| AIOS-03-080102 - Apple iOS must implement the management setting: not allow Exchange messages to be forwarded or moved to other accounts. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-05-080001 - Apple iOS must implement the management setting: Treat Airdrop as an unmanaged destination. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-05-080101 - Apple iOS must implement the management setting: not have any Family Members in Family Sharing. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-05-080102 - Apple iOS must implement the management setting: not share location data through iCloud. | AirWatch - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-10-080103 - Apple iOS must implement the management setting: not allow user to remove profiles that enforce DoD security requirements. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-14-011900 - Apple iOS must implement the management setting: not allow a user to remove Apple iOS configuration profiles that enforce DoD security requirements. | MobileIron - DISA Apple iOS/iPadOS 14 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-14-999999 - All Apple iOS/iPadOS 14 installations must be removed. | AirWatch - DISA Apple iOS/iPadOS 14 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-006600 - Apple iOS/iPadOS 15 must be configured to not allow passwords that include more than two repeating or sequential characters. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-007300 - Apple iOS/iPadOS 15 allow list must be configured to not include applications with the following characteristics: voice dialing application if available when MD is locked. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-011200 - iPhone and iPad must have the latest available iOS/iPadOS operating system installed. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-011300 - Apple iOS/iPadOS 15 must implement the management setting: use SSL for Exchange ActiveSync. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-011400 - Apple iOS/iPadOS 15 must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS/iPadOS 15 Mail app. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-011600 - Apple iOS/iPadOS 15 must implement the management setting: not have any Family Members in Family Sharing. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-011600 - Apple iOS/iPadOS 15 must implement the management setting: not have any Family Members in Family Sharing. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-011700 - Apple iOS/iPadOS 15 must implement the management setting: not share location data through iCloud. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-012400 - Apple iOS/iPadOS 15 must not allow unmanaged apps to read contacts from managed contacts accounts. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-013100 - Apple iOS/iPadOS 15 must disable Find My Friends in the Find My app. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-013200 - The Apple iOS/iPadOS 15 must be supervised by the MDM. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-013400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-013500 - Apple iOS must implement the management setting: not allow a user to remove Apple iOS configuration profiles that enforce DoD security requirements. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-707000 - Apple iOS/iPadOS 16 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DOD-approved commercial app repository, MDM server, mobile application store]. | MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-001000 - Apple iOS/iPadOS 17 must allow the Administrator (MDM) to perform the following management function: enable/disable VPN protection across the device and [selection: other methods] - MDM to perform the following management function: enable/disable VPN protection across the device and [selection: other methods]. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-012400 - Apple iOS/iPadOS 17 must not allow unmanaged apps to read contacts from managed contacts accounts. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-013500 - Apple iOS must implement the management setting: not allow a user to remove Apple iOS configuration profiles that enforce DOD security requirements. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-014700 - Apple iOS/iPadOS 17 must have DOD root and intermediate PKI certificates installed. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-701000 - Apple iOS/iPadOS 17 must allow the administrator (MDM) to perform the following management function: enable/disable VPN protection across the device - MDM to perform the following management function: enable/disable VPN protection across the device and [selection: other methods]. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-707400 - Apple iOS/iPadOS 17 allow list must be configured to not include applications with the following characteristics: | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-712400 - Apple iOS/iPadOS 17 must not allow unmanaged apps to read contacts from managed contacts accounts. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-712400 - Apple iOS/iPadOS 17 must not allow unmanaged apps to read contacts from managed contacts accounts. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIX7-00-002142 - The AIX /etc/hosts file must have a mode of 0640 or less permissive. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-002150 - The AIX cron and crontab directories must be group-owned by cron. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002060 - The macOS system must allow only applications that have a valid digital signature to run - EnableAssessment | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002060 - The macOS system must allow only applications that have a valid digital signature to run - Unsigned Applications | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002066 - The macOS system must not allow an unattended or automatic logon to the system. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002068 - The macOS system must set permissions on user home directories to prevent users from having access to read or modify another user's files - User directory home permissions | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002068 - The macOS system must set permissions on user home directories to prevent users from having access to read or modify another user's files - User subdirectory Public Access Control Lists | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-003013 - Apple macOS must be configured with a firmware password to prevent access to single user mode and booting from alternative media. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-003013 - Apple macOS must be configured with a firmware password to prevent access to single user mode and booting from alternative media. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-003050 - The macOS system must be configured so that the login command requires smart card authentication. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-003050 - The macOS system must be configured so that the login command requires smart card authentication. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-003052 - The macOS system must be configured so that the sudo command requires smart card authentication. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-005050 - The macOS Application Firewall must be enabled - EnableFirewall | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-005050 - The macOS Application Firewall must be enabled - EnableFirewall | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-005051 - The macOS system must restrict the ability to utilize external writeable media devices. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-100001 - The macOS system must be a supported release. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-100600 - Ubuntu 24.04 LTS must have the "libpam-pwquality" package installed. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-300017 - Ubuntu 24.04 LTS must enforce a delay of at least four seconds between logon prompts following a failed logon attempt. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-300022 - Ubuntu 24.04 LTS must be configured so that remote X connections are disabled, unless to fulfill documented and validated mission requirements. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-300027 - Ubuntu 24.04 LTS must not have accounts configured with blank or null passwords. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-300029 - Ubuntu 24.04 LTS must generate audit records for all events that affect the systemd journal files. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
