| 3.097 - The system is configured for a greater keep-alive time than recommended. | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.101 - The system must be configured to ignore NetBIOS name release requests except from WINS servers. | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.104 - The system is configured to detect and configure default gateway addresses. | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.098 - The system must limit how many times unacknowledged TCP data is retransmitted. | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.239 - Windows Explorer - Heap Termination | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-L2-000070 - The Arista MLS switch must have STP Loop Guard enabled on all nondesignated STP switch ports. | DISA STIG Arista MLS EOS 4.x L2S v2r2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-L2-000100 - The Arista MLS layer 2 switch must have IP Source Guard enabled on all user-facing or untrusted access switch ports. | DISA STIG Arista MLS EOS 4.x L2S v2r2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000520 - The Arista router must be configured to have IP directed broadcast disabled on all interfaces. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000530 - The Arista router must be configured to have Internet Control Message Protocol (ICMP) unreachable notifications disabled on all external interfaces. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000540 - The Arista router must be configured to have Internet Control Message Protocol (ICMP) mask replies disabled on all external interfaces. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000580 - The multicast Rendezvous Point (RP) Arista router must be configured to limit the multicast forwarding cache so that its resources are not saturated by managing an overwhelming number of Protocol Independent Multicast (PIM) and Multicast Source Discovery Protocol (MSDP) source-active entries. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000600 - The Arista BGP router must be configured to enable the Generalized TTL Security Mechanism (GTSM). | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Catalina v1.5.0 - All Profiles | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX19-MB-000234 - Exchange must provide mailbox databases in a highly available and redundant configuration. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-L2-000090 - The Juniper EX switch must be configured to enable BPDU Protection on all user-facing or untrusted access switch ports. | DISA Juniper EX Series Layer 2 Switch v2r3 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000630 - The Juniper router must be configured to have Internet Control Message Protocol (ICMP) mask replies disabled on all external interfaces. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000640 - The Juniper router must be configured to have Internet Control Message Protocol (ICMP) redirects disabled on all external interfaces. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Protect Against Denial of Service Attacks by Ensuring Rate-Limiting Measures on Network Interfaces | NIST macOS Monterey v1.0.0 - All Profiles | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Restricting access to the Configuration utility by source IP address | Tenable F5 BIG-IP Best Practice Audit | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| Specifying allowable IP ranges for SSH access | Tenable F5 BIG-IP Best Practice Audit | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCLD-67-000033 - VAMI must be protected from being stopped by a non-privileged user. | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCLD-70-000023 - VAMI must be protected from being stopped by a nonprivileged user. | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCST-70-000029 - The Security Token Service must disable the shutdown port. | DISA STIG VMware vSphere 7.0 STS Tomcat v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCUI-67-000029 - vSphere UI must disable the shutdown port - server.xml | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001570 - The WebSphere Application Server high availability applications must be installed on a cluster. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001590 - The WebSphere Application Server thread pool size must be defined to application load requirements - Default | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001590 - The WebSphere Application Server thread pool size must be defined to application load requirements - ORB | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001590 - The WebSphere Application Server thread pool size must be defined to application load requirements - SIBFAPThreadPool | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
