Item Search

NameAudit NamePluginCategory
AIOS-18-010500 - Apple iOS/iPadOS 18 must implement the management setting: limit Ad Tracking.MobileIron - DISA Apple iOS/iPadOS 18 v1r4MDM

SYSTEM AND COMMUNICATIONS PROTECTION

AIOS-18-010600 - Apple iOS/iPadOS 18 must implement the management setting: not allow automatic completion of Safari browser passcodes.AirWatch - DISA Apple iOS/iPadOS 18 v1r4MDM

CONFIGURATION MANAGEMENT

AIOS-18-011800 - Apple iOS/iPadOS 18 must implement the management setting: force Apple Watch wrist detection.AirWatch - DISA Apple iOS/iPadOS 18 v1r4MDM

CONFIGURATION MANAGEMENT

AIOS-18-011800 - Apple iOS/iPadOS 18 must implement the management setting: force Apple Watch wrist detection.MobileIron - DISA Apple iOS/iPadOS 18 v1r4MDM

CONFIGURATION MANAGEMENT

AIOS-18-013400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled.AirWatch - DISA Apple iOS/iPadOS 18 v1r4MDM

SYSTEM AND COMMUNICATIONS PROTECTION

AIOS-18-016100 - Apple iOS/iPadOS 18 must disable the use of voice assistant (Siri) unless required to meet Section 508 compliance requirements.AirWatch - DISA Apple iOS/iPadOS 18 v1r4MDM

CONFIGURATION MANAGEMENT

AIOS-18-016900 - Apple iOS/iPadOS 18 must enable AirPrint feature: Disallow AirPrint to destinations with untrusted certificates.MobileIron - DISA Apple iOS/iPadOS 18 v1r4MDM

CONFIGURATION MANAGEMENT

AIOS-18-017200 - Apple iOS/iPadOS 18 must disable the Apple Intelligence feature: Image Wand.MobileIron - DISA Apple iOS/iPadOS 18 v1r4MDM

CONFIGURATION MANAGEMENT

ARST-L2-000130 - The Arista MLS layer 2 switch must have IGMP or MLD Snooping configured on all VLANs.DISA STIG Arista MLS EOS 4.x L2S v2r2Arista

CONFIGURATION MANAGEMENT

ARST-L2-000230 - The Arista MLS layer 2 switch must not have any switch ports assigned to the native VLAN.DISA STIG Arista MLS EOS 4.x L2S v2r2Arista

SYSTEM AND COMMUNICATIONS PROTECTION

ARST-RT-000080 - The Arista Multicast Source Discovery Protocol (MSDP) router must be configured to filter source-active multicast advertisements to external MSDP peers to avoid global visibility of local-only multicast sources and groups.DISA STIG Arista MLS EOS 4.x Router v2r2Arista

ACCESS CONTROL

ARST-RT-000090 - The Arista MSDP router must be configured to limit the amount of source-active messages it accepts on per-peer basis.DISA STIG Arista MLS EOS 4.x Router v2r2Arista

ACCESS CONTROL

ARST-RT-000180 - The Arista perimeter router must be configured to not redistribute static routes to an alternate gateway service provider into BGP or an IGP peering with the NIPRNet or to other autonomous systems.DISA STIG Arista MLS EOS 4.x Router v2r2Arista

ACCESS CONTROL

ARST-RT-000260 - The Arista router must be configured to have all non-essential capabilities disabled.DISA STIG Arista MLS EOS 4.x Router v2r2Arista

CONFIGURATION MANAGEMENT

ARST-RT-000690 - The Arista BGP router must be configured to use its loopback address as the source address for iBGP peering sessions.DISA STIG Arista MLS EOS 4.x Router v2r2Arista

CONTINGENCY PLANNING

ARST-RT-000710 - The MPLS router must be configured to synchronize IGP and LDP to minimize packet loss when an IGP adjacency is established prior to LDP peers completing label exchange.DISA STIG Arista MLS EOS 4.x Router v2r2Arista

CONFIGURATION MANAGEMENT

CISC-RT-000236 - The Cisco router must be configured to advertise a hop limit of at least 32 in Router Advertisement messages for IPv6 stateless auto-configuration deployments.DISA Cisco IOS Router RTR STIG v3r3Cisco

CONFIGURATION MANAGEMENT

FFOX-00-000015 - Firefox development tools must be disabled.DISA STIG Mozilla Firefox Windows v6r6Windows

SYSTEM AND INFORMATION INTEGRITY

GOOG-11-000500 - Google Android 11 must be configured to not allow more than ten consecutive failed authentication attempts.AirWatch - DISA Google Android 11 COPE v2r1MDM

ACCESS CONTROL

GOOG-11-003400 - Google Android 11 must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device.AirWatch - DISA Google Android 11 COBO v2r1MDM

ACCESS CONTROL

GOOG-11-006100 - Google Android 11 must be configured to generate audit records for the following auditable events: detected integrity violations.AirWatch - DISA Google Android 11 COBO v2r1MDM

AUDIT AND ACCOUNTABILITY

GOOG-11-006100 - Google Android 11 must be configured to generate audit records for the following auditable events: detected integrity violations.MobileIron - DISA Google Android 11 COBO v2r1MDM

AUDIT AND ACCOUNTABILITY

GOOG-11-011100 - Google Android 11 devices must be configured to enable Common Criteria Mode (CC Mode).MobileIron - DISA Google Android 11 COPE v2r1MDM

