| 1.1 Ensure packages are obtained from authorized repositories | CIS PostgreSQL 11 OS v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.2.2 Ensure the latest software package is installed | CIS NGINX Benchmark v2.1.0 L1 Proxy | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.2 Ensure the latest software package is installed | CIS NGINX Benchmark v2.1.0 L1 Loadbalancer | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.2 Ensure the latest software package is installed | CIS NGINX Benchmark v2.1.0 L1 Webserver | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.3 Ensure Installation of Community Packages | CIS PostgreSQL 11 OS v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.19 Set 'Require client MAPI encryption' to 'True' | CIS Microsoft Exchange Server 2016 CAS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.19 Set 'Require client MAPI encryption' to 'True' | CIS Microsoft Exchange Server 2013 CAS v1.1.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.3 Remove X Windows - /etc/inittab- id:3:initdefault: | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 3.3 Remove X Windows - X Window System | CIS Red Hat Enterprise Linux 5 L1 v2.2.1 | Unix | CONFIGURATION MANAGEMENT |
| 4 - Send logs to a remote server | TNS Best Practice JBoss 7 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 7 - File system permissions of log files | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| Adtran : Disable WEP security mode | TNS Adtran AOS Best Practice Audit | Adtran | ACCESS CONTROL |
| Adtran : Enable security mode on virtual access point (VAP) | TNS Adtran AOS Best Practice Audit | Adtran | ACCESS CONTROL |
| AMLS-L2-000130 - The Arista Multilayer Switch must authenticate all endpoint devices before establishing a network connection using bidirectional authentication that is cryptographically based - aaa authentication dot1x default group | DISA STIG Arista MLS DCS-7000 Series L2S v1r3 | Arista | IDENTIFICATION AND AUTHENTICATION |
| AMLS-L2-000130 - The Arista Multilayer Switch must authenticate all endpoint devices before establishing a network connection using bidirectional authentication that is cryptographically based - dot1x system-auth-control | DISA STIG Arista MLS DCS-7000 Series L2S v1r3 | Arista | IDENTIFICATION AND AUTHENTICATION |
| AMLS-L2-000140 - The Arista Multilayer Switch must re-authenticate all endpoint devices every 60 minutes or less - dot1x reauthentication | DISA STIG Arista MLS DCS-7000 Series L2S v1r3 | Arista | IDENTIFICATION AND AUTHENTICATION |
| AMLS-L2-000140 - The Arista Multilayer Switch must re-authenticate all endpoint devices every 60 minutes or less - dot1x timeout reauth-period 3600 | DISA STIG Arista MLS DCS-7000 Series L2S v1r3 | Arista | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Must authenticate peripherals before establishing a connection | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Must authenticate peripherals before establishing a connection | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Must authenticate peripherals before establishing a connection | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Must authenticate peripherals before establishing a connection | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | IDENTIFICATION AND AUTHENTICATION |
| Catalina - Must authenticate peripherals before establishing a connection | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| DISA_STIG_JBoss_EAP_6.3_v2r5.audit from DISA JBoss Enterprise Application Platform 6.3 v2r5 STIG | DISA JBoss EAP 6.3 STIG v2r5 | Unix | |
| GEN004600 - The SMTP service must be an up-to-date version - 'postfix' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN004600 - The SMTP service must be an up-to-date version - 'sendmail' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN004620 - The Sendmail server must have the debug feature disabled. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| JBOS-AS-000110 - JBoss must be configured to produce log records containing information to establish what type of events occurred. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000120 - JBoss must be configured to produce log records that establish which hosted application triggered the events. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000125 - JBoss must be configured to record the IP address and port information used by management interface network traffic. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000235 - JBoss QuickStarts must be removed - JBoss QuickStarts must be removed. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| JBOS-AS-000265 - The JBoss Server must be configured to use certificates to authenticate admins. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000275 - The JBoss server must be configured to use individual accounts and not generic or shared accounts. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000305 - LDAP enabled security realm value allow-empty-passwords must be set to false. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000310 - JBoss must utilize encryption when using LDAP for authentication. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000320 - The JBoss server must be configured to restrict access to the web servers private key to authenticated system administrators. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000470 - Network access to HTTP management must be disabled on domain-enabled application servers not designated as the domain controller. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | ACCESS CONTROL |
| JBOS-AS-000545 - Production JBoss servers must not allow automatic application deployment. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| JBOS-AS-000640 - The JBoss server, when hosting mission critical applications, must be in a high-availability (HA) cluster. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JBOS-AS-000680 - Production JBoss servers must be supported by the vendor. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| JBOS-AS-000685 - The JRE installed on the JBoss server must be kept up to date. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| JBOS-AS-000690 - JBoss must be configured to generate log records when successful/unsuccessful attempts to modify privileges occur. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000700 - JBoss must be configured to generate log records when successful/unsuccessful logon attempts occur. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000705 - JBoss must be configured to generate log records for privileged activities. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000710 - JBoss must be configured to generate log records that show starting and ending times for access to the application server management interface. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000720 - JBoss must be configured to generate log records for all account creations, modifications, disabling, and termination events. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| Monterey - Must authenticate peripherals before establishing a connection | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | IDENTIFICATION AND AUTHENTICATION |
| Monterey - Must authenticate peripherals before establishing a connection | NIST macOS Monterey v1.0.0 - All Profiles | Unix | IDENTIFICATION AND AUTHENTICATION |
| TNS_Best_Practice_RedHat_JBoss_v7_Linux.audit from TNS Best Practice JBoss 7 Linux | TNS Best Practice JBoss 7 Linux | Unix | |
| WN12-00-000220 - Windows PowerShell 2.0 must not be installed on Windows 2012/2012 R2. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000220 - Windows PowerShell 2.0 must not be installed on Windows 2012/2012 R2. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
