| 2.1.1.4 Ensure ntp is configured - restrict -6 | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.1.2 Ensure ntp is configured - restrict -6 | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.1.2 Ensure ntp is configured - restrict -6 | CIS Debian 8 Workstation L1 v2.0.2 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.1.2 Ensure ntp is configured - restrict -6 | CIS Debian 9 Server L1 v1.0.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.1.2 Ensure ntp is configured - restrict -6 | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.1.2 Ensure ntp is configured - restrict -6 | CIS Amazon Linux v2.1.0 L1 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.1.3 Ensure ntp is configured - restrict -6 | CIS CentOS 6 Server L1 v3.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.1.3 Ensure ntp is configured - restrict -6 | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.1.3 Ensure ntp is configured - restrict -6 | CIS Oracle Linux 6 Server L1 v2.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 2.2.1.4 Ensure ntp is configured - restrict -6 | CIS Ubuntu Linux 18.04 LXD Host L1 Server v1.0.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 4.4.2.2.3 Ensure password length is configured | CIS CentOS Linux 7 v4.0.0 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
| 4.4.2.2.3 Ensure password length is configured | CIS Red Hat Enterprise Linux 7 v4.0.0 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
| 4.4.3.2.2 Ensure password length is configured | CIS Oracle Linux 8 Server L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 4.4.3.2.2 Ensure password length is configured | CIS AlmaLinux OS 8 Server L1 v3.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.2.2.3 Ensure password length is configured | CIS SUSE Linux Enterprise 15 v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.2.2.3 Ensure password length is configured | CIS SUSE Linux Enterprise 15 v2.0.0 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3.2.2 Ensure password length is configured | CIS AlmaLinux OS 9 v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3.2.2 Ensure password length is configured | CIS Oracle Linux 9 v2.0.0 L1 Server | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.3.2.2 Ensure password length is configured | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.2 Specify file handler in logging.properties (check if java.util.logging.ConsoleHandler exists inin default) | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if java.util.logging.ConsoleHandler logging is enabled in default) | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if java.util.logging.ConsoleHandler logging is enabled in default) | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if java.util.logging.ConsoleHandler logging is enabled in web application) | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if java.util.logging.ConsoleHandler logging is enabled in web application) | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler exists in default) | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler exists in default) | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler exists in web application) | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler logging is enabled in default) | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler logging is enabled in web application) | CIS Apache Tomcat 7 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties (check if org.apache.juli.FileHandler logging is enabled in web application) | CIS Apache Tomcat 7 L1 v1.1.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| DTBI091-IE11 - Java permissions must be configured with High Safety (Trusted Sites zone). | DISA STIG IE 11 v2r5 | Windows | CONFIGURATION MANAGEMENT |
| DTOO111 - The Internet Explorer Bind to Object functionality must be enabled. | DISA STIG Microsoft Groove 2013 v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO117 - The Saved from URL mark must be selected to enforce Internet zone processing. | DISA STIG Microsoft OneNote 2013 v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO126 - Add-on Management functionality must be allowed. | DISA STIG Microsoft Groove 2013 v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO132 - File downloads must be configured for proper restrictions. | DISA STIG Microsoft Groove 2013 v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - Protection from zone elevation must be enforced. | DISA STIG Microsoft OneNote 2013 v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| FGFW-ND-000010 - The FortiGate device must automatically audit account modification | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | ACCESS CONTROL |
| FGFW-ND-000045 - The FortiGate device must enforce the limit of three consecutive invalid logon attempts, after which time it must lock out the user account from accessing the device for 15 minutes | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | ACCESS CONTROL |
| FGFW-ND-000050 - The FortiGate device must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the device. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | ACCESS CONTROL |
| FGFW-ND-000090 - The FortiGate device must generate audit records when concurrent logons from different workstations occur | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000100 - The FortiGate device must generate audit records containing the full-text recording of privileged commands. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000160 - The FortiGate device must enforce access restrictions associated with changes to the system components. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT |
| FGFW-ND-000185 - The FortiGate device must support organizational requirements to conduct backups of information system documentation, including security-related documentation, when changes occur or weekly, whichever is sooner. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING |
| FGFW-ND-000190 - FortiGate devices performing maintenance functions must restrict use of these functions to authorized personnel only. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT, MAINTENANCE |
| FGFW-ND-000195 - The FortiGate device must use DoD-approved Certificate Authorities (CAs) for public key certificates. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| FGFW-ND-000210 - The FortiGate device must authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000215 - The FortiGate device must authenticate Network Time Protocol (NTP) sources using authentication that is cryptographically based. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000240 - The FortiGate device must enforce password complexity by requiring that at least one special character be used. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000250 - The FortiGate device must not have any default manufacturer passwords when deployed. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000290 - The FortiGate device must protect against known types of denial-of-service (DoS) attacks by employing organization-defined security safeguards. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
