| 4.8 Ensure Handler is not granted Write and Script/Execute | CIS IIS 8.0 v1.5.1 Level 1 | Windows | ACCESS CONTROL |
| 5.9 (L1) Ensure 'Microsoft FTP Service (FTPSVC)' is set to 'Disabled' or 'Not Installed' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | CONFIGURATION MANAGEMENT |
| 5.9 Ensure 'Microsoft FTP Service (FTPSVC)' is set to 'Disabled' or 'Not Installed' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 5.9 Ensure 'Microsoft FTP Service (FTPSVC)' is set to 'Disabled' or 'Not Installed' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 12.3 Ensure Apache AppArmor Profile is in Enforce Mode | CIS Apache HTTP Server 2.4 v2.2.0 L2 | Unix | CONFIGURATION MANAGEMENT |
| 12.3 Ensure the Apache AppArmor Profile Is in Enforce Mode | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | CONFIGURATION MANAGEMENT |
| 12.3 Ensure the Apache AppArmor Profile Is in Enforce Mode | CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| Adtran : Ensure DHCP is Disabled unless needed | TNS Adtran AOS Best Practice Audit | Adtran | CONFIGURATION MANAGEMENT |
| AS24-U1-000670 - The Apache web server must restrict inbound connections from nonsecure zones. | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | ACCESS CONTROL |
| AS24-U2-000680 - The Apache web server must restrict inbound connections from nonsecure zones. | DISA STIG Apache Server 2.4 Unix Site v2r6 | Unix | ACCESS CONTROL |
| AS24-U2-000680 - The Apache web server must restrict inbound connections from nonsecure zones. | DISA STIG Apache Server 2.4 Unix Site v2r6 Middleware | Unix | ACCESS CONTROL |
| AS24-U2-000780 - The Apache web server application, libraries, and configuration files must only be accessible to privileged users. | DISA STIG Apache Server 2.4 Unix Site v2r6 | Unix | CONFIGURATION MANAGEMENT |
| AS24-W1-000670 - The Apache web server must restrict inbound connections from nonsecure zones. | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | ACCESS CONTROL |
| AS24-W1-000820 - The Apache web server must be protected from being stopped by a non-privileged user. | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-W2-000670 - The Apache web server must restrict inbound connections from nonsecure zones. | DISA STIG Apache Server 2.4 Windows Site v2r2 | Windows | ACCESS CONTROL |
| DTBI015 - The IE warning about certificate address mismatch must be enforced. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - WebSiteSSLEnabled | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | ACCESS CONTROL |
| JUEX-NM-000490 - The Juniper EX switch must use an an NTP service that is hosted by a trusted source or a DOD-compliant enterprise or local NTP server. | DISA Juniper EX Series Network Device Management v2r2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000040 - OHS must have the client requests logging module loaded to generate log records for system startup and shutdown, system access, and system authentication logging. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| OH12-1X-000045 - OHS must have a log format defined to generate adequate logs by system startup and shutdown, system access, and system authentication events. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| OH12-1X-000116 - OHS must have the LoadModule cgid_module directive disabled for mpm workers - cgid_module | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000116 - OHS must have the LoadModule cgid_module directive disabled for mpm workers - mpm_worker_module | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000118 - OHS must have the LoadModule mpm_winnt_module directive disabled - mpm_winnt_module | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000122 - OHS must have directives pertaining to certain scripting languages removed from virtual hosts. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000123 - OHS must have the LoadModule asis_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000124 - OHS must have the LoadModule imagemap_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000130 - OHS must have the LoadModule auth_basic_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000136 - OHS must have the LoadModule proxy_ftp_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000139 - OHS must have the LoadModule cern_meta_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000140 - OHS must have the LoadModule expires_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000143 - OHS must have the LoadModule setenvif_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000145 - OHS must have the LoadModule dumpio_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000147 - OHS must have the Alias /icons/ directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000308 - OHS must have the LoadModule ossl_module directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000311 - OHS must have the SSLCipherSuite directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000312 - If using the WebLogic Web Server Proxy Plugin and configuring end-to-end SSL, OHS must have the SecureProxy directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000314 - If using the WebLogic Web Server Proxy Plugin and configuring end-to-end SSL, OHS must have the WebLogicSSLVersion directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SonicWALL - AAA - LDAP server is trusted | TNS SonicWALL v5.9 | SonicWALL | CONFIGURATION MANAGEMENT |
| SonicWALL - AAA - RADIUS server is trusted | TNS SonicWALL v5.9 | SonicWALL | CONFIGURATION MANAGEMENT |
| VCLD-70-000017 - VAMI must protect the keystore from unauthorized access - MIME that invoke OS shell programs disabled. | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WA000-WI120 IIS6 - The Content Location header must not contain proprietary IP addresses. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WWA052 A22 - The '-FollowSymLinks' setting must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG080 IIS6 - A compiler must not be installed on a production web server. - 'Lcc-win32.exe search' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG080 IIS6 - A compiler must not be installed on a production web server. - 'msc.exe search' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG080 IIS6 - A compiler must not be installed on a production web server. - 'Python.exe search' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG195 IIS6 - Anonymous access accounts must be restricted. | DISA STIG IIS 6.0 Server v6r16 | Windows | ACCESS CONTROL |
| WG290 A22 - Web client access to the content directories must be restricted to read and execute - script alias | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | |
| WG290 A22 - Web client access to the content directories must be restricted to read and execute - script alias | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG290 A22 - Web client access to the content directories must be restricted to read and execute - script alias match | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG520 A22 - Web server and/or operating system information must be protected. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
