| 1.12 WN16-00-000140 | CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II | Windows | CONFIGURATION MANAGEMENT |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.43.16 (L1) Ensure 'Configure detection for potentially unwanted applications' is set to 'Enabled: Block' | CIS Microsoft Windows Server 2016 v4.0.0 L1 MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM104 - McAfee VirusScan On-Access Default Processes Policies must be configured to find unknown unwanted programs and trojans. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-102 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find unknown program viruses. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN002720-2 - The audit system must be configured to audit failed attempts to access files and programs - '-S open -F exit=-EACCES' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| GEN002720-2 - The audit system must be configured to audit failed attempts to access files and programs - '-S open -F exit=-EACCES' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002720-2 - The audit system must be configured to audit failed attempts to access files and programs - '-S open -F exit=-EPERM' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| GEN002720-2 - The audit system must be configured to audit failed attempts to access files and programs - '-S open -F exit=-EPERM' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002720-3 - The audit system must be configured to audit failed attempts to access files and programs - '-S openat -F exit=-EACCES' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| GEN002720-3 - The audit system must be configured to audit failed attempts to access files and programs - '-S openat -F exit=-EACCES' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002720-3 - The audit system must be configured to audit failed attempts to access files and programs - '-S openat -F success=0' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002720-4 - The audit system must be configured to audit failed attempts to access files and programs - '-S truncate -F exit=-EACCES' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| GEN002720-4 - The audit system must be configured to audit failed attempts to access files and programs - '-S truncate -F exit=-EPERM' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| GEN002720-4 - The audit system must be configured to audit failed attempts to access files and programs - '-S truncate -F exit=-EPERM' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002720-4 - The audit system must be configured to audit failed attempts to access files and programs - '-S truncate -F success=0' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002720-5 - The audit system must be configured to audit failed attempts to access files and programs - '-S ftruncate -F exit=-EACCES' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| GEN002720-5 - The audit system must be configured to audit failed attempts to access files and programs - '-S ftruncate -F exit=-EACCES' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002720-5 - The audit system must be configured to audit failed attempts to access files and programs - '-S ftruncate -F exit=-EPERM' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| GEN002720-5 - The audit system must be configured to audit failed attempts to access files and programs - '-S ftruncate -F success=0' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| HP ProCurve - 'Configure login attempts' | TNS HP ProCurve | HPProCurve | ACCESS CONTROL |
| HP ProCurve - 'Disable TFTP server' | TNS HP ProCurve | HPProCurve | CONFIGURATION MANAGEMENT |
| Install a trusted certificate in place of the default self-signed SSL certificate | TNS Citrix Hypervisor | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Restrict allowed IPv4 addresses used by each VM guest | TNS Citrix Hypervisor | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Ensure default 'admin' username is not used | TNS SonicWALL v5.9 | SonicWALL | IDENTIFICATION AND AUTHENTICATION |
| SonicWALL - Anti-Spyware - WLAN | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - AutoDownload Firmware - Enabled | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Flood Protection - Layer 3 - Attack Threshold | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Flood Protection - Layer 3 - Protection Mode | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - Login Banner - Trusted Zone | TNS SonicWALL v5.9 | SonicWALL | ACCESS CONTROL |
| SonicWALL - Password Policy - Affected User types | TNS SonicWALL v5.9 | SonicWALL | IDENTIFICATION AND AUTHENTICATION |
| SonicWALL - Password Policy - Affected User types - limited-admins | TNS SonicWALL v5.9 | SonicWALL | IDENTIFICATION AND AUTHENTICATION |
| SonicWALL - Password Policy - Change Period <=30 days | TNS SonicWALL v5.9 | SonicWALL | IDENTIFICATION AND AUTHENTICATION |
| SonicWALL - PW Policy - Lockout - Num Attempts <=3 | TNS SonicWALL v5.9 | SonicWALL | ACCESS CONTROL |
| SonicWALL - Security Services - IDP - Activated | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - SSL Control - Enable Blacklist | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND INFORMATION INTEGRITY |
| SonicWALL - Unused Interfaces | TNS SonicWALL v5.9 | SonicWALL | CONFIGURATION MANAGEMENT |
| SonicWALL - Use non default admin access ports - HTTPS | TNS SonicWALL v5.9 | SonicWALL | CONFIGURATION MANAGEMENT |
| SonicWALL - Web Interface - Does not use self-signed cert | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
| Use a static IP on the storage network interface | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| XenServer - All network interfaces are operating in full-duplex mode | TNS Citrix XenServer | Unix | |
| XenServer - Auto-start is not enabled | TNS Citrix XenServer | Unix | |
| XenServer - Enable QoS on all VM guests | TNS Citrix XenServer | Unix | |
| XenServer - Host is enabled | TNS Citrix XenServer | Unix | |
| XenServer - Passwords stored in 'secrets' are not visible | TNS Citrix XenServer | Unix | |
| XenServer - Restrict allowed IPv4 addresses used by each VM guest | TNS Citrix XenServer | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| XenServer - Use a static IP on the management network interface | TNS Citrix XenServer | Unix | |
