| ADBP-XI-000285 - Adobe Acrobat Pro XI access to websites must be blocked. | DISA Adobe Acrobat Pro XI STIG v1r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-01-080005 - Apple iOS must not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | ACCESS CONTROL |
| AIOS-02-080007 - Apple iOS must disable automatic transfer of diagnostic data to an external device other than an enrolled MDM service. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-14-011800 - Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | AirWatch - DISA Apple iOS/iPadOS 14 v1r3 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-15-008400 - Apple iOS/iPadOS 15 must be configured to display the DoD advisory warning message at startup or each time the user unlocks the device. | AirWatch - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | ACCESS CONTROL |
| AIOS-15-011600 - Apple iOS/iPadOS 15 must implement the management setting: not have any Family Members in Family Sharing. | AirWatch - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-013400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | MobileIron - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-710900 - Apple iOS/iPadOS 16 must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device for the first time. | AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r2 | MDM | ACCESS CONTROL |
| AIOS-16-711800 - Apple iOS/iPadOS 16 must implement the management setting: force Apple Watch wrist detection. | AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-010900 - Apple iOS/iPadOS 17 must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device. | MobileIron - DISA Apple iOS/iPadOS 17 v2r2 | MDM | ACCESS CONTROL |
| AIOS-17-012300 - Apple iOS/iPadOS 17 must not allow managed apps to write contacts to unmanaged contacts accounts. | AirWatch - DISA Apple iOS/iPadOS 17 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-012400 - Apple iOS/iPadOS 17 must not allow unmanaged apps to read contacts from managed contacts accounts. | MobileIron - DISA Apple iOS/iPadOS 17 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-701000 - Apple iOS/iPadOS 17 must allow the administrator (MDM) to perform the following management function: enable/disable VPN protection across the device - MDM to perform the following management function: enable/disable VPN protection across the device and [selection: other methods]. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-708400 - Apple iOS/iPadOS 17 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r2 | MDM | ACCESS CONTROL |
| AIOS-17-710950 - Apple iOS/iPadOS 17 must implement the management setting: require passcode for incoming Airplay connection requests. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r2 | MDM | ACCESS CONTROL |
| AOSX-14-002054 - The macOS system must be configured with Bluetooth turned off unless approved by the organization - HiddenPreferencePanes | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-11-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization - DisableBluetooth | DISA STIG Apple macOS 11 v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-11-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization - HiddenPreferencePanes | DISA STIG Apple macOS 11 v1r8 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-12-005053 - The macOS system must restrict the ability of individuals to write to external optical media. | DISA STIG Apple macOS 12 v1r9 | Unix | CONFIGURATION MANAGEMENT |
| APPL-13-005055 - The macOS system must be configured to disable prompts to configure ScreenTime. | DISA STIG Apple macOS 13 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ARST-RT-000210 - The multicast Rendezvous Point (RP) Arista router must be configured to filter Protocol Independent Multicast (PIM) Register and Join messages received from the Designated Router (DR) for any undesirable multicast groups and sources. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| ARST-RT-000570 - The Arista BGP router must be configured to limit the prefix size on any inbound route advertisement to /24 or the least significant prefixes issued to the customer. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000710 - The MPLS router must be configured to synchronize IGP and LDP to minimize packet loss when an IGP adjacency is established prior to LDP peers completing label exchange. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | CONFIGURATION MANAGEMENT |
| AZLX-23-002395 - Amazon Linux 2023 must limit the number of concurrent sessions to ten for all accounts and/or account types. | DISA Amazon Linux 2023 STIG v1r2 | Unix | ACCESS CONTROL |
| EX19-MB-000033 - Exchange audit record parameters must be set. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| F5BI-AP-300164 - The F5 BIG-IP appliance must be configured to set the "Max In Progress Sessions per Client IP" value to 10 or an organizational-defined number. | DISA F5 BIG-IP TMOS ALG STIG v1r2 | F5 | ACCESS CONTROL |
| F5BI-DM-000290 - If the BIG-IP appliance is being used to authenticate users for web applications, the HTTPOnly flag must be set. | DISA F5 BIG-IP Device Management STIG v2r4 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| F5BI-DM-300033 - The F5 BIG-IP appliance must manage local audit storage capacity in accordance with organization-defined audit record storage requirements. | DISA F5 BIG-IP TMOS NDM STIG v1r2 | F5 | AUDIT AND ACCOUNTABILITY |
| F5BI-FW-300012 - In the event that communication with the central audit server is lost, the F5 BIG-IP appliance must continue to queue traffic log records locally. | DISA F5 BIG-IP TMOS Firewall STIG v1r1 | F5 | AUDIT AND ACCOUNTABILITY |
| GEN001280 - Manual page files must have mode 0644 or less permissive - '/usr/share/info/*' | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001280 - Manual page files must have mode 0644 or less permissive - '/usr/share/man/*' | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001780 - Global initialization files must contain the mesg -n or mesg n commands. - '/etc/csh.login' | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001780 - Global initialization files must contain the mesg -n or mesg n commands. - '/etc/security/.profile' | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/audit' | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/auditpr' | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002716 - System audit tool executables must be group-owned by bin, sys, or system - '/usr/sbin/audit' | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002716 - System audit tool executables must be group-owned by bin, sys, or system - '/usr/sbin/auditbin' | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002716 - System audit tool executables must be group-owned by bin, sys, or system - '/usr/sbin/auditpr' | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/audit umask' | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/auditconv' - suid | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/auditmerge' - umask | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN003860 - The system must not have the finger service active. | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GOOG-11-000500 - Google Android 11 must be configured to not allow more than ten consecutive failed authentication attempts. | AirWatch - DISA Google Android 11 COBO v2r1 | MDM | ACCESS CONTROL |
| GOOG-11-000500 - Google Android 11 must be configured to not allow more than ten consecutive failed authentication attempts. | MobileIron - DISA Google Android 11 COBO v2r1 | MDM | ACCESS CONTROL |
| GOOG-11-011100 - Google Android 11 devices must be configured to enable Common Criteria Mode (CC Mode). | AirWatch - DISA Google Android 11 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-011100 - Google Android 11 devices must be configured to enable Common Criteria Mode (CC Mode). | MobileIron - DISA Google Android 11 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-010900 - Android 12 devices must be configured to disable the use of third-party keyboards. | AirWatch - DISA Google Android 12 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| OS10-RTR-000100 - The Dell OS10 BGP router must be configured to reject route advertisements from CE routers with an originating autonomous system (AS) in the AS_PATH attribute that does not belong to that customer. | DISA Dell OS10 Switch Router STIG v1r1 | Dell_OS10 | ACCESS CONTROL |
| UBTU-20-010075 - The Ubuntu operating system must enforce a delay of at least 4 seconds between logon prompts following a failed logon attempt. | DISA Canonical Ubuntu 20.04 LTS STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-20-010215 - The Ubuntu operating system must allocate audit record storage capacity to store at least one weeks' worth of audit records, when audit records are not immediately sent to a central audit record storage facility. | DISA Canonical Ubuntu 20.04 LTS STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
