| 1.6 Ensure 'application pool identity' is configured for anonymous user identity | CIS IIS 7 L1 v1.8.0 | Windows | CONFIGURATION MANAGEMENT |
| 1.6 Ensure 'application pool identity' is configured for anonymous user identity | CIS IIS 8.0 v1.5.1 Level 1 | Windows | CONFIGURATION MANAGEMENT |
| 1.6 Ensure 'application pool identity' is configured for anonymous user identity | CIS IIS 10 v1.2.1 Level 1 | Windows | ACCESS CONTROL |
| 2.1 Ensure 'global authorization rule' is set to restrict access | CIS IIS 8.0 v1.5.1 Level 1 | Windows | ACCESS CONTROL |
| 2.1.4 (L2) Ensure Safe Attachments policy is enabled | CIS Microsoft 365 Foundations v6.0.1 L2 E5 | microsoft_azure | SYSTEM AND INFORMATION INTEGRITY |
| 3.3 Ensure custom error messages are not off | CIS IIS 8.0 v1.5.1 Level 2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 3.11 Ensure 'encryption providers' are locked down | CIS IIS 7 L2 v1.8.0 | Windows | ACCESS CONTROL |
| 4.2 Ensure 'maxURL request filter' is configured - Applications | CIS IIS 7 L2 v1.8.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 4.2 Ensure 'maxURL request filter' is configured - Default | CIS IIS 7 L2 v1.8.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 4.5 Ensure Double-Encoded requests will be rejected - Default | CIS IIS 10 v1.2.1 Level 1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 5.2 Ensure Advanced IIS logging is enabled | CIS IIS 8.0 v1.5.1 Level 1 | Windows | AUDIT AND ACCOUNTABILITY |
| ESXI-06-000001 - The VMM must limit the number of concurrent sessions to ten for all accounts and/or account types by enabling lockdown mode. | DISA VMware vSphere ESXi 6.0 STIG v1r5 | VMware | ACCESS CONTROL |
| ESXI-06-000004 - Remote logging for ESXi hosts must be configured. | DISA VMware vSphere ESXi 6.0 STIG v1r5 | VMware | AUDIT AND ACCOUNTABILITY |
| ESXI-06-000007 - The system must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the system. | DISA VMware vSphere ESXi 6.0 STIG v1r5 | VMware | ACCESS CONTROL |
| ESXI-06-000034 - The system must disable the Managed Object Browser (MOB). | DISA VMware vSphere ESXi 6.0 STIG v1r5 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-06-000041 - The system must set a timeout to automatically disable idle sessions after a predetermined period. | DISA VMware vSphere ESXi 6.0 STIG v1r5 | VMware | ACCESS CONTROL |
| ESXI-06-000042 - The system must terminate shell services after a predetermined period. | DISA VMware vSphere ESXi 6.0 STIG v1r5 | VMware | ACCESS CONTROL |
| ESXI-06-000046 - The system must configure NTP time synchronization. | DISA VMware vSphere ESXi 6.0 STIG v1r5 | VMware | AUDIT AND ACCOUNTABILITY |
| ESXI-06-000050 - The system must protect the confidentiality and integrity of transmitted information by protecting IP based management traffic. | DISA VMware vSphere ESXi 6.0 STIG v1r5 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-06-000052 - The system must protect the confidentiality and integrity of transmitted information by utilizing different TCP/IP stacks where possible. | DISA VMware vSphere ESXi 6.0 STIG v1r5 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-06-000053 - SNMP must be configured properly. | DISA VMware vSphere ESXi 6.0 STIG v1r5 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-06-000057 - The system must configure the firewall to block network traffic by default - Incoming | DISA VMware vSphere ESXi 6.0 STIG v1r5 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-06-000059 - The virtual switch Forged Transmits policy must be set to reject. | DISA VMware vSphere ESXi 6.0 STIG v1r5 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-06-000066 - The non-negotiate option must be configured for trunk links between external physical switches and virtual switches in VST mode. | DISA VMware vSphere ESXi 6.0 STIG v1r5 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-06-000071 - The system must verify the integrity of the installation media before installing ESXi. | DISA VMware vSphere ESXi 6.0 STIG v1r5 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-06-100004 - The VMM must support the capability to centrally review and analyze audit records from multiple components within the system by configuring remote logging. | DISA VMware vSphere ESXi 6.0 STIG v1r5 | VMware | AUDIT AND ACCOUNTABILITY |
| ESXI-06-100043 - The VMM must automatically terminate a user session after inactivity timeouts have expired or at shutdown. | DISA VMware vSphere ESXi 6.0 STIG v1r5 | VMware | ACCESS CONTROL |
| ESXI-06-200004 - The VMM must protect audit information from unauthorized modification by configuring remote logging. | DISA VMware vSphere ESXi 6.0 STIG v1r5 | VMware | AUDIT AND ACCOUNTABILITY |
