| AIOS-02-080016 - Apple iOS must implement the management setting: not allow automatic completion of Safari browser passcodes. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-02-080101 - Apple iOS must not allow backup to remote systems (enterprise books). | MobileIron - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-11-080203 - Apple iOS must implement the management setting: force Apple Watch wrist detection. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-008400 - Apple iOS/iPadOS 15 must be configured to display the DoD advisory warning message at startup or each time the user unlocks the device. | MobileIron - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | ACCESS CONTROL |
| AIOS-15-010600 - Apple iOS/iPadOS 15 must implement the management setting: not allow automatic completion of Safari browser passcodes. | MobileIron - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-010800 - Apple iOS/iPadOS 15 must implement the management setting: not allow use of Handoff. | AirWatch - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-010900 - Apple iOS/iPadOS 15 must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device for the first time. | AirWatch - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-011800 - Apple iOS/iPadOS 15 must implement the management setting: force Apple Watch wrist detection. | MobileIron - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-012300 - Apple iOS/iPadOS 15 must not allow managed apps to write contacts to unmanaged contacts accounts. | MobileIron - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-012500 - Apple iOS/iPadOS 15 must implement the management setting: disable AirDrop. | AirWatch - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-013400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | AirWatch - DISA Apple iOS/iPadOS 15 STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-008400 - Apple iOS/iPadOS 16 must be configured to display the DoD advisory warning message at startup or each time the user unlocks the device. | AirWatch - DISA Apple iOS-iPadOS 16 STIG v2r2 | MDM | ACCESS CONTROL |
| AIOS-16-010900 - Apple iOS/iPadOS 16 must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device for the first time. | AirWatch - DISA Apple iOS-iPadOS 16 STIG v2r2 | MDM | ACCESS CONTROL |
| AIOS-16-010900 - Apple iOS/iPadOS 16 must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device for the first time. | MobileIron - DISA Apple iOS-iPadOS 16 STIG v2r2 | MDM | ACCESS CONTROL |
| AIOS-16-011800 - Apple iOS/iPadOS 16 must implement the management setting: Force Apple Watch wrist detection. | MobileIron - DISA Apple iOS-iPadOS 16 STIG v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-013400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | AirWatch - DISA Apple iOS-iPadOS 16 STIG v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-001000 - Apple iOS/iPadOS 17 must allow the Administrator (MDM) to perform the following management function: enable/disable VPN protection across the device and [selection: other methods] - MDM to perform the following management function: enable/disable VPN protection across the device and [selection: other methods]. | AirWatch - DISA Apple iOS/iPadOS 17 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-010900 - Apple iOS/iPadOS 17 must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device. | AirWatch - DISA Apple iOS/iPadOS 17 v2r2 | MDM | ACCESS CONTROL |
| AIOS-17-711800 - Apple iOS/iPadOS 17 must implement the management setting: force Apple Watch wrist detection. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-712300 - Apple iOS/iPadOS 17 must not allow managed apps to write contacts to unmanaged contacts accounts. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-712300 - Apple iOS/iPadOS 17 must not allow managed apps to write contacts to unmanaged contacts accounts. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-712400 - Apple iOS/iPadOS 17 must not allow unmanaged apps to read contacts from managed contacts accounts. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-713400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-13-001029 - The macOS system must allocate audit record storage capacity to store at least seven days of audit records when audit records are not immediately sent to a central audit record storage facility. | DISA STIG Apple macOS 13 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| ARST-L2-000050 - The Arista MLS switch must have Root Guard enabled on all switch ports connecting to access layer switches and hosts. | DISA STIG Arista MLS EOS 4.2x L2S v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-L2-000130 - The Arista MLS layer 2 switch must have IGMP or MLD Snooping configured on all VLANs. | DISA STIG Arista MLS EOS 4.2x L2S v2r1 | Arista | CONFIGURATION MANAGEMENT |
