| ARST-L2-000050 - The Arista MLS switch must have Root Guard enabled on all switch ports connecting to access layer switches and hosts. | DISA STIG Arista MLS EOS 4.x L2S v2r2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000210 - The multicast Rendezvous Point (RP) Arista router must be configured to filter Protocol Independent Multicast (PIM) Register and Join messages received from the Designated Router (DR) for any undesirable multicast groups and sources. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | ACCESS CONTROL |
| ARST-RT-000520 - The Arista router must be configured to have IP directed broadcast disabled on all interfaces. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000570 - The Arista BGP router must be configured to limit the prefix size on any inbound route advertisement to /24 or the least significant prefixes issued to the customer. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000700 - The MPLS router must be configured to use its loopback address as the source address for LDP peering sessions. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | CONTINGENCY PLANNING |
| EDGE-00-000010 - Data Synchronization must be disabled. | DISA STIG Edge v2r2 | Windows | CONFIGURATION MANAGEMENT |
| EDGE-00-000052 - The download location prompt must be configured. | DISA STIG Edge v2r2 | Windows | CONFIGURATION MANAGEMENT |
| ESXI-70-000015 - The ESXi host Secure Shell (SSH) daemon must not allow authentication using an empty password. | DISA STIG VMware vSphere 7.0 ESXi OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| EX19-MB-000033 - Exchange audit record parameters must be set. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| F5BI-AP-000236 - The F5 BIG-IP appliance must be configured to limit authenticated client sessions to initial session source IP. | DISA F5 BIG-IP Access Policy Manager STIG v2r4 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-11-011000 - Google Android 11 devices must be configured to disable the use of third-party keyboards. | AirWatch - DISA Google Android 11 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-011000 - Google Android 11 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Google Android 11 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-011000 - Google Android 11 devices must be configured to disable the use of third-party keyboards. | AirWatch - DISA Google Android 11 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-011000 - Android 12 devices must be configured to enable Common Criteria Mode (CC Mode). | MobileIron - DISA Google Android 12 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-011000 - Android 12 devices must be configured to enable Common Criteria Mode (CC Mode). | AirWatch - DISA Google Android 12 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-007700 - Google Android 13 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device. | MobileIron - DISA Google Android 13 COPE v2r2 | MDM | ACCESS CONTROL |
| GOOG-13-010900 - Android 13 devices must be configured to disable the use of third-party keyboards. | AirWatch - DISA Google Android 13 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-011000 - Android 13 devices must be configured to enable Common Criteria Mode (CC Mode) - CC Mode. | MobileIron - DISA Google Android 13 COBO v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-011000 - Android 13 devices must be configured to enable Common Criteria Mode (CC Mode) - CC Mode. | AirWatch - DISA Google Android 13 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-012400 - Google Android 13 must allow only the Administrator (MDM) to perform the following management function: Disable Phone Hub. | MobileIron - DISA Google Android 13 COBO v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-13-012400 - Google Android 13 must allow only the Administrator (MDM) to perform the following management function: Disable Phone Hub. | AirWatch - DISA Google Android 13 COPE v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-14-010900 - Android 14 devices must be configured to disable the use of third-party keyboards. | AirWatch - DISA Google Android 14 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-010900 - Android 14 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Google Android 14 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-012400 - Google Android 14 must allow only the administrator (MDM) to perform the following management function: Disable Phone Hub - MDM to perform the following management function: Disable Phone Hub. | AirWatch - DISA Google Android 14 COBO v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-15-007700 - Google Android 15 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device. | AirWatch - DISA Google Android 15 COBO v1r2 | MDM | ACCESS CONTROL |
| GOOG-15-012400 - Google Android 15 must allow only the administrator (MDM) to perform the following management function: Disable Phone Hub - MDM to perform the following management function: Disable Phone Hub. | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| HONW-09-000500 - The Honeywell Mobility Edge Android Pie device must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Honeywell Android 9.x COBO v1r2 | MDM | ACCESS CONTROL |
| HONW-09-006100 - The Honeywell Mobility Edge Android Pie device must be configured to generate audit records for the following auditable events: detected integrity violations. | AirWatch - DISA Honeywell Android 9.x COPE v1r2 | MDM | AUDIT AND ACCOUNTABILITY |
| HONW-13-007700 - Honeywell Android 13 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device. | AirWatch - DISA Honeywell Android 13 COPE v1r1 | MDM | ACCESS CONTROL |
| HONW-13-010900 - Android 13 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Honeywell Android 13 COBO v1r1 | MDM | CONFIGURATION MANAGEMENT |
| JUEX-RT-000660 - The Juniper BGP router must be configured to limit the prefix size on any inbound route advertisement to /24 or the least significant prefixes issued to the customer. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000980 - The Juniper Multicast Source Discovery Protocol (MSDP) router must be configured to use its loopback address as the source address when originating MSDP traffic. | DISA Juniper EX Series Router v2r1 | Juniper | CONFIGURATION MANAGEMENT |
| MADB-10-000100 - MariaDB must limit the number of concurrent sessions to an organization-defined number per user for all accounts and/or account types. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | ACCESS CONTROL |
| OL08-00-010542 - OL 8 must use a separate file system for the system audit data path. | DISA Oracle Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-020340 - OL 8 must display the date and time of the last successful account logon upon logon. | DISA Oracle Linux 8 STIG v2r4 | Unix | ACCESS CONTROL |
| OL09-00-002330 - OL 9 must enable Linux audit logging for the USBGuard daemon. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010215 - The Ubuntu operating system must allocate audit record storage capacity to store at least one weeks' worth of audit records, when audit records are not immediately sent to a central audit record storage facility. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-412010 - Ubuntu 22.04 LTS must enforce a delay of at least four seconds between logon prompts following a failed logon attempt. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-100010 - Ubuntu 24.04 LTS must not have the "systemd-timesyncd" package installed. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-901220 - Ubuntu 24.04 LTS must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCSA-80-000277 - The vCenter Server must be isolated from the public internet but must still allow for patch notification and delivery. | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000002 - Drag and drop operations must be disabled on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000018 - Shared salt values must be disabled on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| WBSP-AS-000640 - The WebSphere Application Server must alert the SA and ISSO, in the event of a log processing failure - enabled | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000740 - The WebSphere Application Server must be configured to protect log information from any type of unauthorized read access. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-00-000085 - Standard local user accounts must not exist on a system in a domain. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000035 - The system must be configured to ignore NetBIOS name release requests except from WINS servers. | DISA Microsoft Windows 11 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-CC-000175 - The Application Compatibility Program Inventory must be prevented from collecting data and sending the information to Microsoft. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000050 - The computer account password must not be prevented from being reset. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-UC-000015 - Toast notifications to the lock screen must be turned off. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
