Item Search

NameAudit NamePluginCategory
AMLS-NM-000100 - The Arista Multilayer Switch must have a local infrequently used account to be used as an account of last resort with full access to the network device.DISA STIG Arista MLS DCS-7000 Series NDM v1r4Arista

CONFIGURATION MANAGEMENT

AS24-U1-000960 - The Apache web server software must be a vendor-supported version.DISA STIG Apache Server 2.4 Unix Server v3r2 MiddlewareUnix

CONFIGURATION MANAGEMENT

BIND-9X-001000 - A BIND 9.x server implementation must be operating on a Current-Stable version as defined by ISC.DISA BIND 9.x STIG v2r3Unix

CONFIGURATION MANAGEMENT

CISC-RT-000680 - The Cisco PE switch providing Virtual Private LAN Services (VPLS) must be configured to have all attachment circuits defined to the virtual forwarding instance (VFI) with the globally unique VPN ID assigned for each customer VLAN.DISA Cisco NX OS Switch RTR STIG v3r3Cisco

CONTINGENCY PLANNING

DB2X-00-004600 - DB2 must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operationsDISA STIG IBM DB2 v10.5 LUW v2r1 OS LinuxUnix

IDENTIFICATION AND AUTHENTICATION

DB2X-00-004600 - DB2 must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operationsDISA STIG IBM DB2 v10.5 LUW v2r1 OS WindowsWindows

IDENTIFICATION AND AUTHENTICATION

DB2X-00-008600 - DB2 must use NSA-approved cryptography to protect classified information in accordance with the data owners requirementsDISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

SYSTEM AND COMMUNICATIONS PROTECTION

DKER-EE-005190 - Docker Enterprise docker.socket file ownership must be set to root:root.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

CONFIGURATION MANAGEMENT

DKER-EE-005210 - Docker Enterprise /etc/docker directory ownership must be set to root:root - UbuntuDISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

CONFIGURATION MANAGEMENT

DKER-EE-005270 - Docker Enterprise server certificate file ownership must be set to root:root.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

CONFIGURATION MANAGEMENT

DKER-EE-005310 - Docker Enterprise socket file ownership must be set to root:docker.DISA STIG Docker Enterprise 2.x Linux/Unix v2r2Unix

CONFIGURATION MANAGEMENT

EP11-00-004810 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.EDB PostgreSQL Advanced Server v11 DB Audit v2r4PostgreSQLDB

IDENTIFICATION AND AUTHENTICATION

EX13-EG-000330 - Exchange must provide redundancy.DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6Windows

SYSTEM AND COMMUNICATIONS PROTECTION

GEN005100 - The TFTP daemon must have mode 0755 or less permissive.DISA STIG Solaris 10 SPARC v2r4Unix

ACCESS CONTROL

GOOG-09-010900 - Google Android Pie devices must have a NIAP validated Google Android Pie operating system installed.MobileIron - DISA Google Android 9.x v2r1MDM

CONFIGURATION MANAGEMENT

GOOG-10-010800 - Google Android 10 devices must have the latest available Google Android 10 operating system installed.AirWatch - DISA Google Android 10.x v2r1MDM

CONFIGURATION MANAGEMENT

IIST-SI-000221 - Anonymous IIS 10.0 website access accounts must be restricted.DISA IIS 10.0 Site v2r11Windows

SYSTEM AND COMMUNICATIONS PROTECTION

JBOS-AS-000075 - JBoss management interfaces must be secured.DISA JBoss EAP 6.3 STIG v2r6Unix

ACCESS CONTROL

MD3X-00-000020 - MongoDB must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies.DISA STIG MongoDB Enterprise Advanced 3.x v2r3 DBMongoDB

ACCESS CONTROL

MD3X-00-000440 - MongoDB must protect the confidentiality and integrity of all information at rest.DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OSUnix

SYSTEM AND COMMUNICATIONS PROTECTION

MD3X-00-000800 - MongoDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OSUnix

IDENTIFICATION AND AUTHENTICATION

MD4X-00-001300 - MongoDB must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations.DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OSUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

MSFT-11-002000 - Microsoft Android 11 must be configured to enable encryption for data at rest on removable storage media or alternately, the use of removable storage media must be disabled.MobileIron - DISA Microsoft Android 11 COBO v1r2MDM

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

O19C-00-001000 - Oracle Database must enforce approved authorizations for logical access to the system in accordance with applicable policy.DISA Oracle Database 19c STIG v1r1 DatabaseOracleDB

ACCESS CONTROL

O112-BP-022000 - The Oracle REMOTE_OS_ROLES parameter must be set to FALSE.DISA STIG Oracle 11.2g v2r5 DatabaseOracleDB

CONFIGURATION MANAGEMENT

O112-BP-022700 - The Oracle Listener must be configured to require administration authentication.DISA STIG Oracle 11.2g v2r5 LinuxUnix

CONFIGURATION MANAGEMENT

O112-N1-015602 - When using command-line tools such as Oracle SQL*Plus, which can accept a plain-text password, users must use an alternative login method that does not expose the password.DISA STIG Oracle 11.2g v2r5 WindowsWindows

