| CISC-RT-000236 - The Cisco router must be configured to advertise a hop limit of at least 32 in Router Advertisement messages for IPv6 stateless auto-configuration deployments. | DISA Cisco IOS XE Router RTR STIG v3r3 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-RT-000237 - The Cisco router must not be configured to use IPv6 Site Local Unicast addresses. | DISA Cisco IOS Router RTR STIG v3r3 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-RT-000237 - The Cisco router must not be configured to use IPv6 Site Local Unicast addresses. | DISA Cisco IOS XE Router RTR STIG v3r3 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-RT-000391 - The Cisco perimeter router must be configured to suppress Router Advertisements on all external IPv6-enabled interfaces. | DISA Cisco IOS XR Router RTR STIG v3r2 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-RT-000391 - The Cisco perimeter router must be configured to suppress Router Advertisements on all external IPv6-enabled interfaces. | DISA Cisco IOS XE Router RTR STIG v3r3 | Cisco | CONFIGURATION MANAGEMENT |
| CNTR-K8-003110 - The Kubernetes component manifests must be owned by root. | DISA STIG Kubernetes v2r3 | Unix | CONFIGURATION MANAGEMENT |
| CNTR-K8-003130 - The Kubernetes conf files must be owned by root. | DISA STIG Kubernetes v2r3 | Unix | CONFIGURATION MANAGEMENT |
| CNTR-K8-003160 - The Kubernetes Kubelet certificate authority file must have file permissions set to 644 or more restrictive. | DISA STIG Kubernetes v2r3 | Unix | CONFIGURATION MANAGEMENT |
| CNTR-K8-003290 - The Kubernetes API Server must be set to audit log max size. | DISA STIG Kubernetes v2r3 | Unix | CONFIGURATION MANAGEMENT |
| GOOG-11-000200 - Google Android 11 must be configured to not allow passwords that include more than two repeating or sequential characters - Alphanumeric | MobileIron - DISA Google Android 11 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-000200 - Google Android 11 must be configured to not allow passwords that include more than two repeating or sequential characters - Numbers | AirWatch - DISA Google Android 11 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-008800 - Google Android 11 must be configured to enforce that Wi-Fi Sharing is disabled. | MobileIron - DISA Google Android 11 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-009000 - Google Android 11 must have the DoD root and intermediate PKI certificates installed. | AirWatch - DISA Google Android 11 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-009200 - The Google Android 11 Work Profile must be configured to prevent users from adding personal email accounts to the work email app. | MobileIron - DISA Google Android 11 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-009800 - Google Android 11 work profile must be configured to disable automatic completion of workspace internet browser text input. | MobileIron - DISA Google Android 11 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-010000 - Google Android 11 Work Profile must be configured to disable the autofill services. | AirWatch - DISA Google Android 11 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-010000 - Google Android 11 Work Profile must be configured to disable the autofill services. | MobileIron - DISA Google Android 11 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-010000 - Google Android 11 Work Profile must be configured to disable the autofill services. | MobileIron - DISA Google Android 11 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-010800 - Google Android 11 devices must have the latest available Google Android 11 operating system installed. | MobileIron - DISA Google Android 11 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-011-999999 - All Google Android 11 installations must be removed. | AirWatch - DISA Google Android 11 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-011-999999 - All Google Android 11 installations must be removed. | MobileIron - DISA Google Android 11 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-006500 - Google Android 12 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DoD-approved commercial app repository, MDM server, mobile application store]. | AirWatch - DISA Google Android 12 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-010000 - Google Android 12 must have the DoD root and intermediate PKI certificates installed. | AirWatch - DISA Google Android 12 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| JRE8-UX-000010 - Oracle JRE 8 must have a deployment.config file present. | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | CONFIGURATION MANAGEMENT |
| JRE8-UX-000030 - Oracle JRE 8 must have a deployment.properties file present. | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | CONFIGURATION MANAGEMENT |
| JRE8-UX-000060 - Oracle JRE 8 must default to the most secure built-in setting - deployment.security.level.locked | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | CONFIGURATION MANAGEMENT |
| JUEX-L2-000230 - The Juniper EX switch must be configured to set all enabled user-facing or untrusted ports as access interfaces. | DISA Juniper EX Series Layer 2 Switch v2r3 | Juniper | CONFIGURATION MANAGEMENT |
