| DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Microsoft OneNote 2013 v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Navigation to URLs embedded in Office products must be blocked. | DISA STIG Microsoft Groove 2013 v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Navigation to URLs embedded in Office products must be blocked. | DISA STIG Microsoft OneNote 2013 v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO124 - Scripted Window Security must be enforced. | DISA STIG Microsoft Groove 2013 v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO129 - Links that invoke instances of Internet Explorer from within an Office product must be blocked. | DISA STIG Microsoft OneNote 2013 v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - Protection from zone elevation must be enforced. | DISA STIG Microsoft Groove 2013 v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO211 - ActiveX Installs must be configured for proper restriction. | DISA STIG Microsoft OneNote 2013 v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO211 - ActiveX installs must be configured for proper restrictions. | DISA STIG Microsoft Groove 2013 v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| FGFW-ND-000005 - The FortiGate device must automatically audit account creation | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | ACCESS CONTROL |
| FGFW-ND-000010 - The FortiGate device must automatically audit account modification | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | ACCESS CONTROL |
| FGFW-ND-000060 - The FortiGate device must log all user activity. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000080 - The FortiGate device must generate audit records for privileged activities or other system-level access | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000100 - The FortiGate device must generate audit records containing the full-text recording of privileged commands. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000120 - The FortiGate device must synchronize internal information system clocks using redundant authoritative time sources | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| FGFW-ND-000135 - The FortiGate device must protect audit tools from unauthorized access. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000140 - The FortiGate device must protect audit tools from unauthorized modification. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000190 - FortiGate devices performing maintenance functions must restrict use of these functions to authorized personnel only. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT, MAINTENANCE |
| FGFW-ND-000250 - The FortiGate device must not have any default manufacturer passwords when deployed. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000265 - The FortiGate device must implement cryptographic mechanisms using a FIPS 140-2 approved algorithm to protect the confidentiality of remote maintenance sessions. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | MAINTENANCE |
| FGFW-ND-000290 - The FortiGate device must protect against known types of denial-of-service (DoS) attacks by employing organization-defined security safeguards. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
| FGFW-ND-000305 - The FortiGate device must only install patches or updates that are validated by the vendor via digital signature or hash. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT |
| FGFW-ND-000311 - The FortiGate device must require that when a password is changed, the characters are changed in at least eight of the positions within the password. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-000005 - OL 9 must use a separate file system for /var. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000030 - OL 9 must require authentication to access single-user mode. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL |
| OL09-00-000041 - OL 9 must be configured to disable the Controller Area Network (CAN) kernel module. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000046 - OL 9 Bluetooth must be disabled. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| OL09-00-000060 - OL 9 must use a Linux Security Module configured to enforce limits on system services. | DISA Oracle Linux 9 STIG v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| OL09-00-000090 - OL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a command line user logon. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL |
| OL09-00-000100 - OL 9 must not have the nfs-utils package installed. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000105 - OL 9 must not install packages from the Extra Packages for Enterprise Linux (EPEL) repository. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000150 - OL 9 must not have the sendmail package installed. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000220 - OL 9 must have the firewalld package installed. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| OL09-00-000241 - OL 9 must implement a FIPS 140-3 compliant system-wide cryptographic policy. | DISA Oracle Linux 9 STIG v1r4 | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| OL09-00-002581 - OL 9 cron configuration files directory must be group-owned by root. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002584 - OL 9 must audit any script or executable called by cron as root or by any privileged user. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-003000 - OL 9 must be configured so that the root account is the only account having unrestricted access to the system. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-003005 - OL 9 interactive users must have a primary group that exists. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-003021 - OL 9 must automatically lock the root account until the root account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL |
| OL09-00-003022 - OL 9 must log username information when unsuccessful logon attempts occur. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL |
| OL09-00-003030 - OL 9 must automatically expire temporary accounts within 72 hours. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL |
| OL09-00-003065 - OL 9 must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL |
| OL09-00-003070 - OL 9 must enforce a delay of at least four seconds between logon prompts following a failed logon attempt. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-005020 - OL 9 must encrypt the transfer of audit records offloaded onto a different system or media from the system being audited via rsyslog. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-005025 - OL 9 must encrypt via the gtls driver the transfer of audit records offloaded onto a different system or media from the system being audited via rsyslog. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-006003 - OL 9 systems using Domain Name Servers (DNS) resolution must have at least two name servers configured. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-006025 - OL 9 must prevent IPv4 Internet Control Message Protocol (ICMP) redirect messages from being accepted. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-006032 - OL 9 must not send Internet Control Message Protocol (ICMP) redirects. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-006033 - OL 9 must not allow interfaces to perform Internet Control Message Protocol (ICMP) redirects by default. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-006046 - OL 9 must not forward IPv6 source-routed packets by default. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-006050 - OL 9 must be configured to use TCP syncookies. | DISA Oracle Linux 9 STIG v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
