| 1.2 UBTU-24-100010 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT III | Unix | CONFIGURATION MANAGEMENT |
| 1.21 UBTU-24-100700 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT III | Unix | CONFIGURATION MANAGEMENT |
| 1.82 UBTU-22-412020 | CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT III | Unix | ACCESS CONTROL |
| 1.173 UBTU-24-900920 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT III | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2.3 Ensure all groups in /etc/passwd exist in /etc/group | CIS Amazon Linux 2 STIG v2.0.0 L1 Workstation | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIOS-01-080004 - Apple iOS must enforce a minimum password length of six characters. | AirWatch - DISA Apple iOS 10 v1r3 | MDM | IDENTIFICATION AND AUTHENTICATION |
| APPL-12-000006 - The macOS system must conceal, via the session lock, information previously visible on the display with a publicly viewable image. | DISA STIG Apple macOS 12 v1r9 | Unix | ACCESS CONTROL |
| EDGE-00-000042 - Extensions that are approved for use must be allowlisted if used. | DISA Microsoft Edge STIG v2r5 | Windows | CONFIGURATION MANAGEMENT |
| F5BI-AP-300151 - When the Access Profile Type is LTM+APM and it is not using any connectivity resources (such as Network Access, Portal Access, etc.) in the VPE, the F5 BIG-IP appliance must be configured to enable the HTTP Only flag. | DISA F5 BIG-IP TMOS ALG STIG v1r2 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN000380 - All Group Identifiers (GIDs) referenced in the /etc/passwd file must be defined in the /etc/group file. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN000452 - The system must display the date and time of the last successful account login upon login. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN000510 - The system must display a publicly-viewable pattern during a graphical desktop environment session lock. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN000510 - The system must display a publicly-viewable pattern during a graphical desktop environment session lock. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN000850 - The system must restrict the ability to switch to the root user to members of a defined group. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001280 - Manual page files must have mode 0644 or less permissive - '/usr/share/man/*' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN001375 - For systems using DNS resolution, at least two name servers must be configured | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN001375 - For systems using DNS resolution, at least two name servers must be configured - first name server | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN001375 - For systems using DNS resolution, at least two name servers must be configured - second name server | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN001460 - All interactive user home directories defined in the /etc/passwd file must exist. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN001540 - All files and directories contained in interactive user home directories must be owned by the home directory's owner. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN001780 - Global initialization files must contain the 'mesg -n' or 'mesg n' commands - '/etc/ksh.kshrc' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN001780 - Global initialization files must contain the 'mesg -n' or 'mesg n' commands - '/etc/profile' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN002715 - System audit tool executables must be owned by root - '/sbin/aureport' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/auditpr' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002716 - System audit tool executables must be group-owned by bin, sys, or system - '/usr/sbin/auditmerge' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/audit' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/auditmerge' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/auditstream' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditconv' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditselect' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN003520 - The kernel core dump data directory must be owned by root. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003521 - The kernel core dump data directory must be group-owned by bin, sys, or system. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003602 - The system must not process ICMP timestamp requests. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN004560 - The SMTP service's SMTP greeting must not provide version information. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN004660 - The SMTP service must not have the EXPN feature active. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN004680 - The SMTP service must not have the VRFY feature active. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN004700 - The Sendmail service must not have the wizard backdoor active. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN004980 - The FTP daemon must be configured for logging or verbose mode - '/etc/inetd.conf contains ftpd -l' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN004980 - The FTP daemon must be configured for logging or verbose mode - '/etc/syslog.conf contains daemon.info or *.info' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN006571 - The file integrity tool must be configured to verify extended attributes. | DISA STIG AIX 6.1 v1r14 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OL08-00-010440 - YUM must remove all software components after updated versions have been installed on OL 8. | DISA Oracle Linux 8 STIG v2r8 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OL09-00-000495 - OL 9 must remove all software components after updated versions have been installed. | DISA Oracle Linux 9 STIG v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OS10-RTR-000800 - The Dell OS10 multicast Designated Router (DR) must be configured to filter the Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Report messages to allow hosts to join only multicast groups that have been approved by the organization. | DISA Dell OS10 Switch Router STIG v1r1 | Dell_OS10 | SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-40-000112 - The Photon operating system must immediately notify the SA and ISSO when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SHPT-00-000405 - To support audit review, analysis, and reporting, SharePoint must integrate audit review, analysis, and reporting processes to support organizational processes for investigation and response to suspicious activities. | DISA STIG SharePoint 2010 v1r9 | Windows | AUDIT AND ACCOUNTABILITY |
| SPLK-CL-000250 - Splunk Enterprise must be configured to back up the log records repository at least every seven days onto a different system or system component other than the system or component being audited. | DISA STIG Splunk Enterprise 8.x for Linux v2r3 STIG REST API | Splunk | AUDIT AND ACCOUNTABILITY |
| SQL2-00-015500 - Database software directories, including SQL Server configuration files, must be stored in dedicated directories, separate from the host OS and other applications. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | CONFIGURATION MANAGEMENT |
| SQL2-00-017510 - Appropriate staff must be alerted when the amount of storage space used by the SQL Server transaction log file(s) exceeds an organization-defined value - s exceeds an organization-defined value. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | CONTINGENCY PLANNING |
| SYMP-NM-000090 - Symantec ProxySG must generate an alert to the console when a log processing failure is detected such as loss of communications with the Central Log Server or log records are no longer being sent. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010441 - The Ubuntu operating system must be configured such that Pluggable Authentication Module (PAM) prohibits the use of cached authentications after one day. | DISA Canonical Ubuntu 20.04 LTS STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
