| 3.084 - The system is configured to use an unauthorized time server. - 'NTPServer' | DISA Windows Vista STIG v6r41 | Windows | AUDIT AND ACCOUNTABILITY |
| AIOS-18-012400 - Apple iOS/iPadOS 18 must not allow unmanaged apps to read contacts from managed contacts accounts. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-016200 - Apple iOS/iPadOS 18 must disable the use of voice assistant (Show user-generated content in Siri) unless required to meet Section 508 compliance requirements. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-016300 - Apple iOS/iPadOS 18 must disable the use of voice assistant (Siri suggestions) unless required to meet Section 508 compliance requirements. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-016600 - Apple iOS/iPadOS 18 must disable AirPrint. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-016600 - Apple iOS/iPadOS 18 must disable AirPrint. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-016700 - Apple iOS/iPadOS 18 must disable AirPrint: Allow discovery of AirPrint printers using iBeacons. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-016700 - Apple iOS/iPadOS 18 must disable AirPrint: Allow discovery of AirPrint printers using iBeacons. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-016900 - Apple iOS/iPadOS 18 must enable AirPrint feature: Disallow AirPrint to destinations with untrusted certificates. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-017100 - Apple iOS/iPadOS 18 must disable Allowed Content Ratings (TV Shows). | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-017300 - Apple iOS/iPadOS 18 must disable the Apple Intelligence feature: Image Generation. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-017400 - Apple iOS/iPadOS 18 must disable the Apple Intelligence feature: generate new Genmoji. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| ARST-RT-000070 - The Arista Multicast Source Discovery Protocol (MSDP) router must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | ACCESS CONTROL |
| ARST-RT-000780 - The Arista router must be configured to advertise a hop limit of at least 32 in Router Advertisement messages for IPv6 stateless auto-configuration deployments. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | CONFIGURATION MANAGEMENT |
| CISC-RT-000236 - The Cisco router must be configured to advertise a hop limit of at least 32 in Router Advertisement messages for IPv6 stateless auto-configuration deployments. | DISA Cisco IOS XE Router RTR STIG v3r3 | Cisco | CONFIGURATION MANAGEMENT |
| ESXI-80-000210 - The ESXi host Secure Shell (SSH) daemon must set a timeout count on idle sessions. | DISA VMware vSphere 8.0 ESXi STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| FFOX-00-000015 - Firefox development tools must be disabled. | DISA STIG Mozilla Firefox Linux v6r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| FFOX-00-000015 - Firefox development tools must be disabled. | DISA STIG Mozilla Firefox MacOS v6r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GOOG-15-007700 - Google Android 15 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device. | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | ACCESS CONTROL |
| GOOG-15-010900 - Android 15 devices must be configured to disable the use of third-party keyboards. | AirWatch - DISA Google Android 15 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-011000 - Android 15 devices must be configured to enable Common Criteria (CC) Mode - CC Mode. | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-011000 - Android 15 devices must be configured to enable Common Criteria Mode (CC Mode) - CC Mode. | AirWatch - DISA Google Android 15 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-011000 - Android 15 devices must be configured to enable Common Criteria Mode (CC Mode) - CC Mode. | MobileIron - DISA Google Android 15 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-15-012400 - Google Android 15 must allow only the administrator (MDM) to perform the following management function: Disable Phone Hub - MDM to perform the following management function: Disable Phone Hub. | MobileIron - DISA Google Android 15 COBO v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| GOOG-15-012400 - Google Android 15 must allow only the administrator (MDM) to perform the following management function: Disable Phone Hub - MDM to perform the following management function: Disable Phone Hub. | AirWatch - DISA Google Android 15 COPE v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| HONW-13-007700 - Honeywell Android 13 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device. | MobileIron - DISA Honeywell Android 13 COBO v1r1 | MDM | ACCESS CONTROL |
| MSFT-11-005200 - The mobile operating system must allow only the Administrator (MDM) to perform the following management function: Enable/disable location services. | MobileIron - DISA Microsoft Android 11 COPE v1r2 | MDM | ACCESS CONTROL |
| OL08-00-010473 - OL 8 must enable the hardware random number generator entropy gatherer service. | DISA Oracle Linux 8 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-040026 - OL 8 must disable IEEE 1394 (FireWire) Support. | DISA Oracle Linux 8 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-040180 - OL 8 must disable the debug-shell systemd service. | DISA Oracle Linux 8 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000112 The Photon operating system must immediately notify the SA and ISSO when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030601 - RHEL 8 must enable auditing of processes that start prior to the audit daemon. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030602 - RHEL 8 must allocate an audit_backlog_limit of sufficient size to capture processes that start prior to the audit daemon. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030603 - RHEL 8 must enable Linux audit logging for the USBGuard daemon. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-030741 - RHEL 8 must disable the chrony daemon from acting as a server. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-030742 - RHEL 8 must disable network management of the chrony daemon. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040004 - RHEL 8 must enable mitigations against processor-based vulnerabilities. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040200 - A separate file system must be used for SUSE operating system user home directories (such as /home or an equivalent). | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SQL2-00-012600 - SQL Server itself, or the logging or alerting mechanism the application utilizes, must provide a warning when allocated audit record storage volume reaches an organization-defined percentage of maximum audit record storage capacity. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010510 - The Ubuntu operating system must restrict access to the kernel message buffer. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-22-213010 - Ubuntu 22.04 LTS must restrict access to the kernel message buffer. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-22-215015 - Ubuntu 22.04 LTS must have the "chrony" package installed. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-252020 - Ubuntu 22.04 LTS must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC). | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900920 - Ubuntu 24.04 LTS must allocate audit record storage capacity to store at least one week's worth of audit records, when audit records are not immediately sent to a central audit record storage facility. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900980 - Ubuntu 24.04 LTS must alert the system administrator (SA) and information system security officer (ISSO) (at a minimum) in the event of an audit processing failure. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| WN11-CC-000030 - The system must be configured to prevent Internet Control Message Protocol (ICMP) redirects from overriding Open Shortest Path First (OSPF) generated routes. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000197 - Microsoft consumer experiences must be turned off. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000390 - Windows 11 must be configured to prevent users from receiving suggestions for third-party or additional applications. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000085 - Caching of logon credentials must be limited. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000260 - Windows Server 2022 Windows Update must not obtain updates from other PCs on the internet. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