| ARST-RT-000090 - The Arista MSDP router must be configured to limit the amount of source-active messages it accepts on per-peer basis. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| ARST-RT-000150 - The Arista router must be configured to have all inactive interfaces disabled. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| ARST-RT-000580 - The multicast Rendezvous Point (RP) Arista router must be configured to limit the multicast forwarding cache so that its resources are not saturated by managing an overwhelming number of Protocol Independent Multicast (PIM) and Multicast Source Discovery Protocol (MSDP) source-active entries. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-11-000500 - Google Android 11 must be configured to not allow more than ten consecutive failed authentication attempts. | MobileIron - DISA Google Android 11 COPE v2r1 | MDM | ACCESS CONTROL |
| GOOG-11-011000 - Google Android 11 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Google Android 11 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-011100 - Google Android 11 devices must be configured to enable Common Criteria Mode (CC Mode). | AirWatch - DISA Google Android 11 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-007700 - Google Android 12 must be configured to display the DoD advisory warning message at startup or each time the user unlocks the device. | AirWatch - DISA Google Android 12 COBO v1r2 | MDM | ACCESS CONTROL |
| GOOG-12-007700 - Google Android 12 must be configured to display the DoD advisory warning message at startup or each time the user unlocks the device. | MobileIron - DISA Google Android 12 COBO v1r2 | MDM | ACCESS CONTROL |
| GOOG-12-007700 - Google Android 12 must be configured to display the DoD advisory warning message at startup or each time the user unlocks the device. | AirWatch - DISA Google Android 12 COPE v1r2 | MDM | ACCESS CONTROL |
| GOOG-12-011000 - Android 12 devices must be configured to enable Common Criteria Mode (CC Mode). | MobileIron - DISA Google Android 12 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-010900 - Android 13 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Google Android 13 COPE STIG v2r3 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-012400 - Google Android 13 must allow only the Administrator (MDM) to perform the following management function: Disable Phone Hub. | AirWatch - DISA Google Android 13 COBO STIG v2r3 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-14-007700 - Google Android 14 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device. | MobileIron - DISA Google Android 14 COBO STIG v2r3 | MDM | ACCESS CONTROL |
| GOOG-14-010900 - Android 14 devices must be configured to disable the use of third-party keyboards. | AirWatch - DISA Google Android 14 COBO STIG v2r3 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-010900 - Android 14 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Google Android 14 COBO STIG v2r3 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-012400 - Google Android 14 must allow only the administrator (MDM) to perform the following management function: Disable Phone Hub - MDM to perform the following management function: Disable Phone Hub. | MobileIron - DISA Google Android 14 COBO STIG v2r3 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| OS10-L2S-000170 - The Dell OS10 Switch must have IGMP or MLD Snooping configured on all VLANs | DISA Dell OS10 Switch Layer 2 Switch STIG v1r1 | Dell_OS10 | CONFIGURATION MANAGEMENT |
| OS10-L2S-000270 - The Dell OS10 Switch must not have any switch ports assigned to the native VLAN. | DISA Dell OS10 Switch Layer 2 Switch STIG v1r1 | Dell_OS10 | CONFIGURATION MANAGEMENT |
| OS10-RTR-000060 - The Dell OS10 BGP router must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute. | DISA Dell OS10 Switch Router STIG v1r1 | Dell_OS10 | ACCESS CONTROL |
| OS10-RTR-000630 - The Dell OS10 Router must be configured to have IP directed broadcast disabled on all interfaces. | DISA Dell OS10 Switch Router STIG v1r1 | Dell_OS10 | SYSTEM AND COMMUNICATIONS PROTECTION |
| OS10-RTR-000680 - The Dell OS10 BGP router must be configured to limit the prefix size on any inbound route advertisement to /24 or the least significant prefixes issued to the customer. | DISA Dell OS10 Switch Router STIG v1r1 | Dell_OS10 | SYSTEM AND COMMUNICATIONS PROTECTION |
| OS10-RTR-001020 - The Dell OS10 Router must be configured to advertise a hop limit of at least 32 in Router Advertisement messages for IPv6 stateless auto-configuration deployments. | DISA Dell OS10 Switch Router STIG v1r1 | Dell_OS10 | CONFIGURATION MANAGEMENT |
| UBTU-20-010401 - The Ubuntu operating system must restrict access to the kernel message buffer. | DISA Canonical Ubuntu 20.04 LTS STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-20-010453 - The Ubuntu operating system must display the date and time of the last successful account logon upon logon. | DISA Canonical Ubuntu 20.04 LTS STIG v2r4 | Unix | ACCESS CONTROL |
