| 1.1.9 - MobileIron - Disable 'Location Services' | MobileIron - CIS Google Android 4 v1.0.0 L2 | MDM | ACCESS CONTROL |
| 2.2.32 Ensure 'Deny log on through Remote Desktop Services' is set to 'Guests, Local account, Enterprise Admins Group, and Domain Admins Group' (STIG MS only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 7.2 Set Strong Password Creation Policies | CIS Oracle Solaris 11.4 L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.2 Set Strong Password Creation Policies - PASSLENGTH = 8 | CIS Solaris 11.2 L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.2 Set Strong Password Creation Policies - HISTORY = 10 | CIS Solaris 11.1 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.2 Set Strong Password Creation Policies - MINLOWER = 1 | CIS Solaris 11.2 L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.2 Set Strong Password Creation Policies - MINNONALPHA = 1 | CIS Solaris 11 L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.2 Set Strong Password Creation Policies - MINUPPER = 1 | CIS Solaris 11.1 L1 v1.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.2 Set Strong Password Creation Policies - MINUPPER = 1 | CIS Solaris 11.2 L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.2 Set Strong Password Creation Policies - NAMECHECK = yes | CIS Solaris 11 L1 v1.1.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 18.9.11.2.8 Ensure 'Choose how BitLocker-protected operating system drives can be recovered: Configure storage of BitLocker recovery information to AD DS:' is set to 'Enabled: Store recovery passwords and key packages' | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION |
| 20.32 Ensure 'krbtgt account password' is no more than '180 days old' (STIG DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| ESXI-70-000005 - The ESXi host must enforce the limit of three consecutive invalid logon attempts by a user. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | ACCESS CONTROL |
| ESXI-70-000039 - Active Directory ESX Admin group membership must not be used when adding ESXi hosts to Active Directory. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXI-70-000042 - The ESXi host must terminate shell services after 10 minutes. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-70-000043 - The ESXi host must log out of the console UI after two minutes. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-70-000050 - The ESXi host must protect the confidentiality and integrity of transmitted information by isolating IP-based storage traffic. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-70-000057 - The ESXi host must configure the firewall to block network traffic by default - outgoing | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000061 - All port groups on standard switches must be configured to reject guest promiscuous mode requests. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000062 - Use of the dvFilter network application programming interfaces (APIs) must be restricted. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000091 - The ESXi host must be configured with an appropriate maximum password age. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | CONFIGURATION MANAGEMENT |
| F5BI-AP-000240 - The F5 BIG-IP appliance must enforce approved authorizations for logical access to resources by explicitly configuring assigned resources with an authorization list. | DISA F5 BIG-IP Access Policy Manager STIG v2r4 | F5 | ACCESS CONTROL |
| VCTR-67-000003 - The vCenter Server must enforce a 60-day maximum password lifetime restriction. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCTR-67-000004 - The vCenter Server must terminate management sessions after 10 minutes of inactivity. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCTR-67-000008 - The vCenter Server must provide an immediate real-time alert to the SA and ISSO, at a minimum, of all audit failure events. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | AUDIT AND ACCOUNTABILITY |
| VCTR-67-000009 - The vCenter Server must implement Active Directory authentication. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCTR-67-000014 - The vCenter Server must set the distributed port group MAC Address Change policy to reject. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000019 - The vCenter Server must not configure VLAN Trunking unless Virtual Guest Tagging (VGT) is required and authorized. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000020 - The vCenter Server must not configure all port groups to VLAN values reserved by upstream physical switches. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000025 - The vCenter Server must disable the managed object browser (MOB) at all times when not required for troubleshooting or maintenance of managed objects. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000036 - The vCenter Server must produce audit records containing information to establish what type of events occurred. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| VCTR-67-000041 - The vCenter Server passwords must contain at least one lowercase character. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCTR-67-000046 - The vCenter Server must set the interval for counting failed login attempts to at least 15 minutes. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | ACCESS CONTROL |
| VCTR-67-000047 - The vCenter Server must require an administrator to unlock an account locked due to excessive login failures. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | ACCESS CONTROL |
| VCTR-67-000052 - The vCenter Server must protect the confidentiality and integrity of transmitted information by isolating IP-based storage traffic. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000055 - The vCenter Server must configure the vSAN Datastore name to a unique name. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000059 - The vCenter Server must enable certificate based authentication. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000070 - The vCenter Server must not automatically refresh client sessions. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCTR-67-000071 - The vCenter Server must terminate management sessions after 10 minutes of inactivity. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCTR-67-000072 - The vCenter Server services must be ran using a service account instead of a built-in Windows account. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000075 - The vCenter Server must enable all tasks to be shown to Administrators in the Web Client. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| WBLC-05-000163 - Oracle WebLogic must enforce password complexity by the number of lower-case characters used. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000163 - Oracle WebLogic must enforce password complexity by the number of lower-case characters used. | Oracle WebLogic Server 12c Windows v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000165 - Oracle WebLogic must enforce password complexity by the number of special characters used. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WN10-CC-000020 - IPv6 source routing must be configured to highest protection. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN10-CC-000025 - The system must be configured to prevent IP source routing. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000020 - IPv6 source routing must be configured to highest protection. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000025 - The system must be configured to prevent IP source routing. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN16-CC-000070 - Windows Server 2016 must be configured to ignore NetBIOS name release requests except from WINS servers. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN19-CC-000060 - Windows Server 2019 must be configured to ignore NetBIOS name release requests except from WINS servers. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
