| EDGE-00-000039 - URLs must be allowlisted for plugin use if used. | DISA STIG Edge v2r2 | Windows | CONFIGURATION MANAGEMENT |
| ESXI-06-000003 - The system must verify the exception users list for lockdown mode. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-06-000018 - The SSH daemon must not permit GSSAPI authentication. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-06-000019 - The SSH daemon must not permit Kerberos authentication. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-06-000022 - The SSH daemon must be configured to not allow gateway ports. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-06-000030 - The system must produce audit records containing information to establish what type of events occurred. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | AUDIT AND ACCOUNTABILITY |
| ESXI-06-000040 - The system must use multifactor authentication for local access to privileged accounts. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXI-06-000044 - The system must enable kernel core dumps. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-06-000051 - The system must protect the confidentiality and integrity of transmitted information. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-06-000052 - The system must protect the confidentiality and integrity of transmitted information by utilizing different TCP/IP stacks where possible. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-06-000054 - The system must enable bidirectional CHAP authentication for iSCSI traffic. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-06-000055 - The system must disable Inter-VM transparent page sharing. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-06-000058 - The system must enable BPDU filter on the host to prevent being locked out of physical switch ports with Portfast and BPDU Guard enabled. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-06-000067 - All physical switch ports must be configured with spanning tree disabled. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-06-000076 - The system must configure the VSAN Datastore name to a unique name. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-06-100030 - The VMM must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | AUDIT AND ACCOUNTABILITY |
| ESXI-06-100037 - The VMM must require individuals to be authenticated with an individual authenticator prior to using a group authenticator by using Active Directory for local user authentication. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXI-06-200037 - The VMM must implement replay-resistant authentication mechanisms for network access to privileged accounts by using Active Directory for local user authentication. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXI-06-200039 - The VMM must implement replay-resistant authentication mechanisms for network access to privileged accounts by restricting use of Active Directory ESX Admin group membership. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXI-06-300037 - The VMM must implement replay-resistant authentication mechanisms for network access to non-privileged accounts by using Active Directory for local user authentication. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | IDENTIFICATION AND AUTHENTICATION |
| JUEX-RT-000360 - The Juniper PE router must be configured to enforce a Quality-of-Service (QoS) policy in accordance with the QoS GIG Technical Profile. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-020130 - OL 8 must enforce password complexity by requiring that at least one numeric character be used. | DISA Oracle Linux 8 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL08-00-020170 - OL 8 must require the change of at least eight characters when passwords are changed. | DISA Oracle Linux 8 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-20-010050 - The Ubuntu operating system must enforce password complexity by requiring that at least one upper-case character be used. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-20-010070 - The Ubuntu operating system must prohibit password reuse for a minimum of five generations. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-20-010436 - The Ubuntu operating system must synchronize internal information system clocks to the authoritative time source when the time difference is greater than one second. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-214010 - Ubuntu 22.04 LTS must be configured so that the Advance Package Tool (APT) prevents the installation of patches, service packs, device drivers, or operating system components without verification they have been digitally signed using a certificate that is recognized and approved by the organization. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-600160 - Ubuntu 24.04 LTS must compare internal information system clocks at least every 24 hours with an authoritative time server. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VCWN-06-000052 - The system must enable the VSAN Health Check. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-06-000054 - The system must configure the VSAN Datastore name to a unique name. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000001 - The system must explicitly disable copy operations. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000004 - The system must explicitly disable paste operations. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000010 - The unexposed feature keyword isolation.bios.bbs.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000011 - The unexposed feature keyword isolation.tools.getCreds.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000012 - The unexposed feature keyword isolation.tools.ghi.launchmenu.change must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000015 - The unexposed feature keyword isolation.ghi.host.shellAction.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000017 - The unexposed feature keyword isolation.tools.trashFolderState.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000018 - The unexposed feature keyword isolation.tools.ghi.trayicon.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000019 - The unexposed feature keyword isolation.tools.unity.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000022 - The unexposed feature keyword isolation.tools.unity.taskbar.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000023 - The unexposed feature keyword isolation.tools.unityActive.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000025 - The unexposed feature keyword isolation.tools.vmxDnDVersionGet.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000026 - The unexposed feature keyword isolation.tools.guestDnDVersionSet.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000027 - The system must disable VIX messages from the VM. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000035 - The system must disable tools auto install. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000036 - The system must limit informational messages from the VM to the VMX file. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000040 - The system must disable shared salt values. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000041 - The system must control access to VMs through the dvfilter network APIs. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| WN11-00-000260 - The Windows 11 time service must synchronize with an appropriate DOD time source. | DISA Microsoft Windows 11 STIG v2r3 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-00-000440 - The Windows Server 2022 time service must synchronize with an appropriate DOD time source. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
