| WN11-AU-000005 | V2R1 | The system must be configured to audit Account Logon - Credential Validation failures. | |
| WN11-AU-000010 | V2R1 | The system must be configured to audit Account Logon - Credential Validation successes. | |
| WN11-AU-000060 | V2R1 | The system must be configured to audit Logon/Logoff - Group Membership successes. | |
| RHEL-07-030410 | V3R8 | The Red Hat Enterprise Linux operating system must audit all uses of the chmod, fchmod, and fchmodat syscalls. | |
| RHEL-07-030440 | V3R8 | The Red Hat Enterprise Linux operating system must audit all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr syscalls. | |
| OL07-00-030410 | V2R14 | The Oracle Linux operating system must audit all uses of the chmod, fchmod, and fchmodat syscalls. | |
| OL07-00-030440 | V2R14 | The Oracle Linux operating system must audit all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr syscalls. | |