| 2.2.2.2 Ensure 'Accept cookies' is set to 'From websites I visit' or 'From current website only' | AirWatch - CIS Apple iOS 11 v1.0.0 End User Owned L1 | MDM | |
| 4.4 Ensure 'Find My iPhone/iPad' is set to 'Enabled' on end-user owned devices | MobileIron - CIS Apple iOS 10 v2.0.0 End User Owned L1 | MDM | |
| 4.4 Ensure 'Find My iPhone/iPad' is set to 'Enabled' on end-user owned devices | MobileIron - CIS Apple iOS 12 v1.0.0 End User Owned L1 | MDM | |
| 20.20 Ensure 'DoD Interoperability Root CA cross-certificates' are installed in the 'Untrusted Certificates Store' on unclassified systems | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 20.20 Ensure 'DoD Interoperability Root CA cross-certificates' are installed in the 'Untrusted Certificates Store' on unclassified systems (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-16-014500 - Apple iOS/iPadOS 16 must disable connections to Siri servers for the purpose of translation. | AirWatch - DISA Apple iOS/iPadOS 16 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-17-014500 - Apple iOS/iPadOS 17 must disable connections to Siri servers for the purpose of translation. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| APPL-14-000002 The macOS system must enforce screen saver password. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL |
| APPL-14-000009 The macOS system must prevent AdminHostInfo from being available at LoginWindow. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL |
| APPL-14-000012 The macOS system must automatically remove or disable temporary or emergency user accounts within 72 hours. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL |
| APPL-14-000014 The macOS system must enforce time synchronization. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-000022 The macOS system must limit consecutive failed log on attempts to three. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL |
| APPL-14-000023 The macOS system must display the Standard Mandatory DOD Notice and Consent Banner at remote log on. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL |
| APPL-14-000024 The macOS system must enforce SSH to display the Standard Mandatory DOD Notice and Consent Banner. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL |
| APPL-14-000033 The macOS system must disable FileVault automatic log on. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL |
| APPL-14-000051 The macOS system must configure SSHD ClientAliveInterval to 900. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-14-000052 The macOS system must configure SSHD ClientAliveCountMax to 1. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-14-000053 The macOS system must set Login Grace Time to 30. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-14-000057 The macOS system must limit SSH to FIPS-compliant connections. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-14-000130 The macOS system must configure SSHD unused connection timeout to 900. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-14-000170 The macOS system must be configured to use an authorized time server. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-001002 The macOS system must be configured to audit all log on and log out events. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| APPL-14-001010 The macOS system must configure system to shut down upon audit failure. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-001022 The macOS system must be configured to audit all failed read actions on the system. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-001029 The macOS system must configure audit retention to seven days. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-001030 The macOS system must configure audit capacity warning. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-001031 The macOS system must configure audit failure notification. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-001044 The macOS system must configure the system to audit all authorization and authentication events. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, MAINTENANCE |
| APPL-14-001130 The macOS system must configure audit_control to mode 440 or less permissive. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-001150 - The macOS system must disable password authentication for SSH. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| APPL-15-002006 - The macOS system must disable Unix-to-Unix Copy Protocol (UUCP) service. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL |
| APPL-15-002007 - The macOS system must disable Internet Sharing. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002012 - The macOS system must disable the iCloud Calendar services. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002016 - The macOS system must disable iCloud Notes. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002017 - The macOS system must disable the camera. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002038 - The macOS system must disable Trivial File Transfer Protocol (TFTP) service. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| APPL-15-002066 - The macOS system must disable unattended or automatic login to the system. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| APPL-15-002080 - The macOS system must disable Airplay Receiver. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| APPL-15-002110 - The macOS system must disable Bluetooth Sharing. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| APPL-15-002130 - The macOS system must disable CD/DVD Sharing. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002260 - The macOS system must disable the Bluetooth System Settings pane. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002270 - The macOS system must disable the iCloud Freeform services. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-003008 - The macOS system must restrict maximum password lifetime to 60 days. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-15-003080 - The macOS system must disable accounts after 35 days of inactivity. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL |
| APPL-15-004030 - The macOS system must configure system log files owned by root and group to wheel. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| APPL-15-004040 - The macOS system must configure system log files to mode 640 or less permissive. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| APPL-15-005001 - The macOS system must ensure System Integrity Protection is enabled. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-005020 - The macOS system must enforce FileVault. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-005055 - The macOS system must disable the Screen Time prompt during Setup Assistant. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-005061 - The macOS system must disable Erase Content and Settings. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
