Item Search

NameAudit NamePluginCategory
ARST-L2-000190 - The Arista MLS layer 2 switch must have the default VLAN pruned from all trunk ports that do not require it.DISA STIG Arista MLS EOS 4.2x L2S v2r1Arista

SYSTEM AND COMMUNICATIONS PROTECTION

ARST-L2-000210 - The Arista MLS layer 2 switch must have all user-facing or untrusted ports configured as access switch ports.DISA STIG Arista MLS EOS 4.2x L2S v2r1Arista

SYSTEM AND COMMUNICATIONS PROTECTION

ARST-L2-000230 - The Arista MLS layer 2 switch must not have any switch ports assigned to the native VLAN.DISA STIG Arista MLS EOS 4.2x L2S v2r1Arista

SYSTEM AND COMMUNICATIONS PROTECTION

ARST-RT-000330 - The Arista perimeter router must be configured to deny network traffic by default and allow network traffic by exception.DISA STIG Arista MLS EOS 4.2x Router v2r1Arista

SYSTEM AND COMMUNICATIONS PROTECTION

ARST-RT-000670 - The Arista multicast Designated Router (DR) must be configured to filter the Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Report messages to allow hosts to join a multicast group only from sources that have been approved by the organization.DISA STIG Arista MLS EOS 4.2x Router v2r1Arista

SYSTEM AND COMMUNICATIONS PROTECTION

ARST-RT-000840 - The PE router must be configured to ignore or block all packets with any IP options.DISA STIG Arista MLS EOS 4.2x Router v2r1Arista

SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Disable Personalized AdvertisingNIST macOS Big Sur v1.4.0 - 800-171Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Disable Personalized AdvertisingNIST macOS Big Sur v1.4.0 - All ProfilesUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Disable Sending Siri and Dictation Information to AppleNIST macOS Big Sur v1.4.0 - 800-53r4 ModerateUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Disable Sending Siri and Dictation Information to AppleNIST macOS Big Sur v1.4.0 - 800-53r5 HighUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Big Sur - Disable Sending Siri and Dictation Information to AppleNIST macOS Big Sur v1.4.0 - CNSSI 1253Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Disable Ad TrackingNIST macOS Catalina v1.5.0 - All ProfilesUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Disable Ad TrackingNIST macOS Catalina v1.5.0 - 800-171Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Disable Ad TrackingNIST macOS Catalina v1.5.0 - 800-53r4 HighUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Disable Sending Siri and Dictation Information to AppleNIST macOS Catalina v1.5.0 - All ProfilesUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Disable Sending Siri and Dictation Information to AppleNIST macOS Catalina v1.5.0 - 800-53r5 HighUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Disable Sending Siri and Dictation Information to AppleNIST macOS Catalina v1.5.0 - 800-53r5 ModerateUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Disable Sending Siri and Dictation Information to AppleNIST macOS Catalina v1.5.0 - 800-171Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Disable Sending Siri and Dictation Information to AppleNIST macOS Catalina v1.5.0 - 800-53r4 LowUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Disable Sending Siri and Dictation Information to AppleNIST macOS Catalina v1.5.0 - 800-53r5 LowUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000392 - The Cisco perimeter switch must be configured to drop IPv6 undetermined transport packets.DISA STIG Cisco IOS XE Switch RTR v3r1Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000393 - The Cisco perimeter router must be configured drop IPv6 packets with a Routing Header type 0, 1, or 3-255.DISA Cisco IOS XR Router RTR STIG v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000395 - The Cisco perimeter router must be configured to drop IPv6 packets containing a Destination Option header with invalid option type values.DISA Cisco IOS XR Router RTR STIG v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000395 - The Cisco perimeter switch must be configured to drop IPv6 packets containing a Destination Option header with invalid option type values.DISA STIG Cisco IOS XE Switch RTR v3r1Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000396 - The Cisco perimeter switch must be configured to drop IPv6 packets containing an extension header with the Endpoint Identification option.DISA STIG Cisco IOS Switch RTR v3r1Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000397 - The Cisco perimeter router must be configured to drop IPv6 packets containing the NSAP address option within Destination Option header.DISA Cisco IOS Router RTR STIG v3r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000397 - The Cisco perimeter switch must be configured to drop IPv6 packets containing the NSAP address option within Destination Option header.DISA STIG Cisco IOS Switch RTR v3r1Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000398 - The Cisco perimeter router must be configured to drop IPv6 packets containing a Hop-by-Hop or Destination Option extension header with an undefined option type.DISA Cisco IOS XE Router RTR STIG v3r3Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CNTR-K8-002600 - Kubernetes API Server must configure timeouts to limit attack surface.DISA STIG Kubernetes v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

