| 2.5.14.3.25 (L1) Ensure 'Remove file extensions blocked as Level 1' is set to 'Disabled' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 4.5.17 Ensure tcp_tcpsecure is configured | CIS IBM AIX 7 v1.0.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 4.10.9.1.3 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Prevent installation of devices using drivers for these device setup' is set to 'IEEE 1394 device setup classes' | CIS Microsoft Intune for Windows 11 v4.0.0 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 4.10.9.1.6 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Prevent installation of devices using drivers for these device setup' is set to 'IEEE 1394 device setup classes' | CIS Microsoft Intune for Windows 10 v4.0.0 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.3.15 Ensure only strong MAC algorithms are used - sshd | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.15 Ensure only strong MAC algorithms are used - sshd | CIS Red Hat 6 Workstation L1 v3.0.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.3.15 Ensure only strong MAC algorithms are used - sshd | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.18 Ensure HTTP Header Permissions-Policy is set appropriately | CIS Apache HTTP Server 2.4 v2.2.0 L2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 9.1.14 Ensure that 'Notify about alerts with the following severity (or higher)' is enabled | CIS Microsoft Azure Foundations v4.0.0 L1 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.7.1.5 (BL) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Prevent installation of devices using drivers for these device setup' is set to 'IEEE 1394 device setup classes' | CIS Microsoft Windows 10 Enterprise v4.0.0 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.7.1.9 (L1) Ensure 'Prevent installation of devices using drivers that match these device setup classes: Prevent installation of devices using drivers for these device setup' is set to 'IEEE 1394 device setup classes' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| AS24-U1-000180 - The Apache web server log files must only be accessible by privileged users. | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| AS24-U1-000450 - The Apache web server must separate the hosted applications from hosted Apache web server management functionality. | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000460 - The Apache web server must invalidate session identifiers upon hosted application user logout or other session termination. | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000520 - The Apache web server must generate a session ID using as much of the character set as possible to reduce the risk of brute force. | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000620 - Warning and error messages displayed to clients must be modified to minimize the identity of the Apache web server, patches, loaded modules, and directory paths. | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| AS24-U1-000630 - Debugging and trace information used to diagnose the Apache web server must be disabled. | DISA STIG Apache Server 2.4 Unix Server v3r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| AS24-U1-000650 - The Apache web server must set an inactive timeout for sessions. | DISA STIG Apache Server 2.4 Unix Server v3r2 | Unix | ACCESS CONTROL |
| AS24-U1-000650 - The Apache web server must set an inactive timeout for sessions. | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | ACCESS CONTROL |
| AS24-U1-000670 - The Apache web server must restrict inbound connections from nonsecure zones. | DISA STIG Apache Server 2.4 Unix Server v3r2 | Unix | ACCESS CONTROL |
| AS24-U1-000730 - The Apache web server must be configured to integrate with an organizations security infrastructure. | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| AS24-U1-000820 - The Apache web server must be protected from being stopped by a non-privileged user | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000820 - The Apache web server must be protected from being stopped by a non-privileged user. | DISA STIG Apache Server 2.4 Unix Server v3r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000900 - The Apache web server must remove all export ciphers to protect the confidentiality and integrity of transmitted information. | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000950 - The Apache web server must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs. | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | CONFIGURATION MANAGEMENT |
| AS24-U1-000970 - The Apache web server htpasswd files (if present) must reflect proper ownership and permissions. | DISA STIG Apache Server 2.4 Unix Server v3r2 | Unix | CONFIGURATION MANAGEMENT |
| AS24-U2-000090 - The Apache web server must produce log records containing sufficient information to establish what type of events occurred. | DISA STIG Apache Server 2.4 Unix Site v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| AS24-U2-000310 - The Apache web server must allow mappings to unused and vulnerable scripts to be removed. | DISA STIG Apache Server 2.4 Unix Site v2r6 | Unix | CONFIGURATION MANAGEMENT |
| AS24-U2-000350 - Users and scripts running on behalf of users must be contained to the document root or home directory tree of the Apache web server. | DISA STIG Apache Server 2.4 Unix Site v2r6 Middleware | Unix | CONFIGURATION MANAGEMENT |
| AS24-U2-000580 - The Apache web server document directory must be in a separate partition from the Apache web servers system files. | DISA STIG Apache Server 2.4 Unix Site v2r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U2-000700 - Non-privileged accounts on the hosting system must only access Apache web server security-relevant information and functions through a distinct administrative account. | DISA STIG Apache Server 2.4 Unix Site v2r6 | Unix | ACCESS CONTROL |
| AS24-U2-000780 - The Apache web server application, libraries, and configuration files must only be accessible to privileged users. | DISA STIG Apache Server 2.4 Unix Site v2r6 Middleware | Unix | CONFIGURATION MANAGEMENT |
| AS24-U2-000810 - The Apache web server must only accept client certificates issued by DOD PKI or DoD-approved PKI Certification Authorities (CAs) - CAs. | DISA STIG Apache Server 2.4 Unix Site v2r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U2-000870 - The Apache web server cookies, such as session cookies, sent to the client using SSL/TLS must not be compressed. | DISA STIG Apache Server 2.4 Unix Site v2r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U2-000960 - The Apache web server must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs. | DISA STIG Apache Server 2.4 Unix Site v2r6 Middleware | Unix | CONFIGURATION MANAGEMENT |
| CISC-L2-000140 - The Cisco switch must have IP Source Guard enabled on all user-facing or untrusted access switch ports. | DISA STIG Cisco IOS XE Switch L2S v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| Deny log on through Remote Desktop Services | MSCT Windows 10 1903 v1.19.9 | Windows | ACCESS CONTROL |
| Deny log on through Remote Desktop Services | MSCT Windows 10 1909 v1.0.0 | Windows | ACCESS CONTROL |
| Deny log on through Remote Desktop Services | MSCT Windows 10 v2004 v1.0.0 | Windows | ACCESS CONTROL |
| Deny log on through Remote Desktop Services | MSCT Windows Server 2012 R2 MS v1.0.0 | Windows | ACCESS CONTROL |
| Deny log on through Remote Desktop Services | MSCT Windows Server 2019 MS v1.0.0 | Windows | ACCESS CONTROL |
| Deny log on through Remote Desktop Services | MSCT Windows Server 2025 MS v1.0.0 | Windows | ACCESS CONTROL |
| GEN005305 - The SNMP service must use only SNMPv3 or its successors - /etc/sma/snmp/snmpd.conf | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN005305 - The SNMP service must use only SNMPv3 or its successors - /usr/sfw/lib/sma_snmp/snmpd.conf | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN005305 - The SNMP service must use only SNMPv3 or its successors - /var/sma_snmp/snmpd.conf | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN005305 - The SNMP service must use only SNMPv3 or its successors - /var/sma_snmp/snmpd.conf | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010161 - OL 8 must prevent system daemons from using Kerberos for authentication. | DISA Oracle Linux 8 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Require Password Encryption | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-010161 - RHEL 8 must prevent system daemons from using Kerberos for authentication. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-15-010550 - Address space layout randomization (ASLR) must be implemented by the SUSE operating system to protect memory from unauthorized code execution. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
