| 5.206 - Network - Windows Connect Now Wireless Configuration - DisableUPnPRegistrar | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.206 - Network - Windows Connect Now Wireless Configuration - DisableWPDRegistrar | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.219 - Order Prints Online | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.1 (L2) Ensure 'Turn off access to the Store' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 NG | Windows | CONFIGURATION MANAGEMENT |
| DG0005-ORACLE11 - Only necessary privileges to the host system should be granted to DBA OS accounts - 'DBA user group members' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DG0011-ORACLE11 - Configuration management procedures should be defined and implemented for database software modifications. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0013-ORACLE11 - Database backup procedures should be defined, documented and implemented. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0019-ORACLE11 - Application software should be owned by a Software Application account. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0025-ORACLE11 - DBMS cryptography must be NIST FIPS 140-2 validated. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0053-ORACLE11 - A single database connection configuration file should not be used to configure all database clients. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0064-ORACLE11 - DBMS backup and restoration files should be protected from unauthorized access. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0093-ORACLE11 - Remote adminstrative connections to the database should be encrypted - 'Remote admin connections are encrypted' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DG0099-ORACLE11 - Access to external DBMS executables should be disabled or restricted - '$ORACLE_HOME/bin/extproc does not exist' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0101-ORACLE11 - OS accounts used to execute external procedures should be assigned minimum privileges. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0103-ORACLE11 - Network access to the DBMS must be restricted to authorized personnel - '$ORACLE_HOME/network/admin/sqlnet.ora tcp.invited_nodes is configured' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DG0140-ORACLE11 - Access to DBMS security data should be audited. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0157-ORACLE11 - Remote DBMS administration should be documented and authorized or disabled. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0159-ORACLE11 - Remote administrative access to the database should be monitored by the IAO or IAM. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0171-ORACLE11 - The DBMS should not have a connection defined to access or be accessed by a DBMS at a different classification level. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0191-ORACLE11 - Credentials used to access remote databases should be protected by encryption and restricted to authorized users - 'Oracle Wallet file permissions are correct' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DO0286-ORACLE11 - The Oracle INBOUND_CONNECT_TIMEOUT and SQLNET.INBOUND_CONNECT_TIMEOUT parameters should be set to a value greater than 0 - '$ORACLE_HOME/network/admin/listener.ora INBOUND_CONNECT_TIMEOUT_{listener} = 0' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DO3630-ORACLE11 - The Oracle Listener should be configured to require administration authentication - 'No listeners are running' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| DO6753-ORACLE11 - Oracle Application Express or Oracle HTML DB should not be installed on a production database. | DISA STIG Oracle 11 Installation v9r1 Database | OracleDB | CONFIGURATION MANAGEMENT |
| FireEye - A scheduled system backup job is configured | TNS FireEye | FireEye | CONTINGENCY PLANNING |
| FireEye - AAA failed logins are tracked | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - AAA lockouts are enabled | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - AAA lockouts occur after at most 5 failures | TNS FireEye | FireEye | |
| FireEye - AAA tries local authentication first | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| FireEye - AAA user mapping default | TNS FireEye | FireEye | CONFIGURATION MANAGEMENT |
| FireEye - Boot image must be signed | TNS FireEye | FireEye | SYSTEM AND INFORMATION INTEGRITY |
| FireEye - Boot manager password is set | TNS FireEye | FireEye | SYSTEM AND INFORMATION INTEGRITY |
| FireEye - Configuration auditing logs the required number of changes | TNS FireEye | FireEye | CONFIGURATION MANAGEMENT |
| FireEye - Custom SNORT rules are enabled | TNS FireEye | FireEye | SYSTEM AND INFORMATION INTEGRITY |
| FireEye - FENet security content updates are applied automatically | TNS FireEye | FireEye | |
| FireEye - IPMI should be connected to a restricted management network | TNS FireEye | FireEye | |
| FireEye - LDAP encryption certificates are verified | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| FireEye - NTP is enabled | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - Reports are run on a schedule | TNS FireEye | FireEye | AUDIT AND ACCOUNTABILITY |
| FireEye - SNMP trap hosts that use community override use a secure community string | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| FireEye - SNMP traps use a secure community string | TNS FireEye | FireEye | IDENTIFICATION AND AUTHENTICATION |
| FireEye - SNMP v3 users have passwords | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - SNMP v3 uses AES instead of DES | TNS FireEye | FireEye | ACCESS CONTROL |
| FireEye - The appliance uses a trusted DNS server | TNS FireEye | FireEye | SYSTEM AND COMMUNICATIONS PROTECTION |
| FireEye - User connections are limited by subnet or VLAN | TNS FireEye | FireEye | SYSTEM AND COMMUNICATIONS PROTECTION |
| Windows Defender Firewall: Prohibit notifications | MSCT Windows 10 1909 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Windows Defender Firewall: Prohibit notifications | MSCT Windows 10 v20H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Windows Defender Firewall: Prohibit notifications | MSCT Windows 10 1803 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Windows Defender Firewall: Prohibit notifications | MSCT Windows 10 v21H1 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Windows Defender Firewall: Prohibit notifications | MSCT Windows 11 v23H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Windows Defender Firewall: Prohibit notifications | MSCT Windows 11 v22H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
