| 1.67 UBTU-24-300024 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT III | Unix | CONFIGURATION MANAGEMENT |
| ADBP-XI-000280 - Adobe Acrobat Pro XI access to unknown websites must be restricted. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | CONFIGURATION MANAGEMENT |
| ADBP-XI-001300 - Adobe Acrobat Pro XI third-party web connectors must be disabled. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | CONFIGURATION MANAGEMENT |
| AIOS-17-710950 - Apple iOS/iPadOS 17 must implement the management setting: require passcode for incoming Airplay connection requests. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r2 | MDM | ACCESS CONTROL |
| AIOS-17-710950 - Apple iOS/iPadOS 17 must implement the management setting: require passcode for incoming Airplay connection requests. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r2 | MDM | ACCESS CONTROL |
| AIOS-17-711800 - Apple iOS/iPadOS 17 must implement the management setting: force Apple Watch wrist detection. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-013400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-18-016800 - Apple iOS/iPadOS 18 must disable AirPrint: Allow storage of AirPrint credentials in Keychain. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-017000 - Apple iOS/iPadOS 18 must disable Allowed Content Ratings (Movies). | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-017300 - Apple iOS/iPadOS 18 must disable the Apple Intelligence feature: Image Generation. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-017400 - Apple iOS/iPadOS 18 must disable the Apple Intelligence feature: generate new Genmoji. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| APPL-15-004050 - The macOS system must configure install.log retention to 365. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| ARST-RT-000150 - The Arista router must be configured to have all inactive interfaces disabled. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | ACCESS CONTROL |
| ARST-RT-000580 - The multicast Rendezvous Point (RP) Arista router must be configured to limit the multicast forwarding cache so that its resources are not saturated by managing an overwhelming number of Protocol Independent Multicast (PIM) and Multicast Source Discovery Protocol (MSDP) source-active entries. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000600 - The Arista BGP router must be configured to enable the Generalized TTL Security Mechanism (GTSM). | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000236 - The Cisco switch must be configured to advertise a hop limit of at least 32 in Switch Advertisement messages for IPv6 stateless auto-configuration deployments. | DISA Cisco IOS Switch RTR STIG v3r1 | Cisco | CONFIGURATION MANAGEMENT |
| ESXI-70-000022 - The ESXi host Secure Shell (SSH) daemon must be configured to not allow gateway ports. | DISA STIG VMware vSphere 7.0 ESXi OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-70-000026 - The ESXi host Secure Shell (SSH) daemon must set a timeout count on idle sessions. | DISA STIG VMware vSphere 7.0 ESXi OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| EX19-MB-000158 - The Exchange receive connector timeout must be limited. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | ACCESS CONTROL |
| F5BI-AP-000239 - The F5 BIG-IP appliance must be configured to set the 'Max In Progress Sessions per Client IP' value to 10 or less - Max In Progress Sessions per Client IP value to 10 or less. | DISA F5 BIG-IP Access Policy Manager STIG v2r4 | F5 | ACCESS CONTROL |
| FFOX-00-000021 - Firefox autoplay must be disabled. | DISA STIG Mozilla Firefox Linux v6r6 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000021 - Firefox autoplay must be disabled. | DISA STIG Mozilla Firefox MacOS v6r6 | Unix | CONFIGURATION MANAGEMENT |
| GOOG-13-010900 - Android 13 devices must be configured to disable the use of third-party keyboards. | AirWatch - DISA Google Android 13 COBO v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-010900 - Android 13 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Google Android 13 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-011000 - Android 13 devices must be configured to enable Common Criteria Mode (CC Mode) - CC Mode. | AirWatch - DISA Google Android 13 COBO v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-012400 - Google Android 13 must allow only the Administrator (MDM) to perform the following management function: Disable Phone Hub. | AirWatch - DISA Google Android 13 COBO v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-14-007700 - Google Android 14 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device. | AirWatch - DISA Google Android 14 COBO v2r2 | MDM | ACCESS CONTROL |
| GOOG-14-011000 - Android 14 devices must be configured to enable Common Criteria Mode (CC Mode) - CC Mode. | AirWatch - DISA Google Android 14 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-012400 - Google Android 14 must allow only the administrator (MDM) to perform the following management function: Disable Phone Hub - MDM to perform the following management function: Disable Phone Hub. | AirWatch - DISA Google Android 14 COPE v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-15-010900 - Android 15 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Google Android 15 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-010900 - Android 15 devices must be configured to disable the use of third-party keyboards. | AirWatch - DISA Google Android 15 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-010900 - Android 15 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-010900 - Android 13 devices must be configured to disable the use of third-party keyboards. | AirWatch - DISA Honeywell Android 13 COPE v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-011000 - Android 13 devices must be configured to enable Common Criteria (CC) mode. | AirWatch - DISA Honeywell Android 13 COBO v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-011000 - Android 13 devices must be configured to enable Common Criteria (CC) mode. | AirWatch - DISA Honeywell Android 13 COPE v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-011000 - Android 13 devices must be configured to enable Common Criteria (CC) mode. | MobileIron - DISA Honeywell Android 13 COPE v1r1 | MDM | CONFIGURATION MANAGEMENT |
| JUEX-L2-000150 - The Juniper EX switch must be configured to enable Storm Control on all host-facing access interfaces. | DISA Juniper EX Series Layer 2 Switch v2r3 | Juniper | CONFIGURATION MANAGEMENT |
| JUEX-RT-000070 - The Juniper router configured for Multicast Source Discovery Protocol (MSDP) must filter received source-active multicast advertisements for any undesirable multicast groups and sources. | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| JUEX-RT-000160 - The Juniper router must be configured to have all inactive interfaces disabled. | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| JUEX-RT-000190 - The Juniper perimeter router must not be configured to redistribute static routes to an alternate gateway service provider into BGP or an IGP peering with the NIPRNet or to other autonomous systems. | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| JUEX-RT-000890 - The Juniper MPLS router must be configured to use its loopback address as the source address for LDP peering sessions. | DISA Juniper EX Series Router v2r1 | Juniper | CONFIGURATION MANAGEMENT |
| OL09-00-000304 - OL 9 must be configured so that the file integrity tool verifies extended attributes. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002415 - OL 9 must limit the number of concurrent sessions to ten for all accounts and/or account types. | DISA Oracle Linux 9 STIG v1r2 | Unix | ACCESS CONTROL |
| SHPT-00-000197 - A secondary site collection administrator must be defined when creating a new site collection. | DISA STIG SharePoint 2010 v1r9 | Windows | CONFIGURATION MANAGEMENT |
| VCPG-70-000009 - VMware Postgres must require authentication on all connections. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VMCH-70-000015 - Informational messages from the virtual machine to the VMX file must be limited on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| WBSP-AS-000380 - The WebSphere Application Server must generate log records when attempts to access subject privileges occur. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000640 - The WebSphere Application Server must alert the SA and ISSO, in the event of a log processing failure - notification | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000930 - The WebSphere Application Server sample applications must be removed. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| WBSP-AS-001470 - The WebSphere Application Server must be configured to perform complete application deployments when using A/B clusters. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
