| AIOS-18-007000 - Apple iOS/iPadOS 18 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DOD-approved commercial app repository, MDM server, mobile application store]. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-012200 - Apple iOS/iPadOS 18 must implement the management setting: enable USB Restricted Mode. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-012300 - Apple iOS/iPadOS 18 must not allow managed apps to write contacts to unmanaged contacts accounts. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-012300 - Apple iOS/iPadOS 18 must not allow managed apps to write contacts to unmanaged contacts accounts. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-012600 - Apple iOS/iPadOS 18 must implement the management setting: disable paired Apple Watch. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-012800 - Apple iOS/iPadOS 18 must disable 'Allow setting up new nearby devices' - Allow setting up new nearby devices. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-012900 - Apple iOS/iPadOS 18 must disable password proximity requests. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-013100 - Apple iOS/iPadOS 18 must disable 'Find My Friends' in the 'Find My' app - Find My app. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-014300 - Apple iOS/iPadOS 18 must disable 'Allow network drive access in Files access' - Allow network drive access in Files access. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-014900 - Apple iOS/iPadOS 18 must disable the installation of alternative marketplace apps. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-015000 - Apple iOS/iPadOS 18 must disable app installation from a website. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-015600 - Apple iOS/iPadOS 18 must disable the ability to hide apps. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-015700 - Apple iOS/iPadOS 18 must disable recording cell phone calls on the iPhone. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-016000 - Apple iOS/iPadOS 18 must disable the ability of the user to wipe the device. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-016200 - Apple iOS/iPadOS 18 must disable the use of voice assistant (Show user-generated content in Siri) unless required to meet Section 508 compliance requirements. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-016400 - Apple iOS/iPadOS 18 must disable automatic downloads of apps purchased on other Apple devices. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-017000 - Apple iOS/iPadOS 18 must disable Allowed Content Ratings (Movies). | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| CISC-RT-000235 - The Cisco router must be configured to have Cisco Express Forwarding enabled. | DISA Cisco IOS XE Router RTR STIG v3r3 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-RT-000236 - The Cisco switch must be configured to advertise a hop limit of at least 32 in Switch Advertisement messages for IPv6 stateless auto-configuration deployments. | DISA Cisco NX OS Switch RTR STIG v3r3 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-RT-000391 - The Cisco perimeter router must be configured to suppress Router Advertisements on all external IPv6-enabled interfaces. | DISA Cisco IOS Router RTR STIG v3r3 | Cisco | CONFIGURATION MANAGEMENT |
| CNTR-K8-003280 - Kubernetes API Server audit logs must be enabled. | DISA STIG Kubernetes v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010790 - All RHEL 8 local files and directories must have a valid group owner. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010800 - A separate RHEL 8 filesystem must be used for user home directories (such as /home or an equivalent). | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-020310 - RHEL 8 must enforce a delay of at least four seconds between logon prompts following a failed logon attempt. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-020351 - RHEL 8 must define default permissions for all authenticated users in such a way that the user can only read and modify their own files. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-020352 - RHEL 8 must set the umask value to 077 for all local interactive user accounts. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040172 - The systemd Ctrl-Alt-Delete burst key sequence in RHEL 8 must be disabled. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040200 - The root account must be the only account having unrestricted access to the RHEL 8 system. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040209 - RHEL 8 must prevent IPv4 Internet Control Message Protocol (ICMP) redirect messages from being accepted. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040280 - RHEL 8 must ignore IPv6 Internet Control Message Protocol (ICMP) redirect messages. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040281 - RHEL 8 must disable access to network bpf syscall from unprivileged processes. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040285 - RHEL 8 must use reverse path filtering on all IPv4 interfaces. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040340 - RHEL 8 remote X connections for interactive users must be disabled unless to fulfill documented and validated mission requirements. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040350 - If the Trivial File Transfer Protocol (TFTP) server is required, the RHEL 8 TFTP daemon must be configured to operate in secure mode. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040390 - The tuned package must not be installed unless mission essential on RHEL 8. | DISA Red Hat Enterprise Linux 8 STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-020099 - The SUSE operating system must specify the default "include" directory for the /etc/sudoers file. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-020290 - The SUSE operating system must prevent the use of dictionary words for passwords. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-030810 - The SUSE operating system must use a separate file system for the system audit data path. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040030 - There must be no shosts.equiv files on the SUSE operating system. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040060 - The SUSE operating system must disable the x86 Ctrl-Alt-Delete key sequence. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040090 - All SUSE operating system local interactive user home directories must have mode 0750 or less permissive. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040100 - All SUSE operating system local interactive user home directories must be group-owned by the home directory owner's primary group. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040120 - All SUSE operating system local interactive user initialization files executable search paths must contain only paths that resolve to the users home directory. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040140 - SUSE operating system file systems that contain user home directories must be mounted to prevent files with the setuid and setgid bit set from being executed. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040170 - SUSE operating system file systems that are being imported via Network File System (NFS) must be mounted to prevent binary files from being executed. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040220 - The SUSE operating system must be configured to not overwrite Pluggable Authentication Modules (PAM) configuration on package changes. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040250 - The SUSE operating system SSH daemon private host key files must have mode 0640 or less permissive. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040260 - The SUSE operating system SSH daemon must perform strict mode checking of home directory configuration files. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040290 - The SUSE operating system SSH daemon must disable forwarded remote X connections for interactive users, unless to fulfill documented and validated mission requirements. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-040341 - The SUSE operating system must prevent Internet Protocol version 6 (IPv6) Internet Control Message Protocol (ICMP) redirect messages from being accepted. | DISA SUSE Linux Enterprise Server 15 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
