| 3.084 - The system is configured to use an unauthorized time server. - 'NTPServer' | DISA Windows Vista STIG v6r41 | Windows | AUDIT AND ACCOUNTABILITY |
| ADBP-XI-001305 - Adobe Acrobat Pro XI Webmail must be disabled. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | CONFIGURATION MANAGEMENT |
| ADBP-XI-001310 - The Adobe Acrobat Pro XI Welcome Screen must be disabled. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | CONFIGURATION MANAGEMENT |
| AIOS-18-010850 - Apple iOS/iPadOS 18 must implement the management setting: not allow use of iPhone widgets on Mac. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-013100 - Apple iOS/iPadOS 18 must disable 'Find My Friends' in the 'Find My' app - Find My app. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| CISC-RT-000236 - The Cisco router must be configured to advertise a hop limit of at least 32 in Router Advertisement messages for IPv6 stateless auto-configuration deployments. | DISA STIG Cisco IOS Router RTR v3r2 | Cisco | CONFIGURATION MANAGEMENT |
| ESXI-80-000210 - The ESXi host Secure Shell (SSH) daemon must set a timeout count on idle sessions. | DISA VMware vSphere 8.0 ESXi STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| F5BI-DM-000290 - If the BIG-IP appliance is being used to authenticate users for web applications, the HTTPOnly flag must be set. | DISA F5 BIG-IP Device Management STIG v2r4 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| FFOX-00-000015 - Firefox development tools must be disabled. | DISA STIG Mozilla Firefox Linux v6r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| FFOX-00-000015 - Firefox development tools must be disabled. | DISA STIG Mozilla Firefox MacOS v6r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GOOG-13-007700 - Google Android 13 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device. | AirWatch - DISA Google Android 13 COPE v2r2 | MDM | ACCESS CONTROL |
| GOOG-14-010900 - Android 14 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Google Android 14 COBO v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-007700 - Google Android 15 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device. | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | ACCESS CONTROL |
| GOOG-15-010900 - Android 15 devices must be configured to disable the use of third-party keyboards. | AirWatch - DISA Google Android 15 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-011000 - Android 15 devices must be configured to enable Common Criteria (CC) Mode - CC Mode. | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-011000 - Android 15 devices must be configured to enable Common Criteria Mode (CC Mode) - CC Mode. | AirWatch - DISA Google Android 15 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-011000 - Android 15 devices must be configured to enable Common Criteria Mode (CC Mode) - CC Mode. | MobileIron - DISA Google Android 15 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-012400 - Google Android 15 must allow only the administrator (MDM) to perform the following management function: Disable Phone Hub - MDM to perform the following management function: Disable Phone Hub. | MobileIron - DISA Google Android 15 COBO v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-15-012400 - Google Android 15 must allow only the administrator (MDM) to perform the following management function: Disable Phone Hub - MDM to perform the following management function: Disable Phone Hub. | AirWatch - DISA Google Android 15 COPE v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000110 - The Juniper router must be configured to disable the auxiliary port unless it is connected to a secured modem providing encryption and authentication. | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| JUEX-RT-000260 - The Juniper router must be configured to log all packets that have been dropped. | DISA Juniper EX Series Router v2r1 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUEX-RT-000670 - The Juniper PE router must be configured to implement Internet Group Management Protocol (IGMP) or Multicast Listener Discovery (MLD) snooping for each Virtual Private LAN Services (VPLS) bridge domain. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010292 - The OL 8 SSH server must be configured to use strong entropy. | DISA Oracle Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010376 - OL 8 must prevent kernel profiling by unprivileged users. | DISA Oracle Linux 8 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-030742 - OL 8 must disable network management of the chrony daemon. | DISA Oracle Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-030601 - RHEL 8 must enable auditing of processes that start prior to the audit daemon. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030602 - RHEL 8 must allocate an audit_backlog_limit of sufficient size to capture processes that start prior to the audit daemon. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030603 - RHEL 8 must enable Linux audit logging for the USBGuard daemon. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030741 - RHEL 8 must disable the chrony daemon from acting as a server. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-030742 - RHEL 8 must disable network management of the chrony daemon. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040004 - RHEL 8 must enable mitigations against processor-based vulnerabilities. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-211035 - RHEL 9 must enable the hardware random number generator entropy gatherer service. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-231020 - RHEL 9 must use a separate file system for /var. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-231030 - RHEL 9 must use a separate file system for the system audit data path. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-15-040050 - The SUSE operating system file integrity tool must be configured to verify extended attributes. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-18-010510 - The Ubuntu operating system must restrict access to the kernel message buffer. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-20-010400 - The Ubuntu operating system must limit the number of concurrent sessions to ten for all accounts and/or account types. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | ACCESS CONTROL |
| UBTU-24-100020 - Ubuntu 24.04 LTS must not have the "ntp" package installed. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-100700 - Ubuntu 24.04 LTS must have the "chrony" package installed. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-901220 - Ubuntu 24.04 LTS must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VMCH-70-000001 - Copy operations must be disabled on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000003 - Paste operations must be disabled on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| WBSP-AS-000640 - The WebSphere Application Server must alert the SA and ISSO, in the event of a log processing failure - notification | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000660 - The WebSphere Application Server must shut down by default upon log failure (unless availability is an overriding concern). | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000940 - The WebSphere Application Server must remove JREs left by web server and plug-in installers in the DMZ. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WBSP-AS-001470 - The WebSphere Application Server must be configured to perform complete application deployments when using A/B clusters. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001580 - The WebSphere Application Server memory session settings must be defined according to application load requirements. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-CC-000175 - The Application Compatibility Program Inventory must be prevented from collecting data and sending the information to Microsoft. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000206 - Windows Update must not obtain updates from other PCs on the internet. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000260 - Windows Server 2022 Windows Update must not obtain updates from other PCs on the internet. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