| JUEX-NM-000680 - The Juniper EX switch must be configured with an operating system release that is currently supported by the vendor. | DISA Juniper EX Series Network Device Management v2r3 | Juniper | CONFIGURATION MANAGEMENT |
| MSFT-11-000200 - Microsoft Android 11 must be configured to not allow passwords that include more than two repeating or sequential characters - Minimum complex characters | MobileIron - DISA Microsoft Android 11 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MSFT-11-000200 - Microsoft Android 11 must be configured to not allow passwords that include more than two repeating or sequential characters - Numbers | AirWatch - DISA Microsoft Android 11 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MSFT-11-000800 - Microsoft Android 11 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DOD-approved commercial app repository, EMM server, mobile application store] - Unknown Sources | AirWatch - DISA Microsoft Android 11 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MSFT-11-008800 - Microsoft Android 11 must be configured to enforce that Wi-Fi Sharing is disabled. | MobileIron - DISA Microsoft Android 11 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MSFT-11-009000 - Microsoft Android 11 must have the DOD root and intermediate PKI certificates installed. | MobileIron - DISA Microsoft Android 11 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MSFT-11-009200 - The Microsoft Android 11 Work Profile must be configured to prevent users from adding personal email accounts to the work email app. | MobileIron - DISA Microsoft Android 11 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MSFT-11-009600 - Microsoft Android 11 must be provisioned as a fully managed device and configured to create a work profile. | AirWatch - DISA Microsoft Android 11 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MSFT-11-009600 - Microsoft Android 11 must be provisioned as a fully managed device and configured to create a work profile. | MobileIron - DISA Microsoft Android 11 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MSFT-11-009800 - Microsoft Android 11 Work Profile must be configured to disable automatic completion of work space internet browser text input. | AirWatch - DISA Microsoft Android 11 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MSFT-11-010200 - Microsoft Android 11 must be configured to disallow configuration of date and time. | MobileIron - DISA Microsoft Android 11 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MSFT-11-010800 - Microsoft Android 11 devices must have the latest available Microsoft Android 11 operating system installed. | AirWatch - DISA Microsoft Android 11 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MSFT-11-011100 - Microsoft Android 11 devices must be configured to enable Common Criteria Mode (CC Mode). | AirWatch - DISA Microsoft Android 11 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| OL08-00-010010 - OL 8 vendor-packaged system security patches and updates must be installed and up to date. | DISA Oracle Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040150 - SUSE operating system file systems that are used with removable media must be mounted to prevent files with the setuid and setgid bit set from being executed. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040160 - SUSE operating system file systems that are being imported via Network File System (NFS) must be mounted to prevent files with the setuid and setgid bit set from being executed. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040200 - A separate file system must be used for SUSE operating system user home directories (such as /home or an equivalent). | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040230 - The SUSE operating system SSH daemon must be configured to not allow authentication using known hosts authentication. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040382 - The SUSE operating system must not be performing Internet Protocol version 6 (IPv6) packet forwarding by default unless the system is a router. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SPLK-CL-000280 - Splunk Enterprise must be configured with a report to notify the System Administrator (SA) and Information System Security Officer (ISSO), at a minimum, when an attack is detected on multiple devices and hosts within its scope of coverage. | DISA STIG Splunk Enterprise 8.x for Linux v2r2 STIG REST API | Splunk | CONFIGURATION MANAGEMENT |
| SPLK-CL-000290 - Analysis, viewing, and indexing functions, services, and applications used as part of Splunk Enterprise must be configured to comply with DoD-trusted path and access requirements. | DISA STIG Splunk Enterprise 8.x for Linux v2r2 STIG REST API | Splunk | CONFIGURATION MANAGEMENT |
| SQL2-00-009700 - All use of privileged accounts must be audited. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL2-00-010200 - SQL Server default account sa must have its name changed. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
