Patching and Software Updates
Filesystem Configuration
Secure Boot Settings
Additional Process Hardening
OS Services
Special Purpose Services
Network Configuration and Firewalls
Logging and Auditing
System Access, Authentication and Authorization
User Accounts and Environment

Warning Banners
Verify System File Permissions
Review User and Group Settings

Minimize Apache Modules
Principles, Permissions, and Ownership
Apache Access Control
Minimize Features, Content and Options
Operations - Logging, Monitoring and Maintenance
SSL/TLS Configuration

Information Leakage
Denial of Service Mitigations
Request Limits
Enable SELinux to Restrict Apache Processes
Enable AppArmor to Restrict Apache Processes

Basic Configurations
Configure Authentication
ASP.NET Configuration Recommendations
Request Filtering and Restrictions
IIS Logging Recommendations
FTP Requests
Transport Encryption

Installation, Updates and Patches
Surface Area Reduction
Authentication and Authorization
Password Policies
Auditing and Logging
Application Development
Encryption
Appendix: Additional Considerations

Operating System Level Configuration
Installation and Planning
File System Permissions
General
MySQL Permissions
Auditing-and-Logging
Authentication
Network
Replication

Oracle Database Installation and Patching Requirements
Oracle Parameter Settings
Database settings
Oracle Connection and Login Restrictions
Oracle User Access and Authorization Restrictions
Audit/Logging Policies and Procedures
Establishing an Audit/Scan User

Architecture and Foundation
Installing BIND (Berkeley Internet Name Domain)
Security Configurations
Administration

Wireless_LAN
Wireless_Addendum_Cisco
Wireless_Addendum_DLink
Wireless_Addendum_Linksys

Cisco_Firewall
(Cisco_IOS (Switch, Router