| AIOS-02-080102 - Apple iOS must implement the management setting: not allow use of Handoff. | AirWatch - DISA Apple iOS 10 v1r3 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-12-000200 - Apple iOS must be configured to not allow passwords that include more than two repeating or sequential characters. | AirWatch - DISA Apple iOS 12 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-13-000400 - Apple iOS/iPadOS must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Apple iOS/iPadOS 13 v2r1 | MDM | ACCESS CONTROL |
| AIOS-13-011100 - Apple iOS/iPadOS must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device for the first time. | MobileIron - DISA Apple iOS/iPadOS 13 v2r1 | MDM | ACCESS CONTROL |
| AIOS-13-012100 - Apple iOS/iPadOS must implement the management setting: force Apple Watch wrist detection. | MobileIron - DISA Apple iOS/iPadOS 13 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-001000 - Apple iOS/iPadOS 15 must provide the capability for the Administrator (MDM) to perform the following management function: enable/disable VPN protection across the device and [selection: other methods]. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-712300 - Apple iOS/iPadOS 16 must not allow managed apps to write contacts to unmanaged contacts accounts. | AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-011600 - Apple iOS/iPadOS 17 must implement the management setting: not have any Family Members in Family Sharing. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| AOSX-15-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization - DisabledPreferencePanes | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-13-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization. | DISA STIG Apple macOS 13 v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-L2-000160 - The Cisco switch must have Storm Control configured on all host-facing switchports. | DISA STIG Cisco IOS Switch L2S v3r1 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-L2-000170 - The Cisco switch must have IGMP or MLD Snooping configured on all VLANs. | DISA STIG Cisco IOS XE Switch L2S v3r1 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-RT-000070 - The Cisco router must be configured to have all non-essential capabilities disabled. | DISA STIG Cisco IOS-XR Router RTR v3r2 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-RT-000200 - The Cisco router must be configured to log all packets that have been dropped at interfaces via ACL. | DISA STIG Cisco IOS-XR Router RTR v3r2 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-RT-000200 - The Cisco switch must be configured to log all packets that have been dropped at interfaces via an access control list (ACL). | DISA STIG Cisco IOS Switch RTR v3r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-RT-000570 - The Cisco BGP router must be configured to limit the prefix size on any inbound route advertisement to /24, or the least significant prefixes issued to the customer. | DISA STIG Cisco IOS XE Router RTR v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000580 - The Cisco BGP router must be configured to use its loopback address as the source address for iBGP peering sessions. | DISA STIG Cisco IOS XE Router RTR v3r2 | Cisco | CONTINGENCY PLANNING |
| CISC-RT-000690 - The Cisco PE router must be configured to enforce the split-horizon rule for all pseudowires within a Virtual Private LAN Services (VPLS) bridge domain. | DISA STIG Cisco IOS-XR Router RTR v3r2 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-RT-000820 - The Cisco multicast Rendezvous Point (RP) router must be configured to filter Protocol Independent Multicast (PIM) Join messages received from the Designated Router (DR) for any undesirable multicast groups. | DISA STIG Cisco IOS-XR Router RTR v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000820 - The Cisco multicast Rendezvous Point (RP) router must be configured to limit the multicast forwarding cache so that its resources are not saturated by managing an overwhelming number of Protocol Independent Multicast (PIM) and Multicast Source Discovery Protocol (MSDP) source-active entries. | DISA STIG Cisco IOS XE Router RTR v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000920 - The Cisco Multicast Source Discovery Protocol (MSDP) router must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources. | DISA STIG Cisco IOS-XR Router RTR v3r2 | Cisco | ACCESS CONTROL |
| JUSX-DM-000001 - The Juniper SRX Services Gateway must limit the number of concurrent sessions to a maximum of 10 or less for remote access using SSH. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | ACCESS CONTROL |
| JUSX-DM-000040 - The Juniper SRX Services Gateway must generate log records when successful attempts to configure the device and use commands occur. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUSX-DM-000046 - The Juniper SRX Services Gateway must generate log records when concurrent logons from different workstations occur. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000182 - The audit system must be configured to audit modifications to the systems network configuration - /etc/hosts | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000182 - The audit system must be configured to audit modifications to the systems network configuration - /etc/sysconfig/network | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000183 - The audit system must be configured to audit modifications to the systems Mandatory Access Control (MAC) configuration (SELinux). | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000185 - The audit system must be configured to audit all discretionary access control permission modifications using chown - auid>=500 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000187 - The audit system must be configured to audit all discretionary access control permission modifications using fchmodat - auid>=500 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000188 - The audit system must be configured to audit all discretionary access control permission modifications using fchown - auid>=500 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000189 - The audit system must be configured to audit all discretionary access control permission modifications using fchownat - auid>=500 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000190 - The audit system must be configured to audit all discretionary access control permission modifications using fremovexattr - auid=0 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000190 - The audit system must be configured to audit all discretionary access control permission modifications using fremovexattr - auid>=500 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000191 - The audit system must be configured to audit all discretionary access control permission modifications using fsetxattr - auid=0 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000193 - The audit system must be configured to audit all discretionary access control permission modifications using lremovexattr - auid=0 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000193 - The audit system must be configured to audit all discretionary access control permission modifications using lremovexattr - auid=0 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000193 - The audit system must be configured to audit all discretionary access control permission modifications using lremovexattr - auid>=500 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000200 - The audit system must be configured to audit user deletions of files and programs - rmdir 64 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000200 - The audit system must be configured to audit user deletions of files and programs - unlink 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000200 - The audit system must be configured to audit user deletions of files and programs - unlinkat 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000231 - The SSH daemon must set a timeout count on idle sessions. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | MAINTENANCE |
| RHEL-06-000261 - The Automatic Bug Reporting Tool (abrtd) service must not be running - 'PROCESS_CHECK'. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000266 - The oddjobd service must not be running - 'PROCESS_CHECK'. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000294 - All GIDs referenced in /etc/passwd must be defined in /etc/group | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000299 - The system must require passwords to contain no more than three consecutive repeating characters - system-auth. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000335 - The operating system must manage information system identifiers for users and devices by disabling the user identifier after an organization defined time period of inactivity. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000339 - The FTP daemon must be configured for logging or verbose mode - 'xferlog_std_format = no'. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000516 - The system package management tool must verify ownership on all files and directories associated with packages. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000525 - Auditing must be enabled at boot by setting a kernel parameter - UEFI | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-07-021330 - The Red Hat Enterprise Linux operating system must use a separate file system for the system audit data path. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
