. | |
| WN22-DC-000260 | V2R4 | Windows Server 2022 must be configured to audit DS Access - Directory Service Changes successes. | |