FNFG-FW-000125 - When employed as a premise firewall, FortiGate must block all outbound management traffic.DISA Fortigate Firewall STIG v1r3FortiGate

SYSTEM AND COMMUNICATIONS PROTECTION

FNFG-FW-000130 - The FortiGate firewall must restrict traffic entering the VPN tunnels to the management network to only the authorized management packets based on destination address.DISA Fortigate Firewall STIG v1r3FortiGate

SYSTEM AND COMMUNICATIONS PROTECTION

JUEX-L2-000190 - The Juniper EX switch must be configured to assign all explicitly disabled access interfaces to an unused VLAN.DISA Juniper EX Series Layer 2 Switch v2r3Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

JUEX-L2-000220 - The Juniper EX switch must not use the default VLAN for management traffic.DISA Juniper EX Series Layer 2 Switch v2r3Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

JUEX-RT-000790 - The Juniper multicast Designated Router (DR) must be configured to filter the IGMP and MLD Report messages to allow hosts to join a multicast group only from sources that have been approved by the organization.DISA Juniper EX Series Router v2r1Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

JUNI-RT-000382 - The Juniper perimeter router must be configured drop IPv6 packets with a Routing Header type 0, 1, or 3255.DISA STIG Juniper Router RTR v3r2Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

JUNI-RT-000384 - The Juniper perimeter router must be configured to drop IPv6 packets containing a Destination Option header with invalid option type values.DISA STIG Juniper Router RTR v3r2Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

JUNI-RT-000385 - The Juniper perimeter router must be configured to drop IPv6 packets containing an extension header with the Endpoint Identification option - dstopsDISA STIG Juniper Router RTR v3r2Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Disable Personalized AdvertisingNIST macOS Monterey v1.0.0 - 800-171Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Disable Personalized AdvertisingNIST macOS Monterey v1.0.0 - 800-53r4 ModerateUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Disable Personalized AdvertisingNIST macOS Monterey v1.0.0 - 800-53r5 ModerateUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Disable Personalized AdvertisingNIST macOS Monterey v1.0.0 - All ProfilesUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Disable Personalized AdvertisingNIST macOS Monterey v1.0.0 - CNSSI 1253Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Disable Personalized AdvertisingNIST macOS Monterey v1.0.0 - 800-53r4 LowUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Disable Sending Siri and Dictation Information to AppleNIST macOS Monterey v1.0.0 - CNSSI 1253Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Disable Sending Siri and Dictation Information to AppleNIST macOS Monterey v1.0.0 - 800-171Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Disable Sending Siri and Dictation Information to AppleNIST macOS Monterey v1.0.0 - 800-53r5 HighUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Disable Sending Siri and Dictation Information to AppleNIST macOS Monterey v1.0.0 - 800-53r5 LowUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Disable Sending Siri and Dictation Information to AppleNIST macOS Monterey v1.0.0 - 800-53r4 LowUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Disable Sending Siri and Dictation Information to AppleNIST macOS Monterey v1.0.0 - 800-53r4 ModerateUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Disable Sending Siri and Dictation Information to AppleNIST macOS Monterey v1.0.0 - 800-53r5 ModerateUnix

ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION