| DG0009-ORACLE11 - Access to DBMS software files and directories should not be granted to unauthorized users - 'umask < 0022' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DG0125-ORACLE11 - DBMS account passwords should be set to expire every 60 days or more frequently - 'Database password expiration < 60 days' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| DG0130-ORACLE11 - DBMS passwords should not be stored in compiled, encoded or encrypted batch jobs or compiled, encoded or encrypted application source code. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| DTBI030 - Font downloads must be disallowed (Internet zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI120 - Font downloads must be disallowed (Restricted Site zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI127 - Installation of desktop items must be disallowed (Restricted Sites zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
| DTBI820 - Launching programs and unsafe files property must be set to prompt (Internet zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTBI880 - ActiveX controls without prompt property must be used in approved domains only (Restricted Site zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI900 - Internet Explorer Processes Restrict ActiveX Install must be enforced (Reserved). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI930 - .NET Framework-reliant components signed with Authenticode must be disallowed to run (Internet Zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO135 - Access - Database functionality configurations must be displayed to the user. | DISA STIG Office 2010 Access v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO146 - Word - Trust access for VBA must be disallowed. | DISA STIG Office 2010 Word v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO185 - Office System - Automatic receiving of small updates to improve reliability must be disallowed. | DISA STIG Office System 2010 v1r13 | Windows | CONFIGURATION MANAGEMENT |
| DTOO189 - Office System - The encryption type for password protected Open XML files must be set. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO203 - Office System - Legacy format signatures must be enabled. | DISA STIG Office System 2010 v1r13 | Windows | CONFIGURATION MANAGEMENT |
| DTOO290 - PowerPoint - Hidden markup options must be visible. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO304 - Word - Warning Bar settings for VBA macros must be configured. | DISA STIG Office 2010 Word v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO311 - Office System - Key Usage Filtering must be allowed. | DISA STIG Office System 2010 v1r13 | Windows | CONFIGURATION MANAGEMENT |
| GEN000020 - The system must require authentication upon booting into single-user and maintenance modes. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000120 - System security patches and updates must be installed and up-to-date. | DISA STIG AIX 5.3 v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN000241 - The system clock must be synchronized continuously, or at least daily - 'NTP daemon is started at boot' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN000290 - The system must not have unnecessary accounts - 'games does not exsit' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000290 - The system must not have unnecessary accounts - 'gopher does not exsit' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000290 - The system must not have unnecessary accounts - 'uucp does not exsit' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000400 - The Department of Defense (DoD) login banner must be displayed immediately prior to, or as part of, console login prompts. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000410 - The FTPS/FTP service on the system must be configured with the DoD login banner - '/etc/herald permissions are 644' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000440 - Successful and unsuccessful logins and logouts must be logged - 'unsuccessful logins are being logged' | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN000480 - The delay between login prompts following a failed login attempt must be at least 4 seconds. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000500 - Graphical desktop environments provided by the system must automatically lock after 15 minutes of inactivity. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000920 - The root account's home directory (other than /) must have mode 0700 - Not Applicable | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000960 - The root account must not have world-writable directories in its executable search path. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| WA000-WI030 IIS6 - The IUSR_machinename account must not have read access to the .inc files or their equivalent. - '.inc' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | ACCESS CONTROL |
| WA000-WI6026 IIS6 - The maximum used memory monitor must be enabled. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI6028 IIS6 - The Shutdown worker processes Idle Timeout monitor must be enabled. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI6032 IIS6 - The Enable pinging monitor must be enabled. - 'PingingEnabled set to True' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI6034 IIS6 - The Enable rapid-fail protection monitor must be enabled. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI6096 IIS6 - The UrlSegmentMaxCount registry entry must be set properly. | DISA STIG IIS 6.0 Server v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WA000-WI6098 IIS6 - The MaxRequestEntityAllowed metabase value must be defined. - 'IisWebVirtualDirSetting' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WA000-WWA022 W22 - The KeepAlive directive must be enabled. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WA000-WWA050 W22 - All interactive programs must be placed in a designated directory with appropriate permissions. - '-ExecCGI' | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WWA050 W22 - All interactive programs must be placed in a designated directory with appropriate permissions. - 'SetHandler' | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WWA052 A22 - The '-FollowSymLinks' setting must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WA000-WWA052 W22 - The FollowSymLinks setting must be disabled. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WWA056 A22 - The MultiViews directive must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WA000-WWA058 A22 - Directory indexing must be disabled on directories not containing index files. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WA000-WWA062 A22 - The HTTP request header fields must be limited. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WA000-WWA064 W22 - The HTTP request header field size must be limited. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG145 IIS6 - The private web server must use an approved DoD certificate validation process. - 'Check W3SVC CertCheckMode' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WG310 A22 - A web site must not contain a robots.txt file | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG345 A22 - The web server must remove all export ciphers from the cipher suite. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