IDENTIFICATION AND AUTHENTICATION

OH12-1X-000310 - OHS must have the SSLEngine, SSLProtocol, SSLWallet directives enabled and configured to prevent unauthorized disclosure of information during transmission - SSLWalletDISA STIG Oracle HTTP Server 12.1.3 v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

OL6-00-000206 - The telnet-server package must not be installed.DISA STIG Oracle Linux 6 v2r7Unix

CONFIGURATION MANAGEMENT

OL6-00-000286 - The x86 Ctrl-Alt-Delete key sequence must be disabled - /sbin/shutdownDISA STIG Oracle Linux 6 v2r7Unix

CONFIGURATION MANAGEMENT

OL6-00-000309 - The NFS server must not have the insecure file locking option enabled.DISA STIG Oracle Linux 6 v2r7Unix

IDENTIFICATION AND AUTHENTICATION

PPS9-00-002400 - The EDB Postgres Advanced Server must be configurable to overwrite audit log records, oldest first (First-In-First-Out - FIFO), in the event of unavailability of space for more audit log records.EDB PostgreSQL Advanced Server OS Linux Audit v2r3Unix

AUDIT AND ACCOUNTABILITY

PPS9-00-004820 - When using command-line tools such as psql, users must use a logon method that does not expose the password.EDB PostgreSQL Advanced Server DB Audit v2r3PostgreSQLDB

IDENTIFICATION AND AUTHENTICATION

SOL-11.1-010410 - The operating system must configure auditing to reduce the likelihood of storage capacity being exceeded.DISA STIG Solaris 11 X86 v3r1Unix

AUDIT AND ACCOUNTABILITY

SOL-11.1-020140 - The TFTP service daemon must not be installed unless required.DISA STIG Solaris 11 SPARC v3r1Unix

CONFIGURATION MANAGEMENT

SOL-11.1-020140 - The TFTP service daemon must not be installed unless required.DISA STIG Solaris 11 X86 v3r1Unix

CONFIGURATION MANAGEMENT

SOL-11.1-040370 - Login must not be permitted with empty/null passwords for SSH.DISA STIG Solaris 11 SPARC v3r1Unix

CONFIGURATION MANAGEMENT

SOL-11.1-070050 - There must be no user .rhosts files.DISA STIG Solaris 11 SPARC v3r1Unix

CONFIGURATION MANAGEMENT

SPLK-CL-000010 - Splunk Enterprise must be installed with FIPS mode enabled, to implement NIST FIPS 140-2 approved ciphers for all cryptographic functions.DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST APISplunk

SYSTEM AND COMMUNICATIONS PROTECTION

UBTU-16-010630 - The x86 Ctrl-Alt-Delete key sequence must be disabled.DISA STIG Ubuntu 16.04 LTS v2r3Unix

CONFIGURATION MANAGEMENT

UBTU-16-010631 - The x86 Ctrl-Alt-Delete key sequence in the Ubuntu operating system must be disabled if a Graphical User Interface is installed.DISA STIG Ubuntu 16.04 LTS v2r3Unix

CONFIGURATION MANAGEMENT

UBTU-18-010019 - The Ubuntu operating system must not have the rsh-server package installed.DISA STIG Ubuntu 18.04 LTS v2r15Unix

CONFIGURATION MANAGEMENT

WBLC-05-000150 - Oracle WebLogic must uniquely identify and authenticate users (or processes acting on behalf of users).Oracle WebLogic Server 12c Linux v2r2 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION

WDNS-CM-000014 - The Windows 2012 DNS Server must be configured to enable DNSSEC Resource Records.DISA Microsoft Windows 2012 Server DNS STIG v2r7Windows

CONFIGURATION MANAGEMENT

WN16-00-000010 - Users with Administrative privileges must have separate accounts for administrative duties and normal operational tasks.DISA Microsoft Windows Server 2016 STIG v2r10Windows

CONFIGURATION MANAGEMENT

WN16-00-000120 - The Windows Server 2016 system must use an anti-virus program.DISA Microsoft Windows Server 2016 STIG v2r10Windows

CONFIGURATION MANAGEMENT

WN16-SO-000250 - Anonymous SID/Name translation must not be allowed.DISA Microsoft Windows Server 2016 STIG v2r10Windows

CONFIGURATION MANAGEMENT

WN16-SO-000260 - Anonymous enumeration of Security Account Manager (SAM) accounts must not be allowed.DISA Microsoft Windows Server 2016 STIG v2r10Windows

CONFIGURATION MANAGEMENT

WN16-SO-000300 - Anonymous access to Named Pipes and Shares must be restricted.DISA Microsoft Windows Server 2016 STIG v2r10Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN22-00-000030 - Windows Server 2022 administrative accounts must not be used with applications that access the internet, such as web browsers, or with potential internet sources, such as email.DISA Microsoft Windows Server 2022 STIG v2r4Windows

CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY