| AIOS-12-010500 - Apple iOS must require a valid password be successfully entered before the mobile device data is unencrypted. | MobileIron - DISA Apple iOS 12 v2r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-13-010500 - Apple iOS/iPadOS must require a valid password be successfully entered before the mobile device data is unencrypted. | AirWatch - DISA Apple iOS/iPadOS 13 v2r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIX7-00-001038 - AIX must not have accounts configured with blank or null passwords. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-001102 - AIX must employ strong authenticators in the establishment of nonlocal maintenance and diagnostic sessions. | DISA STIG AIX 7.x v3r1 | Unix | MAINTENANCE |
| AIX7-00-003070 - The ntalk daemon must be disabled on AIX. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| BIND-9X-001405 - A BIND 9.x implementation operating in a split DNS configuration must be approved by the organizations Authorizing Official. | DISA BIND 9.x STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| CISC-ND-000470 - The Cisco router must be configured to prohibit the use of all unnecessary and nonsecure functions and services. | DISA STIG Cisco IOS XE Router NDM v3r2 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-ND-000470 - The Cisco switch must be configured to prohibit the use of all unnecessary and non-secure functions and services. | DISA STIG Cisco IOS Switch NDM v3r2 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-ND-000470 - The Cisco switch must be configured to prohibit the use of all unnecessary and nonsecure functions and services. | DISA STIG Cisco IOS XE Switch NDM v3r2 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-ND-000720 - The Cisco router must be configured to terminate all network connections associated with device management after five minutes of inactivity. | DISA STIG Cisco IOS Router NDM v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000280 - The Cisco perimeter router must be configured to protect an enclave connected to an alternate gateway by using an inbound filter that only permits packets with destination addresses within the sites address space. | DISA STIG Cisco IOS XE Router RTR v3r2 | Cisco | ACCESS CONTROL |
| CISC-RT-000640 - The Cisco PE router must be configured to have each Virtual Routing and Forwarding (VRF) instance with the appropriate Route Target (RT). | DISA STIG Cisco IOS XE Router RTR v3r2 | Cisco | CONTINGENCY PLANNING |
| CISC-RT-000680 - The Cisco PE router providing Virtual Private LAN Services (VPLS) must be configured to have all attachment circuits defined to the virtual forwarding instance (VFI) with the globally unique VPN ID assigned for each customer VLAN - VFI with the globally unique VPN ID assigned for each customer VLAN | DISA STIG Cisco IOS XE Router RTR v3r2 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-RT-000730 - The Cisco PE router must be configured to block any traffic that is destined to IP core infrastructure. | DISA STIG Cisco IOS-XR Router RTR v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000730 - The Cisco PE switch must be configured to block any traffic that is destined to the IP core infrastructure. | DISA STIG Cisco IOS Switch RTR v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-65-000060 - The virtual switch MAC Address Change policy must be set to reject on the ESXi host. | DISA STIG VMware vSphere ESXi 6.5 v2r4 | VMware | CONFIGURATION MANAGEMENT |
| GEN001100 - Root passwords must never be passed over a network in clear text form. | DISA STIG Solaris 10 SPARC v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PGS9-00-008000 - PostgreSQL must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to generate and validate cryptographic hashes. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-008200 - PostgreSQL must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owners requirements. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-012300 - PostgreSQL must use NIST FIPS 140-2 or 140-3 validated cryptographic modules for cryptographic operations. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000010 - The Red Hat Enterprise Linux operating system must be a vendor-supported release. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000030 - The system must not have accounts configured with blank or null passwords - system-auth. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000211 - The telnet daemon must not be running. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000309 - The NFS server must not have the insecure file locking option enabled. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-010491 - Red Hat Enterprise Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| RHEL-07-020010 - The Red Hat Enterprise Linux operating system must not have the ypserv package installed. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-020250 - The Red Hat Enterprise Linux operating system must be a vendor supported release. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-040550 - The Red Hat Enterprise Linux operating system must not contain shosts.equiv files. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-020130 - The FTP daemon must not be installed unless required. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-020150 - The telnet service daemon must not be installed unless required. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-080010 - The operating system must be a supported release. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-080160 - SNMP communities, users, and passphrases must be changed from the default. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SPLK-CL-000030 - Splunk Enterprise must have all local user accounts removed after implementing organizational level user management system, except for one emergency account of last resort. | DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API | Splunk | IDENTIFICATION AND AUTHENTICATION |
| UBTU-16-010250 - The Ubuntu operating system must not be configured to allow blank or null passwords. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-16-010350 - There must be no .shosts files on the Ubuntu operating system. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-16-010360 - There must be no shosts.equiv files on the Ubuntu operating system. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-16-010380 - Ubuntu operating systems booted with a BIOS must require authentication upon booting into single-user and maintenance modes. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | ACCESS CONTROL |
| UBTU-16-010670 - The root account must be the only account having unrestricted access to the system. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-16-030020 - The rsh-server package must not be installed. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-16-030250 - The Ubuntu operating system must be configured so that the SSH daemon does not allow authentication using an empty password - PermitEmptyPasswords | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-16-030400 - The Ubuntu operating system must be configured so that remote X connections are disabled unless to fulfill documented and validated mission requirements. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-16-030710 - A File Transfer Protocol (FTP) server package must not be installed unless needed. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | CONFIGURATION MANAGEMENT |
| WN10-00-000050 - Local volumes must be formatted using NTFS. | DISA Microsoft Windows 10 STIG v3r4 | Windows | ACCESS CONTROL |
| WN10-CC-000075 - Credential Guard must be running on Windows 10 domain-joined systems. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN10-CC-000330 - The Windows Remote Management (WinRM) client must not use Basic authentication. | DISA Microsoft Windows 10 STIG v3r4 | Windows | MAINTENANCE |
| WN10-SO-000145 - Anonymous enumeration of SAM accounts must not be allowed. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN19-00-000110 - Windows Server 2019 must use an anti-virus program. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN19-SO-000020 - Windows Server 2019 must prevent local accounts with blank passwords from being used from the network. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN19-SO-000220 - Windows Server 2019 must not allow anonymous enumeration of Security Account Manager (SAM) accounts. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN19-SO-000250 - Windows Server 2019 must restrict anonymous access to Named Pipes and Shares. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
