| 1.001 - Physical security of the Automated Information System (AIS) does not meet DISA requirements. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| DTOO218 - Outlook - Level of calendar details that a user can publish must be restricted. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO221 - Outlook - Junk Mail UI must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO224 - Outlook - Recipients of sent email must be unable to be added to the safe sender's list. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO226 - Outlook - Dial-up and Hang up Options for Outlook must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO229 - Outlook - Outlook must be enforced as the default email, calendar, and contacts program. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO230 - Outlook - Folders in non-default stores, set as folder home pages, must be disallowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO270 - Outlook - External content and pictures in HTML eMail must be displayed. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO282 - Outlook - RSS Feeds must be disallowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO314 - Outlook - Default message format must be set to use Plain Text. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO425 - Text in Outlook that represents Internet and network paths must not be automatically turned into hyperlinks. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| GEN003320 - System accounts must not be listed in at.allow or must be included in at.deny - 'uucp' - at.deny | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003360 - The at daemon must not execute group-writable or world-writable programs. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003510 - Kernel core dumps must be disabled unless needed - 'secondary dump device' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN003600 - The system must not forward IPv4 source-routed packets. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003720 - The inetd.conf file, xinetd.conf file, and the xinetd.d directory must be owned by root or bin - 'xinetd.d' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003740 - The inetd.conf and xinetd.conf files must have mode 0440 or less permissive - 'inetd.conf' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003760 - The services file must be owned by root or bin. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003780 - The services file must have mode 0444 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003865 - Network analysis tools must not be installed - 'tcpdump' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN003920 - The hosts.lpd (or equivalent) file must be owned by root, bin, sys, or lp | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003940 - The hosts.lpd (or equivalent) must have mode 0644 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN004840 - If the system is an anonymous FTP server, it must be isolated to the DMZ network. | DISA STIG AIX 5.3 v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN005180 - All .Xauthority files must have mode 0600 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005320 - The snmpd.conf file must have mode 0600 or less permissive - '/etc/snmpd.conf' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005350 - Management Information Base (MIB) files must not have extended ACLs. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005375 - The snmpd.conf file must not have an extended ACL - '/etc/snmpdv3.conf' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005395 - The /etc/syslog.conf file must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005506 - The SSH daemon must be configured to not use Cipher-Block Chaining (CBC) ciphers. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005521 - The SSH daemon must restrict login ability to specific users and/or groups. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005539 - The SSH daemon must not allow compression or must only allow compression after successful authentication. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005550 - The SSH daemon must be configured with the Department of Defense (DoD) logon banner - 'Banner file contents' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005570 - The system must be configured with a default gateway for IPv6 if the system uses IPv6, unless the system is a router. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005610 - The system must not have IP forwarding for IPv6 enabled, unless the system is an IPv6 router. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005800 - All NFS-exported system files and system directories must be owned by root. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005810 - All NFS-exported system files and system directories must be group-owned by root, bin, sys, or system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN005840 - The NFS server must be configured to restrict file system access to local hosts - 'Exports containing rw should be reviewed' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN006120 - The /usr/lib/smb.conf file must be group-owned by bin, sys, or system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006200 - The /var/private/smbpasswd file must have mode 0600 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006260 - The /etc/news/hosts.nntp (or equivalent) must have mode 0600 or less permissive. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006330 - The /etc/news/passwd.nntp file must not have an extended ACL. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006420 - NIS maps must be protected through hard-to-guess domain names. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN006600 - The system's access control program must log each system access attempt - 'auth.info' | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN006640 - The system must use and update a DoD-approved virus scan program - 'names.dat' - update date | DISA STIG AIX 5.3 v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN006640 - The system must use and update a DoD-approved virus scan program - 'uvscan exists in crontabs' | DISA STIG AIX 5.3 v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN007720 - The IPv6 protocol handler must be prevented from dynamic loading unless needed. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007840 - The DHCP client must be disabled if not needed. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN007850 - The DHCP client must not send dynamic DNS updates - 'updateDNS exists in /etc/dhcpc.opt' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN008120 - If the system is using LDAP the /etc/ldap.conf file must not have an extended ACL | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN008180 - The TLS certificate authority file must have mode 0644 (0755 for directories) or less permissive | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
