| AIOS-18-006950 - Apple iOS/iPadOS 18 must be configured to enforce a passcode reuse prohibition of at least two generations. | MobileIron - DISA Apple iOS/iPadOS 18 v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-037640 - AlmaLinux OS 9 must be configured so that interactive user account passwords are using strong password hashes. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-11-002031 - The macOS system must be configured to disable the system preference pane for Apple ID. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002031 - The macOS system must be configured to disable the system preference pane for Apple ID. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002060 - The macOS system must apply gatekeeper settings to block applications from unidentified developers. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| CASA-ND-001150 - The Cisco ASA must be configured to implement cryptographic mechanisms using a FIPS 140-2 approved algorithm to protect the confidentiality of remote maintenance sessions. | DISA STIG Cisco ASA NDM v2r2 | Cisco | MAINTENANCE |
| EPAS-00-004250 - If DBMS authentication, using passwords, is employed, EDB Postgres Advanced Server must enforce the DOD standards for password complexity and lifetime. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION |
| EPAS-00-004400 - If passwords are used for authentication, the EDB Postgres Advanced Server must transmit only encrypted representations of passwords. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000245 - The FortiGate device must use LDAPS for the LDAP connection. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| GEN000100 - The operating system must be a supported release. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN001640 - Run control scripts must not execute world-writable programs or scripts. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - 'hosts.equiv' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - 'hosts.equiv' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - 'shosts.equiv' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - 'shosts.equiv' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN002220 - All shell files must have mode 0755 or less permissive. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN002220 - All shell files must have mode 0755 or less permissive. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN004220 - Administrative accounts must not run a web browser, except as needed for local service administration. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN004220 - Administrative accounts must not run a web browser, except as needed for local service administration. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN004400 - Files executed through an aliases file must be owned by root and reside within a directory owned and writable only by root. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN004600 - The SMTP service must be an up-to-date version - 'postfix' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN004600 - The SMTP service must be an up-to-date version - 'sendmail' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN004640 - The SMTP service must not have a uudecode alias active - '/etc/aliases decode alias does not exist' | DISA STIG AIX 6.1 v1r14 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN004640 - The SMTP service must not have a uudecode alias active - '/etc/aliases uudecode alias does not exist' | DISA STIG AIX 6.1 v1r14 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN004640 - The SMTP service must not have a uudecode alias active - '/etc/aliases' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN004640 - The SMTP service must not have a uudecode alias active - '/usr/lib/aliases decode alias does not exist' | DISA STIG AIX 6.1 v1r14 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN004640 - The SMTP service must not have a uudecode alias active - '/usr/lib/aliases' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN005000 - Anonymous FTP accounts must not have a functional shell. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN005080 - The TFTP daemon must operate in 'secure mode' which provides access only to a single directory on the host file system. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN005140 - Any active TFTP daemon must be authorized and approved in the system accreditation package. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005200 - X displays must not be exported to the world. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN008640 - The system must not use removable media as the boot loader - 'both' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN008660 - For using GRUB, the system must be configured with GRUB as the default unless another boot loader has been authorized. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GOOG-15-012500 - Google Android 15 must be configured to disable 'Private Space' use. | MobileIron - DISA Google Android 15 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| JUEX-NM-000510 - The Juniper EX switches must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of nonlocal maintenance and diagnostic communications. | DISA Juniper EX Series Network Device Management v2r2 | Juniper | MAINTENANCE |
| MD4X-00-002950 - If passwords are used for authentication, MongoDB must implement LDAP or Kerberos for authentication to enforce the DoD standards for password complexity and lifetime. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| MD4X-00-003100 - MongoDB must enforce authorized access to all PKI private keys stored/utilized by MongoDB. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| MD7X-00-000200 MongoDB must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | Unix | ACCESS CONTROL |
| O19C-00-008000 - The Oracle Database software installation account must be restricted to authorized users. | DISA Oracle Database 19c STIG v1r1 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O19C-00-015200 - Oracle Database, when using public key infrastructure (PKI)-based authentication, must enforce authorized access to the corresponding private key. | DISA Oracle Database 19c STIG v1r1 Unix | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-40-000039 The operating system must store only encrypted representations of passwords. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-40-000040 The Photon operating system must not have the telnet package installed. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SHPT-00-000683 - SharePoint-specific malware (i.e., anti-virus) software must be integrated and configured - 'Scan Documents on Download is enabled' | DISA STIG SharePoint 2010 v1r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SHPT-00-000683 - SharePoint-specific malware (i.e., anti-virus) software must be integrated and configured - 'Scan Documents on Upload is enabled' | DISA STIG SharePoint 2010 v1r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SYMP-NM-000260 - Symantec ProxySG must transmit only encrypted representations of passwords - HTTP-Console Disabled | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| VCPG-67-000014 - VMware Postgres must enforce authorized access to all PKI private keys. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCPG-70-000012 - VMware Postgres must enforce authorized access to all public key infrastructure (PKI) private keys. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WN11-00-000030 - Windows 11 information systems must use BitLocker to encrypt all disks to protect the confidentiality and integrity of all information at rest. | DISA Microsoft Windows 11 STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-CC-000180 - Autoplay must be turned off for non-volume devices. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN22-DC-000080 - Windows Server 2022 Active Directory SYSVOL directory must have the proper access control permissions. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL |
