Item Search

NameAudit NamePluginCategory
AADC-CL-000280 - Adobe Acrobat Pro DC Classic access to unknown websites must be restricted.DISA STIG Adobe Acrobat Pro DC Classic Track v2r1Windows

CONFIGURATION MANAGEMENT

AADC-CL-000285 - Adobe Acrobat Pro DC Classic access to websites must be blocked.DISA STIG Adobe Acrobat Pro DC Classic Track v2r1Windows

CONFIGURATION MANAGEMENT

AADC-CN-000285 - Adobe Acrobat Pro DC Continuous access to websites must be blocked.DISA STIG Adobe Acrobat Pro DC Continuous Track v2r1Windows

CONFIGURATION MANAGEMENT

AADC-CN-001295 - Adobe Acrobat Pro DC Continuous Repair Installation must be disabled.DISA STIG Adobe Acrobat Pro DC Continuous Track v2r1Windows

CONFIGURATION MANAGEMENT

ARDC-CL-000120 - Adobe Reader DC must disable Service Upgrades.DISA STIG Adobe Acrobat Reader DC Classic Track v2r1Windows

CONFIGURATION MANAGEMENT

AS24-W1-000950 - The Apache web server must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs.DISA STIG Apache Server 2.4 Windows Server v2r3Windows

CONFIGURATION MANAGEMENT

CISC-RT-000200 - The Cisco switch must be configured to log all packets that have been dropped at interfaces via an access control list (ACL).DISA STIG Cisco IOS Switch RTR v3r1Cisco

AUDIT AND ACCOUNTABILITY

CISC-RT-000570 - The Cisco BGP router must be configured to limit the prefix size on any inbound route advertisement to /24, or the least significant prefixes issued to the customer.DISA STIG Cisco IOS XE Router RTR v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000580 - The Cisco BGP router must be configured to use its loopback address as the source address for iBGP peering sessions.DISA STIG Cisco IOS XE Router RTR v3r2Cisco

CONTINGENCY PLANNING

CISC-RT-000820 - The Cisco multicast Rendezvous Point (RP) router must be configured to filter Protocol Independent Multicast (PIM) Join messages received from the Designated Router (DR) for any undesirable multicast groups.DISA STIG Cisco IOS-XR Router RTR v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000820 - The Cisco multicast Rendezvous Point (RP) router must be configured to limit the multicast forwarding cache so that its resources are not saturated by managing an overwhelming number of Protocol Independent Multicast (PIM) and Multicast Source Discovery Protocol (MSDP) source-active entries.DISA STIG Cisco IOS XE Router RTR v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000830 - The Cisco multicast Rendezvous Point (RP) router must be configured to filter Protocol Independent Multicast (PIM) Register messages received from the Designated Router (DR) for any undesirable multicast groups and sources.DISA STIG Cisco IOS XE Router RTR v3r2Cisco

ACCESS CONTROL

CISC-RT-000920 - The Cisco Multicast Source Discovery Protocol (MSDP) router must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources.DISA STIG Cisco IOS-XR Router RTR v3r2Cisco

ACCESS CONTROL

CISC-RT-000920 - The Cisco Multicast Source Discovery Protocol (MSDP) router must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources.DISA STIG Cisco IOS XE Router RTR v3r2Cisco

ACCESS CONTROL

CISC-RT-000920 - The Cisco Multicast Source Discovery Protocol (MSDP) switch must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources.DISA STIG Cisco IOS XE Switch RTR v3r1Cisco

ACCESS CONTROL

CISC-RT-000930 - The Cisco Multicast Source Discovery Protocol (MSDP) switch must be configured to filter source-active multicast advertisements to external MSDP peers to avoid global visibility of local-only multicast sources and groups.DISA STIG Cisco IOS XE Switch RTR v3r1Cisco

ACCESS CONTROL

IIST-SV-000210 - HTTPAPI Server version must be removed from the HTTP Response Header information.DISA IIS 10.0 Server v2r10Windows

SYSTEM AND INFORMATION INTEGRITY

JUNI-RT-000060 - The Juniper router must be configured to have all inactive interfaces disabled.DISA STIG Juniper Router RTR v3r2Juniper

ACCESS CONTROL

JUNI-RT-000230 - The Juniper router must be configured to disable the auxiliary port unless it is connected to a secured modem providing encryption and authentication.DISA STIG Juniper Router RTR v3r2Juniper

