| 1.8.4 Ensure the graphical user Ctrl-Alt-Delete key sequence is disabled | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.8.14 Ensure unrestricted logon is not allowed | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.32 UBTU-24-102000 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT I | Unix | ACCESS CONTROL |
| 1.58 UBTU-22-255025 | CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT I | Unix | CONFIGURATION MANAGEMENT |
| 1.70 UBTU-24-300027 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT I | Unix | CONFIGURATION MANAGEMENT |
| 1.71 UBTU-24-300028 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT I | Unix | CONFIGURATION MANAGEMENT |
| 1.74 UBTU-24-300031 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT I | Unix | CONFIGURATION MANAGEMENT |
| 1.101 UBTU-24-600030 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT I | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.8 Ensure FTP Server is not installed | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-037310 - AlmaLinux OS 9 must be configured so that libuser is configured to store only encrypted representations of passwords. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-037420 - AlmaLinux OS 9 must be configured so that the system's shadow file is configured to store only encrypted representations of passwords. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-12-002031 - The macOS system must be configured to disable the system preference pane for Apple ID. | DISA STIG Apple macOS 12 v1r9 | Unix | CONFIGURATION MANAGEMENT |
| CD12-00-000800 - If passwords are used for authentication, PostgreSQL must transmit only encrypted representations of passwords. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| EPAS-00-004250 - If DBMS authentication, using passwords, is employed, EDB Postgres Advanced Server must enforce the DOD standards for password complexity and lifetime. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000245 - The FortiGate device must use LDAPS for the LDAP connection. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| GEN000100 - The operating system must be a supported release. | DISA STIG AIX 6.1 v1r14 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN000100 - The operating system must be a supported release. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN001640 - Run control scripts must not execute world-writable programs or scripts. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - '.shosts' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - 'shosts.equiv' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN002220 - All shell files must have mode 0755 or less permissive. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN004220 - Administrative accounts must not run a web browser, except as needed for local service administration. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN004600 - The SMTP service must be an up-to-date version - 'sendmail' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN004640 - The SMTP service must not have a uudecode alias active - '/usr/lib/aliases uudecode alias does not exist' | DISA STIG AIX 6.1 v1r14 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN004640 - The SMTP service must not have a uudecode alias active - '/usr/lib/aliases' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN005140 - Any active TFTP daemon must be authorized and approved in the system accreditation package. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005200 - X displays must not be exported to the world. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005300 - SNMP communities, users, and passphrases must be changed from the default. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN008600 - The system must be configured to only boot from the system boot device. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN008640 - The system must not use removable media as the boot loader - 'normal' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN008640 - The system must not use removable media as the boot loader. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN008680 - If the system boots from removable media, it must be stored in a safe or similarly secured container. | DISA STIG AIX 6.1 v1r14 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MADB-10-003900 - If passwords are used for authentication, MariaDB must transmit only encrypted representations of passwords. | DISA MariaDB Enterprise 10.x v2r4 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| MD4X-00-002950 - If passwords are used for authentication, MongoDB must implement LDAP or Kerberos for authentication to enforce the DoD standards for password complexity and lifetime. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| MD4X-00-003000 - If passwords are used for authentication, MongoDB must store only hashed, salted representations of passwords. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| MD8X-00-003600 - MongoDB must, for password-based authentication, store passwords using an approved salted key derivation function, preferably using a keyed hash. | DISA MongoDB Enterprise Advanced 8.x STIG v1r1 MongoDB | MongoDB | IDENTIFICATION AND AUTHENTICATION |
| MYS8-00-004800 - The MySQL Database Server 8.0 must enforce authorized access to all PKI private keys stored/utilized by the MySQL Database Server 8.0. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| MYS8-00-004800 - The MySQL Database Server 8.0 must enforce authorized access to all PKI private keys stored/utilized by the MySQL Database Server 8.0. | DISA Oracle MySQL 8.0 v2r2 OS Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| MYS8-00-005200 - If passwords are used for authentication, the MySQL Database Server 8.0 must transmit only encrypted representations of passwords. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| O19C-00-014800 - Oracle Database must, for password-based authentication, store passwords using an approved salted key derivation function, preferably using a keyed hash. | DISA Oracle Database 19c STIG v1r5 OracleDB | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O19C-00-014800 - Oracle Database must, for password-based authentication, store passwords using an approved salted key derivation function, preferably using a keyed hash. | DISA Oracle Database 19c STIG v1r3 OracleDB | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O19C-00-015200 - Oracle Database, when using public key infrastructure (PKI)-based authentication, must enforce authorized access to the corresponding private key. | DISA Oracle Database 19c STIG v1r3 Unix | Unix | IDENTIFICATION AND AUTHENTICATION |
| O19C-00-015200 - Oracle Database, when using public key infrastructure (PKI)-based authentication, must enforce authorized access to the corresponding private key. | DISA Oracle Database 19c STIG v1r5 Windows | Windows | IDENTIFICATION AND AUTHENTICATION |
| O19C-00-015200 - Oracle Database, when using public key infrastructure (PKI)-based authentication, must enforce authorized access to the corresponding private key. | DISA Oracle Database 19c STIG v1r3 Windows | Windows | IDENTIFICATION AND AUTHENTICATION |
| UBTU-20-010006 - The Ubuntu operating system must map the authenticated identity to the user or group account for PKI-based authentication. | DISA Canonical Ubuntu 20.04 LTS STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001180 - WebSphere Application Server application security must be enabled for each security domain except for publicly available | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001230 - The WebSphere Application Server default keystore passwords must be changed. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001230 - The WebSphere Application Server default keystore passwords must be changed. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WN22-DC-000290 - Windows Server 2022 domain controller PKI certificates must be issued by the DOD PKI or an approved External Certificate Authority (ECA). | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN25-AC-000090 - Windows Server 2025 reversible password encryption must be disabled. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
