| APPL-14-002060 The macOS system must apply gatekeeper settings to block applications from unidentified developers. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-14-002064 The macOS system must enable Gatekeeper. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-001100 - The macOS system must disable root login for SSH. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| Big Sur - Disable the Guest Account | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| DTAM141 - McAfee VirusScan Access Protection: Common Standard Protection must be set to prevent modification of McAfee files and settings. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft Word 2013 v1r7 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft Excel 2013 v1r8 | Windows | CONFIGURATION MANAGEMENT |
| DTOO413 - Users must be prevented from using or inserting apps that come from the Office Store. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | CONFIGURATION MANAGEMENT |
| ESXI-06-000047 - The Image Profile and VIB Acceptance Levels must be verified. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-06-100001 - The system must enable lockdown mode to restrict remote access. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | CONFIGURATION MANAGEMENT |
| EX19-ED-000053 - Exchange local machine policy must require signed scripts. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| EX19-MB-000061 - Exchange local machine policy must require signed scripts. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| FGFW-ND-000160 - The FortiGate device must enforce access restrictions associated with changes to the system components. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT |
| GEN001200 - All system command files must have mode 0755 or less permissive - '/bin/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001200 - All system command files must have mode 0755 or less permissive - '/sbin/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001200 - All system command files must have mode 0755 or less permissive - '/usr/lbin/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001200 - All system command files must have mode 0755 or less permissive - '/usr/usb/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001200 - All system command files must have mode 755 or less permissive - /etc/* | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001200 - All system command files must have mode 755 or less permissive - /usr/bin/* | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001200 - All system command files must have mode 755 or less permissive - /usr/lbin/* | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001200 - All system command files must have mode 755 or less permissive - /usr/ucb/* | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001210 - All system command files must not have extended ACLs - '/bin' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001210 - All system command files must not have extended ACLs - '/usr/bin' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001210 - All system command files must not have extended ACLs. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001220 - All system files, programs, and directories must be owned by a system account - '/bin/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001220 - All system files, programs, and directories must be owned by a system account - '/etc/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001220 - All system files, programs, and directories must be owned by a system account - '/usr/bin/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001220 - All system files, programs, and directories must be owned by a system account - '/usr/lbin/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001220 - All system files, programs, and directories must be owned by a system account - '/usr/sbin/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001220 - All system files, programs, and directories must be owned by a system account - /sbin/* | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001220 - All system files, programs, and directories must be owned by a system account - /usr/lbin/* | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001220 - All system files, programs, and directories must be owned by a system account - /usr/ucb/* | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001220 - All system files, programs, and directories must be owned by a system account - /usr/ucb/* | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001240 - System files, programs, and directories must be group-owned by a system group - '/bin/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001240 - System files, programs, and directories must be group-owned by a system group - '/etc/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001240 - System files, programs, and directories must be group-owned by a system group - '/usr/bin/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN001240 - System files, programs, and directories must be group-owned by a system group - /usr/bin/* | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001240 - System files, programs, and directories must be group-owned by a system group - /usr/lbin/* | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001240 - System files, programs, and directories must be group-owned by a system group - /usr/ucb/* | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001300 - Library files must have mode 0755 or less permissive - /lib/* | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001300 - Library files must have mode 0755 or less permissive - /usr/lib/* | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001300 - Library files must have mode 0755 or less permissive - /usr/sfw/lib/* | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001300 - Library files must have mode 0755 or less permissive - /usr/sfw/lib/* | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN002760-7 - The audit system must be configured to audit all administrative, privileged, and security actions - 'sethostname' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN002760-8 - The audit system must be configured to audit all administrative, privileged, and security actions - 'setdomain' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN002760-9 - The audit system must be configured to audit all administrative, privileged, and security actions - 'sched_setparam' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010370 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components from a repository without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010372 - RHEL 8 must prevent the loading of a new kernel for later execution. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-214025 - RHEL 9 must have GPG signature verification enabled for all software repositories. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-010430 - The SUSE operating system tool zypper must have gpgcheck enabled. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
