| ARST-L2-000130 - The Arista MLS layer 2 switch must have IGMP or MLD Snooping configured on all VLANs. | DISA STIG Arista MLS EOS 4.x L2S v2r2 | Arista | CONFIGURATION MANAGEMENT |
| ARST-L2-000140 - The Arista MLS layer 2 Arista MLS switch must implement Rapid STP where VLANs span multiple switches with redundant links. | DISA STIG Arista MLS EOS 4.x L2S v2r2 | Arista | CONFIGURATION MANAGEMENT |
| ARST-ND-000860 - The Arista network device must be running an operating system release that is currently supported by the vendor. | DISA STIG Arista MLS EOS 4.x NDM v2r2 | Arista | CONFIGURATION MANAGEMENT |
| ARST-RT-000710 - The MPLS router must be configured to synchronize IGP and LDP to minimize packet loss when an IGP adjacency is established prior to LDP peers completing label exchange. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | CONFIGURATION MANAGEMENT |
| CISC-RT-000235 - The Cisco switch must be configured to have Cisco Express Forwarding enabled. | DISA Cisco IOS XE Switch RTR STIG v3r2 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-RT-000391 - The Cisco perimeter switch must be configured to suppress Router Advertisements on all external IPv6-enabled interfaces. | DISA Cisco IOS XE Switch RTR STIG v3r2 | Cisco | CONFIGURATION MANAGEMENT |
| HONW-09-000200 - The Honeywell Mobility Edge Android Pie device must be configured to not allow passwords that include more than two repeating or sequential characters - Minimum complex characters | MobileIron - DISA Honeywell Android 9.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| HONW-09-000200 - The Honeywell Mobility Edge Android Pie device must be configured to not allow passwords that include more than two repeating or sequential characters - Numbers | AirWatch - DISA Honeywell Android 9.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| HONW-09-000200 - The Honeywell Mobility Edge Android Pie device must be configured to not allow passwords that include more than two repeating or sequential characters - Type | MobileIron - DISA Honeywell Android 9.x COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| HONW-09-000200 - The Honeywell Mobility Edge Android Pie device must be configured to not allow passwords that include more than two repeating or sequential characters - Type | MobileIron - DISA Honeywell Android 9.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| HONW-09-001600 - The Honeywell Mobility Edge Android Pie device must be configured to not display the following (work profile) notifications when the device is locked: | AirWatch - DISA Honeywell Android 9.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| HONW-09-009800 - Honeywell Mobility Edge Android Pie devices work profile must be configured to disable automatic completion of workspace internet browser text input. | MobileIron - DISA Honeywell Android 9.x COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| HONW-09-010000 - Honeywell Mobility Edge Android Pie devices Work Profile must be configured to disable the autofill services. | AirWatch - DISA Honeywell Android 9.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-006500 - Honeywell Android 13 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DOD-approved commercial app repository, MDM server, mobile application store]. | AirWatch - DISA Honeywell Android 13 COBO v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-006500 - Honeywell Android 13 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DOD-approved commercial app repository, MDM server, mobile application store]. | MobileIron - DISA Honeywell Android 13 COBO v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-009800 - Honeywell Android 13 users must complete required training. | MobileIron - DISA Honeywell Android 13 COBO v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-009800 - Honeywell Android 13 users must complete required training. | AirWatch - DISA Honeywell Android 13 COPE v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-009900 - Honeywell Android 13 must be configured to enforce that Wi-Fi Sharing is disabled. | AirWatch - DISA Honeywell Android 13 COBO v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-010000 - Honeywell Android 13 must have the DOD root and intermediate PKI certificates installed. | MobileIron - DISA Honeywell Android 13 COPE v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-010000 - Honeywell Android 13 must have the DOD root and intermediate PKI certificates installed. | MobileIron - DISA Honeywell Android 13 COBO v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-010000 - Honeywell Android 13 must have the DOD root and intermediate PKI certificates installed. | AirWatch - DISA Honeywell Android 13 COPE v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-010300 - Honeywell Android 13 must be provisioned as a fully managed device and configured to create a work profile. | AirWatch - DISA Honeywell Android 13 COPE v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-010500 - The Honeywell Android 13 work profile must be configured to disable the autofill services. | MobileIron - DISA Honeywell Android 13 COPE v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-010800 - Android 13 devices must have the latest available Honeywell Android 13 operating system installed. | AirWatch - DISA Honeywell Android 13 COPE v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-011000 - Android 13 devices must be configured to enable Common Criteria (CC) mode. | MobileIron - DISA Honeywell Android 13 COBO v1r1 | MDM | CONFIGURATION MANAGEMENT |
| JRE8-UX-000020 - Oracle JRE 8 deployment.config file must contain proper keys and values - deployment.system.config.mandatory | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | CONFIGURATION MANAGEMENT |
| OL07-00-021031 - The Oracle Linux operating system must be configured so that all world-writable directories are owned by root, sys, bin, or an application user. | DISA Oracle Linux 7 STIG v3r3 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-010109 - The SUSE operating system must specify the default 'include' directory for the /etc/sudoers file - include directory for the /etc/sudoers file. | DISA SLES 12 STIG v3r3 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-010111 - The SUSE operating system must restrict privilege elevation to authorized personnel. | DISA SLES 12 STIG v3r3 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-010631 - The SUSE operating system must not have unnecessary account capabilities. | DISA SLES 12 STIG v3r3 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-030364 - The SUSE operating system must not be performing Internet Protocol version 6 (IPv6) packet forwarding unless the system is a router. | DISA SLES 12 STIG v3r3 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-20-010075 - The Ubuntu operating system must enforce a delay of at least 4 seconds between logon prompts following a failed logon attempt. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-300017 - Ubuntu 24.04 LTS must enforce a delay of at least four seconds between logon prompts following a failed logon attempt. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-300025 - Ubuntu 24.04 LTS must disable the x86 Ctrl-Alt-Delete key sequence if a graphical user interface is installed. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-300029 - Ubuntu 24.04 LTS must generate audit records for all events that affect the systemd journal files. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| WN11-00-000025 - Windows 11 must employ automated mechanisms to determine the state of system components with regard to flaw remediation using the following frequency: Continuously, where ESS is used; 30 days, for any additional internal network scans not covered by ESS; and annually, for external scans by Computer Network Defense Service Provider (CNDSP). | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000140 - Inbound exceptions to the firewall on Windows 11 domain workstations must only allow authorized remote management hosts. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000240 - Administrative accounts must not be used with applications that access the internet, such as web browsers, or with potential internet sources, such as email. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000020 - IPv6 source routing must be configured to highest protection. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000050 - Hardened UNC Paths must be defined to require mutual authentication and integrity for at least the \\*\SYSVOL and \\*\NETLOGON shares. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000080 - Virtualization-based protection of code integrity must be enabled. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000090 - Group Policy objects must be reprocessed even if they have not changed. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000260 - Windows 11 must be configured to require a minimum pin length of six characters or greater. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000025 - The built-in guest account must be renamed. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000055 - The maximum age for machine account passwords must be configured to 30 days or less. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000140 - Anonymous SID/Name translation must not be allowed. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000205 - The LanMan authentication level must be set to send NTLMv2 response only, and to refuse LM and NTLM. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000210 - The system must be configured to the required LDAP client signing level. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000220 - The system must be configured to meet the minimum session security requirement for NTLM SSP based servers. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000240 - The default permissions of global system objects must be increased. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
