| 1.6.1.10 Ensure system device files are labeled - device_t | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.6.1.10 Ensure system device files are labeled - unlabeled_t | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 2.2.21 Ensure the TFTP server has not been installed - TFTP server package installed if not required for operational support. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 5.3.30 Ensure SSH does not permit GSSAPI - GSSAPI authentication unless needed. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 5.3.31 Ensure SSH does not permit Kerberos authentication | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 5.5.9 Ensure local interactive user accounts umask is 077 | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| AADC-CL-000840 - Adobe Acrobat Pro DC Classic privileged file and folder locations must be disabled. | DISA STIG Adobe Acrobat Pro DC Classic Track v2r1 | Windows | CONFIGURATION MANAGEMENT |
| AADC-CL-001325 - Adobe Acrobat Pro DC Classic privileged host locations must be disabled. | DISA STIG Adobe Acrobat Pro DC Classic Track v2r1 | Windows | CONFIGURATION MANAGEMENT |
| AADC-CN-001325 - Adobe Acrobat Pro DC Continuous privileged host locations must be disabled. | DISA STIG Adobe Acrobat Pro DC Continuous Track v2r1 | Windows | CONFIGURATION MANAGEMENT |
| AOSX-13-000554 - The macOS system must not have a guest account - Guest fdesetup | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
| AOSX-15-002063 - The macOS system must enforce access restrictions. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | CONFIGURATION MANAGEMENT |
| APPL-14-000100 The macOS system must disable root logon. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| APPL-14-001100 The macOS system must disable root logon for SSH. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| APPL-15-000100 - The macOS system must disable root login. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| ARDC-CN-000315 - Adobe Reader DC must disable the ability to add Trusted Files and Folders. | DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1 | Windows | CONFIGURATION MANAGEMENT |
| ARDC-CN-000320 - Adobe Reader DC must disable the ability to elevate IE Trusts to Privileged Locations. | DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1 | Windows | CONFIGURATION MANAGEMENT |
| ARST-ND-000550 - If the Arista network device uses role-based access control, the network device must enforce organization-defined role-based access control policies over defined subjects and objects. | DISA STIG Arista MLS EOS 4.2x NDM v2r1 | Arista | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AS24-U1-000440 - Apache web server application directories, libraries, and configuration files must only be accessible to privileged users. | DISA STIG Apache Server 2.4 Unix Server v3r2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U2-000780 - The Apache web server application, libraries, and configuration files must only be accessible to privileged users. | DISA STIG Apache Server 2.4 Unix Site v2r6 | Unix | CONFIGURATION MANAGEMENT |
| AS24-U2-000780 - The Apache web server application, libraries, and configuration files must only be accessible to privileged users. | DISA STIG Apache Server 2.4 Unix Site v2r6 Middleware | Unix | CONFIGURATION MANAGEMENT |
| AS24-W2-000440 - Anonymous user access to the Apache web server application directories must be prohibited. | DISA STIG Apache Server 2.4 Windows Site v2r2 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| DB2X-00-008100 - DB2 and the operating system must enforce access restrictions associated with changes to the configuration of DB2 or database(s) | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Linux | Unix | CONFIGURATION MANAGEMENT |
| EX13-CA-000120 - Exchange software baseline copy must exist. | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| EX16-ED-000590 - The Exchange software baseline copy must exist. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | CONFIGURATION MANAGEMENT |
| EX16-MB-000580 - An Exchange software baseline copy must exist. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | CONFIGURATION MANAGEMENT |
| F5BI-DM-000213 - The BIG-IP appliance must be configured to enforce access restrictions associated with changes to device configuration. | DISA F5 BIG-IP Device Management STIG v2r4 | F5 | CONFIGURATION MANAGEMENT |
| IIST-SV-000147 - Access to web administration tools must be restricted to the web manager and the web managers designees. | DISA IIS 10.0 Server v3r3 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| IISW-SV-000147 - Access to web administration tools must be restricted to the web manager and the web managers designees. | DISA IIS 8.5 Server v2r7 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| MD3X-00-000670 - MongoDB must enforce access restrictions associated with changes to the configuration of MongoDB or database(s). | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 DB | MongoDB | CONFIGURATION MANAGEMENT |
| O112-C2-010300 - The DBMS must support enforcement of logical access restrictions associated with changes to the DBMS configuration and to the database itself. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | CONFIGURATION MANAGEMENT |
| O121-C2-010300 - The DBMS must support enforcement of logical access restrictions associated with changes to the DBMS configuration and to the database itself. | DISA STIG Oracle 12c v3r2 Database | OracleDB | CONFIGURATION MANAGEMENT |
| OL07-00-021700 - The Oracle Linux operating system must not allow removable media to be used as the boot loader unless approved. | DISA Oracle Linux 7 STIG v3r2 | Unix | CONFIGURATION MANAGEMENT |
| OL07-00-040430 - The Oracle Linux operating system must be configured so that the SSH daemon does not permit Generic Security Service Application Program Interface (GSSAPI) authentication unless needed - GSSAPI authentication unless needed. | DISA Oracle Linux 7 STIG v3r2 | Unix | CONFIGURATION MANAGEMENT |
| SQL4-00-033900 - SQL Server and Windows must enforce access restrictions associated with changes to the configuration of the SQL Server instance or database(s) - s. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL6-D0-003100 - SQL Server must enforce access restrictions associated with changes to the configuration of the database(s). | DISA STIG SQL Server 2016 Database Audit v3r2 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL6-D0-011500 - Windows must enforce access restrictions associated with changes to the configuration of the SQL Server instance. | DISA STIG SQL Server 2016 Instance OS Audit v3r4 | Windows | CONFIGURATION MANAGEMENT |
| TCAT-AS-000370 - Files in the $CATALINA_BASE/conf/ folder must have their permissions set to 640. | DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| TCAT-AS-000371 - $CATALINA_BASE/conf folder permissions must be set to 750. | DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| TCAT-AS-001200 - $CATALINA_HOME folder must be owned by the root user, group tomcat. | DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware | Unix | CONFIGURATION MANAGEMENT |
| TCAT-AS-001220 - $CATALINA_BASE/conf/ folder must be owned by root, group tomcat. | DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware | Unix | CONFIGURATION MANAGEMENT |
| TCAT-AS-001250 - $CATALINA_BASE/logs/ folder must be owned by tomcat user, group tomcat. | DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware | Unix | CONFIGURATION MANAGEMENT |
| TCAT-AS-001260 - $CATALINA_BASE/temp/ folder must be owned by tomcat user, group tomcat. | DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware | Unix | CONFIGURATION MANAGEMENT |
| TCAT-AS-001270 - $CATALINA_BASE/temp folder permissions must be set to 750. | DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware | Unix | CONFIGURATION MANAGEMENT |
| VCLD-70-000009 - VAMI server binaries and libraries must be verified for their integrity. | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCPG-70-000003 - VMware Postgres configuration files must not be accessible by unauthorized users. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| VCSA-70-000095 - The vCenter Server users must have the correct roles assigned. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCSA-80-000095 - The vCenter Server user roles must be verified. | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-000220 - The WebSphere Application Server users in the admin role must be authorized. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| WBSP-AS-000220 - The WebSphere Application Server users in the admin role must be authorized. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| WBSP-AS-000220 - The WebSphere Application Server users in the admin role must be authorized. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
