| 4.8 Restrict access to Tomcat catalina.properties | CIS Apache Tomcat 11 v1.0.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 18.9.24.5 (L1) Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - Acrobat.exe | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 (L1) Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - AcroRd32.exe | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - AcroRd32.exe | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - javaw.exe | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - MSACCESS.exe | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - MSACCESS.exe | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - MSPUB.exe | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - OUTLOOK.exe | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - PPTVIEW.EXE | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - VPREVIEW.EXE | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| GOOG-12-006000 - Google Android 12 must be configured to enforce a minimum password length of six characters. | AirWatch - DISA Google Android 12 COBO v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-12-006000 - Google Android 12 must be configured to enforce a minimum password length of six characters. | MobileIron - DISA Google Android 12 COBO v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-14-006000 - Google Android 14 must be configured to enforce a minimum password length of six characters. | MobileIron - DISA Google Android 14 COPE STIG v2r3 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-16-006000 - Google Android 16 must be configured to enforce a minimum password length of six characters. | MobileIron - DISA Google Android 16 COPE STIG v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-002354 - OL 9 SSH daemon must prevent remote hosts from connecting to the proxy display. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002355 - OL 9 SSH daemon must not allow compression or must only allow compression after successful authentication. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002357 - OL 9 must not allow a noncertificate trusted host SSH logon to the system. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002364 - OL 9 must not be configured to bypass password requirements for privilege escalation. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL |
| OL09-00-002370 - OL 9 must disable the use of user namespaces. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002390 - OL 9 must clear SLUB/SLAB objects to prevent use-after-free attacks. | DISA Oracle Linux 9 STIG v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| OL09-00-002392 - OL 9 must disable the ability of systemd to spawn an interactive boot process. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002402 - OL 9 must enable kernel parameters to enforce discretionary access control on symlinks. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL |
| OL09-00-002405 - OL 9 must have mail aliases to notify the information system security officer (ISSO) and system administrator (SA) (at a minimum) in the event of an audit processing failure. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-002413 - OL 9 must be configured so that the x86 Ctrl-Alt-Delete key sequence is disabled. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL |
| OL09-00-002419 - OL 9 file systems must not contain shosts.equiv files. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002426 - OL 9 Trivial File Transfer Protocol (TFTP) daemon must be configured to operate in secure mode if the TFTP server is required. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002430 - OL 9 must enable hardening for the Berkeley Packet Filter (BPF) just-in-time compiler. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002510 - OL 9 must be configured so that a sticky bit must be set on all public directories. | DISA Oracle Linux 9 STIG v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL09-00-002512 - OL 9 local files and directories must have a valid owner. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002514 - OL 9 local interactive user home directories must be group-owned by the home directory owner's primary group. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002521 - OL 9 library directories must be owned by root. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002523 - OL 9 library files must be group owned by root or a system account. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002532 - OL 9 /etc/group file must be group-owned by root. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002537 - OL 9 /etc/group- file must have mode 0644 or less permissive to prevent unauthorized access. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002542 - OL 9 /etc/gshadow file must have mode 0000 or less permissive to prevent unauthorized access. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002546 - OL 9 /etc/passwd file must be owned by root. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002562 - OL 9 /var/log directory must have mode 0755 or less permissive. | DISA Oracle Linux 9 STIG v1r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OL09-00-003001 - OL 9 duplicate User IDs (UIDs) must not exist for interactive users. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| OL09-00-003002 - OL 9 local interactive users must have a home directory assigned in the /etc/passwd file. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-003010 - OL 9 must configure SELinux context type to allow the use of a nondefault faillock tally directory. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL |
| OL09-00-003050 - OL 9 local interactive user home directories defined in the /etc/passwd file must exist. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-006010 - OL 9 must not have unauthorized IP tunnels configured. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-006023 - OL 9 must log IPv4 packets with impossible addresses by default. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-006024 - OL 9 must use reverse path filtering on all IPv4 interfaces. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-006042 - OL 9 must not forward IPv6 source-routed packets. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-006043 - OL 9 must not enable IPv6 packet forwarding unless the system is a router. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-006044 - OL 9 must not accept router advertisements on all IPv6 interfaces by default. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-008000 - OL 9 audit system must protect logon UIDs from unauthorized change. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-900140 - OL 9 must only allow the use of DOD PKI-established certificate authorities for authentication in the establishment of protected sessions to OL 9. | DISA Oracle Linux 9 STIG v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