CONFIGURATION MANAGEMENT

GOOG-12-011000 - Android 12 devices must be configured to enable Common Criteria Mode (CC Mode).AirWatch - DISA Google Android 12 COBO v1r2MDM

CONFIGURATION MANAGEMENT

HONW-13-007700 - Honeywell Android 13 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device.MobileIron - DISA Honeywell Android 13 COPE v1r1MDM

ACCESS CONTROL

HONW-13-007700 - Honeywell Android 13 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device.AirWatch - DISA Honeywell Android 13 COBO v1r1MDM

ACCESS CONTROL

HONW-13-011000 - Android 13 devices must be configured to enable Common Criteria (CC) mode.MobileIron - DISA Honeywell Android 13 COBO v1r1MDM

CONFIGURATION MANAGEMENT

JUEX-L2-000080 - The Juniper EX switch must be configured to enable Root Protection on STP switch ports connecting to access layer switches.DISA Juniper EX Series Layer 2 Switch v2r3Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

MOTO-09-000500 - The Motorola Android Pie must be configured to not allow more than 10 consecutive failed authentication attempts.AirWatch - DISA Motorola Android Pie.x COPE v1r2MDM

ACCESS CONTROL

MOTO-09-003400 - The Motorola Android Pie must be configured to display the DoD advisory warning message at startup or each time the user unlocks the device.AirWatch - DISA Motorola Android Pie.x COBO v1r2MDM

ACCESS CONTROL

MOTS-11-006100 - Motorola Solutions Android 11 must be configured to generate audit records for the following auditable events: Detected integrity violations.AirWatch - DISA Motorola Solutions Android 11 COBO v1r3MDM

AUDIT AND ACCOUNTABILITY

OL08-00-010171 - OL 8 must have the "policycoreutils" package installed.DISA Oracle Linux 8 STIG v2r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

OL08-00-010472 - OL 8 must have the packages required to use the hardware random number generator entropy gatherer service.DISA Oracle Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

OL08-00-030741 - OL 8 must disable the chrony daemon from acting as a server.DISA Oracle Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

OL08-00-040024 - OL 8 must disable the transparent inter-process communication (TIPC) protocol.DISA Oracle Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

OL08-00-040025 - OL 8 must disable mounting of cramfs.DISA Oracle Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

OL08-00-040310 - The OL 8 file integrity tool must be configured to verify Access Control Lists (ACLs).DISA Oracle Linux 8 STIG v2r4Unix

CONFIGURATION MANAGEMENT

OL09-00-000005 - OL 9 must use a separate file system for /var.DISA Oracle Linux 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

OL09-00-000045 - OL 9 must disable mounting of cramfs.DISA Oracle Linux 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

UBTU-20-010075 - The Ubuntu operating system must enforce a delay of at least 4 seconds between logon prompts following a failed logon attempt.DISA Canonical Ubuntu 20.04 LTS STIG v2r3Unix

CONFIGURATION MANAGEMENT

UBTU-20-010230 - The Ubuntu operating system must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT).DISA Canonical Ubuntu 20.04 LTS STIG v2r3Unix

AUDIT AND ACCOUNTABILITY

UBTU-20-010401 - The Ubuntu operating system must restrict access to the kernel message buffer.DISA Canonical Ubuntu 20.04 LTS STIG v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-22-215020 - Ubuntu 22.04 LTS must not have the "systemd-timesyncd" package installed.DISA Canonical Ubuntu 22.04 LTS STIG v2r5Unix

CONFIGURATION MANAGEMENT

UBTU-22-412020 - Ubuntu 22.04 LTS must limit the number of concurrent sessions to ten for all accounts and/or account types.DISA Canonical Ubuntu 22.04 LTS STIG v2r5Unix

ACCESS CONTROL

UBTU-22-653025 - Ubuntu 22.04 LTS must alert the information system security officer (ISSO) and system administrator (SA) in the event of an audit processing failure.DISA Canonical Ubuntu 22.04 LTS STIG v2r5Unix

AUDIT AND ACCOUNTABILITY

UBTU-24-200000 - Ubuntu 24.04 LTS must limit the number of concurrent sessions to 10 for all accounts and/or account types.DISA Canonical Ubuntu 24.04 LTS STIG v1r2Unix

ACCESS CONTROL

UBTU-24-300017 - Ubuntu 24.04 LTS must enforce a delay of at least four seconds between logon prompts following a failed logon attempt.DISA Canonical Ubuntu 24.04 LTS STIG v1r2Unix

CONFIGURATION MANAGEMENT

WN11-SO-000055 - The maximum age for machine account passwords must be configured to 30 days or less.DISA Microsoft Windows 11 STIG v2r3Windows

CONFIGURATION MANAGEMENT

WN22-CC-000040 - Windows Server 2022 source routing must be configured to the highest protection level to prevent Internet Protocol (IP) source routing.DISA Microsoft Windows Server 2022 STIG v2r4Windows

CONFIGURATION MANAGEMENT

WN22-CC-000050 - Windows Server 2022 must be configured to prevent Internet Control Message Protocol (ICMP) redirects from overriding Open Shortest Path First (OSPF)-generated routes.DISA Microsoft Windows Server 2022 STIG v2r4Windows

CONFIGURATION MANAGEMENT