| ESXI-06-200040 - The VMM must electronically verify Personal Identity Verification (PIV) credentials. | DISA VMware vSphere ESXi 6.0 STIG v1r5 | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXI-06-300038 - The VMM must implement replay-resistant authentication mechanisms for network access to non-privileged accounts by using the vSphere Authentication Proxy. | DISA VMware vSphere ESXi 6.0 STIG v1r5 | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXI-06-400004 - The VMM must off-load audit records onto a different system or media than the system being audited by configuring remote logging. | DISA VMware vSphere ESXi 6.0 STIG v1r5 | VMware | AUDIT AND ACCOUNTABILITY |
| IIST-SI-000242 - The IIS 10.0 private website must employ cryptographic mechanisms (TLS) and require client certificates. | DISA IIS 10.0 Site v2r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IIST-SV-000140 - Warning and error messages displayed to clients must be modified to minimize the identity of the IIS 10.0 web server, patches, loaded modules, and directory paths. | DISA IIS 10.0 Server v2r10 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IIST-SV-000156 - All accounts installed with the IIS 10.0 web server software and tools must have passwords assigned and default passwords changed. | DISA IIS 10.0 Server v3r6 | Windows | CONFIGURATION MANAGEMENT |
| IIST-SV-000156 - All accounts installed with the IIS 10.0 web server software and tools must have passwords assigned and default passwords changed. | DISA IIS 10.0 Server v2r10 | Windows | CONFIGURATION MANAGEMENT |
| IIST-SV-000215 - ASP.NET version must be removed from the HTTP Response Header information. | DISA IIS 10.0 Server v3r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IIST-SV-000215 - ASP.NET version must be removed from the HTTP Response Header information. | DISA IIS 10.0 Server v2r10 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IISW-SI-000205 - The enhanced logging for each IIS 8.5 website must be enabled and capture, record, and log all content related to a user session | DISA IIS 8.5 Site v2r9 | Windows | AUDIT AND ACCOUNTABILITY |
| IISW-SI-000216 - The IIS 8.5 website must have resource mappings set to disable the serving of certain file types. | DISA IIS 8.5 Site v2r9 | Windows | CONFIGURATION MANAGEMENT |
| IISW-SI-000220 - A private websites authentication mechanism must use client certificates to transmit session identifier to assure integrity. | DISA IIS 8.5 Site v2r9 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| IISW-SI-000235 - The Idle Time-out monitor for each IIS 8.5 website must be enabled. | DISA IIS 8.5 Site v2r9 | Windows | ACCESS CONTROL |
| IISW-SI-000244 - IIS 8.5 website session IDs must be sent to the client using TLS. | DISA IIS 8.5 Site v2r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IISW-SI-000251 - The IIS 8.5 website must have a unique application pool. | DISA IIS 8.5 Site v2r9 | Windows | CONFIGURATION MANAGEMENT |
| IISW-SV-000137 - The production IIS 8.5 web server must utilize SHA2 encryption for the Machine Key. | DISA IIS 8.5 Server v2r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IISW-SV-000140 - Warning and error messages displayed to clients must be modified to minimize the identity of the IIS 8.5 web server, patches, loaded modules, and directory paths. | DISA IIS 8.5 Server v2r7 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IISW-SV-000156 - All accounts installed with the IIS 8.5 web server software and tools must have passwords assigned and default passwords changed. | DISA IIS 8.5 Server v2r7 | Windows | CONFIGURATION MANAGEMENT |
| NIST_macOS_Monterey_All_Profiles_v1.0.0.audit from NIST macOS Monterey v1.0.0 | NIST macOS Monterey v1.0.0 - All Profiles | Unix | |
| SP13-00-000060 - SharePoint must reject or delay, as defined by the organization, network traffic generated above configurable traffic volume thresholds - ConnectionTimeout | DISA Microsoft SharePoint 2013 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| SP13-00-000060 - SharePoint must reject or delay, as defined by the organization, network traffic generated above configurable traffic volume thresholds - maxBandwidth | DISA Microsoft SharePoint 2013 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| SP13-00-000060 - SharePoint must reject or delay, as defined by the organization, network traffic generated above configurable traffic volume thresholds - maxConnections | DISA Microsoft SharePoint 2013 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
