| 1.18 WN16-00-000200 | CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT III | Windows | ACCESS CONTROL |
| 1.18 WN19-00-000180 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT III | Windows | ACCESS CONTROL |
| 1.18 WN19-00-000180 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT III | Windows | ACCESS CONTROL |
| 1.44 WN16-00-000450 | CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT III | Windows | AUDIT AND ACCOUNTABILITY |
| 1.44 WN16-00-000450 | CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT III | Windows | AUDIT AND ACCOUNTABILITY |
| 1.46 WN16-00-000470 | CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.46 WN19-00-000460 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.47 WN16-00-000480 | CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.47 WN16-00-000480 | CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.47 WN19-00-000470 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.97 WN16-CC-000040 | CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.97 WN19-CC-000030 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.97 WN19-CC-000030 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.98 WN16-CC-000050 | CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.98 WN19-CC-000040 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.98 WN19-CC-000040 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.99 WN16-CC-000060 | CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.100 WN16-CC-000070 | CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT III | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.100 WN16-CC-000070 | CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT III | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.100 WN19-CC-000060 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT III | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.119 WN19-CC-000260 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.125 WN19-CC-000320 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.125 WN19-CC-000320 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.162 WN19-DC-000160 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT III | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.244 WN19-SO-000370 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT III | Windows | CONFIGURATION MANAGEMENT |
| 1.244 WN19-SO-000370 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT III | Windows | CONFIGURATION MANAGEMENT |
| DG0019-ORACLE11 - Application software should be owned by a Software Application account - 'Oracle home directory file permissions are correct' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DG0019-ORACLE11 - Application software should be owned by a Software Application account. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0087-ORACLE11 - Sensitive data should be labeled. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| DG0091-ORACLE11 - Custom and GOTS application source code stored in the database should be protected with encryption or encoding. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| DG0104-ORACLE11 - DBMS service identification should be unique and clearly identifies the service - 'All Oracle services use the proper naming' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DO0145-ORACLE11 - OS DBA group membership should be restricted to authorized accounts. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DO0145-ORACLE11 - OS DBA group membership should be restricted to authorized accounts. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | ACCESS CONTROL |
| DO0157-ORACLE11 - Database application user accounts should be denied storage usage for object creation within the database. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| DO0221-ORACLE11 - The Oracle SID should not be the default SID - 'No default instance names exist' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | CONFIGURATION MANAGEMENT |
| DO0430-ORACLE11 - The Oracle Management Agent should be uninstalled if not required and authorized or is installed on a database accessible from the Internet. | DISA STIG Oracle 11 Installation v9r1 Database | OracleDB | CONFIGURATION MANAGEMENT |
| DO0430-ORACLE11 - The Oracle Management Agent should be uninstalled if not required and authorized or is installed on a database accessible from the Internet. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DO6746-ORACLE11 - The Oracle listener.ora file should specify IP addresses rather than host names to identify hosts - '%ORACLE_HOME%\NETWORK\ADMIN\listener.ora HOST does not use hostname' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DO6746-ORACLE11 - The Oracle listener.ora file should specify IP addresses rather than host names to identify hosts - '$ORACLE_HOME/network/admin/listener.ora HOST entroes do not use hostnames' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| WA000-WI120 IIS6 - The Content Location header must not contain proprietary IP addresses. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WWA030 A22 - The httpd.conf MaxSpareServers directive must be set properly. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG130 A22 - All utility programs, not necessary for operations, must be removed or disabled. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG130 IIS6 - Programs and features not necessary for operations must be removed. | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG420 IIS6 - Backup interactive scripts must be removed from the web site. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG420 W22 - Backup interactive scripts on the production web server must be prohibited. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG490 A22 - Java software on production web servers must be limited to class files and the JAVA virtual machine - cgi-bin | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG490 A22 - Java software on production web servers must be limited to class files and the JAVA virtual machine - html | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG490 A22 - Java software on production web servers must be limited to class files and the JAVA virtual machine - html | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG490 IIS6 - Java software installed on the web server must be limited to class files and the JAVA virtual machine. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG520 A22 - Web server and/or operating system information must be protected. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
