| DTAM171 - (U) McAfee VirusScan must have the current security patches installed. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| ESXI-06-100047 - The VMM must employ a deny-all, permit-by-exception policy to allow the execution of authorized software programs and guest VMs by verifying Image Profile and VIP Acceptance Levels. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| GEN000000-AIX00080 - The SYSTEM attribute must not be set to NONE for any account. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| GEN000100 - The operating system must be a supported release. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN000560 - The system must not have accounts configured with blank or null passwords. | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN000560 - The system must not have accounts configured with blank or null passwords. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN001100 - Root passwords must never be passed over a network in clear text form - 'root has logged in over a network' | DISA STIG AIX 6.1 v1r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN001100 - Root passwords must never be passed over a network in clear text form - 'ssh is running' | DISA STIG AIX 6.1 v1r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - '.rhosts' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - '.shosts' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN002220 - All shell files must have mode 0755 or less permissive. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN002220 - All shell files must have mode 0755 or less permissive. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN003840 - The rexec daemon must not be running. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN003840 - The rexec daemon must not be running. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN004600 - The SMTP service must be an up-to-date version. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN004600 - The SMTP service must be an up-to-date version. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN004620 - The Sendmail server must have the debug feature disabled. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN004620 - The sendmail server must have the debug feature disabled. | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN004640 - The SMTP service must not have a uudecode alias active. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN005000 - Anonymous FTP accounts must not have a functional shell. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN005080 - The TFTP daemon must operate in secure mode which provides access only to a single directory on the host file system - secure mode which provides access only to a single directory on the host file system. | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN005080 - The TFTP daemon must operate in secure mode which provides access only to a single directory on the host file system. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN005080 - The TFTP daemon must operate in secure mode which provides access only to a single directory on the host file system. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN005140 - Any active TFTP daemon must be authorized and approved in the system accreditation package. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN005140 - Any active TFTP daemon must be authorized and approved in the system accreditation package. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN005140 - Any active TFTP daemon must be authorized and approved in the system accreditation package. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN005300 - SNMP communities, users, and passphrases must be changed from the default - /etc/sma/snmp/snmpd.conf | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN005300 - SNMP communities, users, and passphrases must be changed from the default - /etc/snmp/conf/snmpd.conf | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN005300 - SNMP communities, users, and passphrases must be changed from the default - /usr/sfw/lib/sma_snmp/snmpd.conf | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN005300 - SNMP communities, users, and passphrases must be changed from the default - /usr/sfw/lib/sma_snmp/snmpd.conf | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN005300 - SNMP communities, users, and passphrases must be changed from the default - /var/sma_snmp/snmpd.conf | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN005300 - SNMP communities, users, and passphrases must be changed from the default - /var/sma_snmp/snmpd.conf | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN008600 - The system must be configured to only boot from the system boot device. | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN008600 - The system must be configured to only boot from the system boot device. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN008640 - The system must not use removable media as the boot loader. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN008640 - The system must not use removable media as the boot loader. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN008640 - The system must not use removable media as the boot loader. | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN008660 - For systems capable of using GRUB, the system must be configured with GRUB as the default boot loader unless another boot loader has been authorized, justified, and documented using site-defined procedures. | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN008660 - For systems capable of using GRUB, the system must be configured with GRUB as the default boot loader unless another boot loader has been authorized, justified, and documented using site-defined procedures. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN008680 - If the system boots from removable media, it must be stored in a safe or similarly secured container. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN008700 - The system boot loader must require authentication - '/boot/grub/grub.conf' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN008700 - The system boot loader must require authentication - '/boot/grub/menu.lst' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN008700 - The system boot loader must require authentication. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| JUEX-NM-000330 - The Juniper EX switch must be configured to only store cryptographic representations of passwords. | DISA Juniper EX Series Network Device Management v2r2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| OL08-00-010371 - OL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. | DISA Oracle Linux 8 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010371 - RHEL 8 must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-010430 - The SUSE operating system tool zypper must have gpgcheck enabled. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| VMCH-06-000007 - The system must not use independent, non-persistent disks. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| WN22-CC-000430 - Windows Server 2022 must disable the Windows Installer Always install with elevated privileges option. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-SO-000300 - Windows Server 2022 must be configured to prevent the storage of the LAN Manager hash of passwords. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