ACCESS CONTROL

PANW-NM-000029 - The Palo Alto Networks security platform must produce audit log records containing information (FQDN, unique hostname, management IP address) to establish the source of eventsDISA STIG Palo Alto NDM v3r2Palo_Alto

AUDIT AND ACCOUNTABILITY

SLES-12-010120 - The SUSE operating system must limit the number of concurrent sessions to 10 for all accounts and/or account types.DISA SLES 12 STIG v3r2Unix

ACCESS CONTROL

SLES-12-010530 - The SUSE operating system file integrity tool must be configured to verify extended attributes.DISA SLES 12 STIG v3r2Unix

CONFIGURATION MANAGEMENT

SLES-12-010850 - A separate file system must be used for SUSE operating system user home directories (such as /home or an equivalent).DISA SLES 12 STIG v3r2Unix

CONFIGURATION MANAGEMENT

UBTU-18-010032 - The Ubuntu operating system must display the date and time of the last successful account logon upon logon.DISA STIG Ubuntu 18.04 LTS v2r15Unix

ACCESS CONTROL

UBTU-18-010314 - The Ubuntu operating system must allocate audit record storage capacity to store at least one weeks worth of audit records, when audit records are not immediately sent to a central audit record storage facility.DISA STIG Ubuntu 18.04 LTS v2r15Unix

AUDIT AND ACCOUNTABILITY

UBTU-18-010503 - The Ubuntu operating system must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT).DISA STIG Ubuntu 18.04 LTS v2r15Unix

AUDIT AND ACCOUNTABILITY

WN10-CC-000030 - The system must be configured to prevent Internet Control Message Protocol (ICMP) redirects from overriding Open Shortest Path First (OSPF) generated routes.DISA Microsoft Windows 10 STIG v3r4Windows

CONFIGURATION MANAGEMENT

WN10-CC-000197 - Microsoft consumer experiences must be turned off.DISA Microsoft Windows 10 STIG v3r4Windows

CONFIGURATION MANAGEMENT

WN10-SO-000050 - The computer account password must not be prevented from being reset.DISA Microsoft Windows 10 STIG v3r4Windows

CONFIGURATION MANAGEMENT

WN12-00-000014 - System-level information must be backed up in accordance with local recovery time and recovery point objectives.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-00-000014 - System-level information must be backed up in accordance with local recovery time and recovery point objectives.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-CC-000006 - All Direct Access traffic must be routed through the internal network.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-CC-000020 - An Error Report must not be sent when a generic device driver is installed.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-CC-000062 - Remote Assistance log files must be generated.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-CC-000067 - Access to Windows Online Troubleshooting Service (WOTS) must be prevented.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-CC-000070 - Trusted app installation must be enabled to allow for signed enterprise line of business apps.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-CC-000121 - Users must not be presented with Privacy and Installation options on first use of Windows Media Player.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-GE-000014 - Outdated or unused accounts must be removed from the system or disabled.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

IDENTIFICATION AND AUTHENTICATION

WN12-SO-000016 - The maximum age for machine account passwords must be set to requirements.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-SO-000018 - The system must be configured to prevent the display of the last username on the logon screen.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-SO-000025 - Users must be warned in advance of their passwords expiring.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-SO-000037 - IPv6 source routing must be configured to the highest protection level.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-SO-000044 - The system must be configured to disable the Internet Router Discovery Protocol (IRDP).DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN12-SO-000047 - IPv6 TCP data retransmissions must be configured to prevent resources from becoming exhausted.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN12-UC-000006 - Toast notifications to the lock screen must be turned off.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN16-00-000470 - Secure Boot must be enabled on Windows Server 2016 systems.DISA Microsoft Windows Server 2016 STIG v2r10Windows

CONFIGURATION MANAGEMENT

WN19-00-000180 - Windows Server 2019 non-administrative accounts or groups must only have print permissions on printer shares.DISA Microsoft Windows Server 2019 STIG v3r4Windows

ACCESS CONTROL

WN19-CC-000260 - Windows Server 2019 Windows Update must not obtain updates from other PCs on the Internet.DISA Microsoft Windows Server 2019 STIG v3r4Windows

CONFIGURATION MANAGEMENT

WNFWA-000011 - Windows Defender Firewall with Advanced Security must log successful connections when connected to a domain.DISA Microsoft Windows Firewall v2r2Windows

AUDIT AND ACCOUNTABILITY

WNFWA-000029 - Windows Defender Firewall with Advanced Security must log successful connections when connected to a public network.DISA Microsoft Windows Firewall v2r2Windows

AUDIT AND ACCOUNTABILITY