| 18.9.24.5 (L1) Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - OIS.EXE | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 (L1) Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - WINWORD.EXE | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| DTOO126 - Add-on Management functionality must be allowed. | DISA STIG Microsoft OneNote 2013 v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO132 - File Downloads must be configured for proper restrictions. | DISA STIG Microsoft OneNote 2013 v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO209 - Protection from zone elevation must be enforced. | DISA STIG Microsoft OneNote 2013 v1r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO999-Groove - The version of Groove running on the system must be a supported version. | DISA STIG Microsoft Groove 2013 v1r4 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| FGFW-ND-000020 - The FortiGate device must automatically audit account removal actions | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | ACCESS CONTROL |
| FGFW-ND-000030 - The FortiGate device must have only one local account to be used as the account of last resort in the event the authentication server is unavailable. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | ACCESS CONTROL |
| FGFW-ND-000065 - The FortiGate device must generate audit records when successful/unsuccessful attempts to modify administrator privileges occur | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000075 - The FortiGate device must generate audit records when successful/unsuccessful logon attempts occur | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY |
| FGFW-ND-000155 - The FortiGate device must limit privileges to change the software resident within software libraries. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT |
| FGFW-ND-000175 - The FortiGate device must generate log records for a locally developed list of auditable events | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| FGFW-ND-000180 - The FortiGate device must conduct backups of system-level information contained in the information system when changes occur. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING |
| FGFW-ND-000215 - The FortiGate device must authenticate Network Time Protocol (NTP) sources using authentication that is cryptographically based. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000225 - The FortiGate device must enforce password complexity by requiring that at least one uppercase character be used. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000280 - The FortiGate device must generate unique session identifiers using a FIPS 140-2-approved random number generator. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
| FGFW-ND-000295 - The FortiGate device must be configured to send log data to a central log server for the purpose of forwarding alerts to the administrators and the ISSO. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| OL09-00-000006 - OL 9 must use a separate file system for /var/log. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000010 - OL 9 must be a vendor supported release. | DISA Oracle Linux 9 STIG v1r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OL09-00-000020 - OL 9 must be configured so that the graphical display manager is not the default target unless approved. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000042 - OL 9 must be configured to disable the FireWire kernel module. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000044 - OL 9 must disable the Transparent Inter Process Communication (TIPC) kernel module. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000140 - OL 9 must not have the quagga package installed. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000232 - OL 9 must restrict privilege elevation to authorized personnel. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000244 - OL 9 cryptographic policy files must match files shipped with the operating system. | DISA Oracle Linux 9 STIG v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL09-00-000252 - The OL 9 SSH daemon must be configured to use systemwide cryptographic policies. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL |
| OL09-00-000255 - OL 9 SSH server must be configured to use only Message Authentication Codes (MACs) employing FIPS 140-3 validated cryptographic hash algorithms to protect the confidentiality of SSH server connections. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL |
| OL09-00-000261 - OL 9 SSH client must be configured to use only DOD-approved encryption ciphers employing FIPS 140-3 validated cryptographic hash algorithms to protect the confidentiality of SSH client connections. | DISA Oracle Linux 9 STIG v1r4 | Unix | ACCESS CONTROL |
| OL09-00-000286 - OL 9 must use the SSSD package for multifactor authentication services. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-000304 - OL 9 must be configured so that the file integrity tool verifies extended attributes. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000401 - OL 9 must be configured so that the pcscd service is active. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-000499 - OL 9 must ensure cryptographic verification of vendor software packages. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000545 - OL 9 must audit all uses of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000550 - OL 9 must audit all uses of the chage command. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000580 - OL 9 must audit all uses of the newgrp command. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000630 - OL 9 must audit all uses of the mount command. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000665 - OL 9 must audit all uses of the chacl command. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OL09-00-000710 - OL 9 must use cryptographic mechanisms to protect the integrity of audit tools. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000735 - OL 9 must be configured so that successful/unsuccessful uses of the poweroff command generate an audit record. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000740 - OL 9 must be configured so that successful/unsuccessful uses of the reboot command generate an audit record. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000790 - OL 9 audit log directory must be owned by root to prevent unauthorized read access. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| OL09-00-000810 - OL 9 /etc/audit/auditd.conf file must have 0640 or less permissive to prevent unauthorized access. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000855 - OL 9 must be configured to offload audit records onto a different system from the system being audited via syslog. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000865 - OL 9 must take action when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity. | DISA Oracle Linux 9 STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000925 - OL 9 must enable certificate-based smart card authentication. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-000930 - OL 9 must implement certificate status checking for multifactor authentication (MFA). | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-001000 - OL 9 must ensure the password complexity module is enabled in the system-auth file. | DISA Oracle Linux 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-001025 - OL 9 must require the change of at least eight characters when passwords are changed. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-001045 - OL 9 must enforce password complexity rules for the root account. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-001050 - OL 9 must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords. | DISA Oracle Linux 9 STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
