| 2.0 Install & Config - 'Disable FTP' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable NDMP' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable RSH' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable SNMPv1' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Disable TFTP' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.0 Install & Config - 'Enable FilerView HTTPS' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.1 Enable Secure Admin Access - 'autologout.telnet.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.1 Enable Secure Admin Access - 'ssh.idle.timeout <= 60' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.1 Enable Secure Admin Access - 'ssh.port = 22' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.2 Disable/Modify Default Accts - 'security.passwd.rootaccess.enable = off' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 2.4 Password Security - 'maximum password age <= 90' | TNS NetApp Data ONTAP 7G | NetApp | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Password Security - 'security.passwd.firstlogin.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | IDENTIFICATION AND AUTHENTICATION |
| 2.4 Password Security - 'security.passwd.rules.maximum >= 14' | TNS NetApp Data ONTAP 7G | NetApp | IDENTIFICATION AND AUTHENTICATION |
| 2.7 Network & IP Options - 'ip.fastpath.enable = off' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.7 Network & IP Options - 'ip.icmp_ignore_redirect.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 2.8 Protocol Access Controls - 'httpd.access has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8 Protocol Access Controls - 'interface.blocked.snapmirror has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.8 Protocol Access Controls - 'snmp.access has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2 Data ONTAP (Software) Mgmt - 'Set SSH login banner' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 4.3.1 Restrict Access to SYSIBM.SYSAUDITPOLICIES | CIS IBM DB2 11 v1.2.0 Database Level 1 | IBM_DB2DB | ACCESS CONTROL, MEDIA PROTECTION |
| 5.1 MultiStore - 'MultiStore protocol is disabled' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 5.2 SnapMirror - 'replication.throttle.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2 SnapMirror - 'snapmirror.allow file should be reviewed' | TNS NetApp Data ONTAP 7G | NetApp | |
| 5.3 SnapVault - 'SnapVault protocol is disabled' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 5.4 CIFS - 'cifs.audit.autosave.ontime.interval has been configured' | TNS NetApp Data ONTAP 7G | NetApp | AUDIT AND ACCOUNTABILITY |
| 5.4 CIFS - 'cifs.LMCompatibilityLevel <= 3' | TNS NetApp Data ONTAP 7G | NetApp | ACCESS CONTROL |
| 5.4 CIFS - 'cifs.smb2.signing.required = on' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.4 CIFS - 'dns.update.enable = on or secure' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.4 CIFS - 'ldap.security.level = 1 or 2' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.4 CIFS - 'ldap.ssl.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.4 CIFS - 'timed.servers has been configured' | TNS NetApp Data ONTAP 7G | NetApp | AUDIT AND ACCOUNTABILITY |
| 5.5 NFS - 'nfs.kerberos.file_keytab.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.5 NFS - 'nfs.v4.write_delegation = on' | TNS NetApp Data ONTAP 7G | NetApp | CONFIGURATION MANAGEMENT |
| 6.1 Restrict Access to SYSCAT.AUDITPOLICIES | CIS IBM DB2 9 Benchmark v3.0.1 Level 1 DB | IBM_DB2DB | ACCESS CONTROL |
| 6.1 Restrict Access to SYSCAT.AUDITPOLICIES | CIS IBM DB2 9 Benchmark v3.0.1 Level 2 DB | IBM_DB2DB | ACCESS CONTROL |
| AIOS-18-017700 - DOD Apple iOS/iPadOS 18 devices must have a Mobile Threat Detection (MTD) app installed. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIX7-00-002144 - The AIX /etc/syslog.conf file must be owned by root. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-002145 - The AIX /etc/syslog.conf file must be group-owned by system. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-045340 - AlmaLinux OS 9 must have the Advanced Intrusion Detection Environment (AIDE) package installed. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| DG0095-ORACLE11 - Audit trail data should be reviewed daily or more frequently. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| JUSX-AG-000146 - The Juniper SRX Services Gateway Firewall must generate an alert to, at a minimum, the ISSO and ISSM when unusual/unauthorized activities or conditions are detected during continuous monitoring of communications traffic as it traverses inbound or outbound across internal security boundaries. | DISA Juniper SRX Services Gateway ALG v3r3 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| SLES-12-010510 - The SUSE operating system must notify the System Administrator (SA) when AIDE discovers anomalies in the operation of any security functions. | DISA SLES 12 STIG v3r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 104' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 108' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 117' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 129' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 134' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 152' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-013400 - SQL Server must audit attempts to bypass access controls - 'Event ID 175' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| WN22-00-000120 - Windows Server 2022 must have a host-based intrusion detection or prevention system. | DISA Microsoft Windows Server 2022 STIG v2r5 | Windows | CONFIGURATION MANAGEMENT |
