| AIOS-17-010500 - Apple iOS/iPadOS 17 must implement the management setting: limit Ad Tracking. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-010500 - Apple iOS/iPadOS 17 must implement the management setting: limit Ad Tracking. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-010800 - Apple iOS/iPadOS 17 must implement the management setting: not allow use of Handoff. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-010800 - Apple iOS/iPadOS 17 must implement the management setting: not allow use of Handoff. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-010850 - Apple iOS/iPadOS 17 must implement the management setting: not allow use of iPhone widgets on Mac. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| DTBC-0068 - Chrome development tools must be disabled. | DISA STIG Google Chrome v2r9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| ESXI-67-000030 - The ESXi host must produce audit records containing information to establish what type of events occurred. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | AUDIT AND ACCOUNTABILITY |
| EX13-CA-000050 - Exchange must have Audit record parameters set. | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| EX13-MB-000130 - The Exchange Public Folder database must not be overwritten by a restore. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-MB-000140 - The Exchange Mailbox database must not be overwritten by a restore. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-MB-000275 - The Exchange Receive connector timeout must be limited. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | ACCESS CONTROL |
| GEN000000-LNX00720 - Auditing must be enabled at boot by setting a kernel parameter. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN000000-LNX00800 - The system must use a Linux Security Module configured to limit the privileges of system services - 'SELINUX = enforcing' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT |
| GEN000850 - The system must restrict the ability to switch to the root user to members of a defined group - roles=root | DISA STIG Solaris 10 X86 v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN002750 - The audit system must be configured to audit account creation - 'groupadd' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN002750 - The audit system must be configured to audit account creation - 'gshadow' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN002750 - The audit system must be configured to audit account creation - naflags +ua and -ua | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN002752 - The audit system must be configured to audit account disabling - naflags +ua and -ua | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - 'userdel' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - flags +ua and -ua | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - flags ua | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - naflags ua | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN002870 - The system must be configured to send audit records to a remote audit server - NFS | DISA STIG Solaris 10 SPARC v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002870 - The system must be configured to send audit records to a remote audit server - SYSLOG | DISA STIG Solaris 10 SPARC v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents - config | DISA STIG Solaris 10 X86 v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents - config | DISA STIG Solaris 10 SPARC v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents - used | DISA STIG Solaris 10 X86 v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN008800 - The system package management tool must cryptographically verify the authenticity of software packages during installation. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN008820 - The system package management tool must not automatically obtain updates - /var/spool/cron/atjobs/* | DISA STIG Solaris 10 X86 v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN008820 - The system package management tool must not automatically obtain updates - /var/spool/cron/crontabs/* | DISA STIG Solaris 10 SPARC v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GOOG-09-003400 - The Google Android Pie must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device. | MobileIron - DISA Google Android 9.x v2r1 | MDM | ACCESS CONTROL |
| JRE8-WN-000060 - Oracle JRE 8 must default to the most secure built-in setting - deployment.security.level.locked | DISA STIG Oracle JRE 8 Windows v2r1 | Windows | CONFIGURATION MANAGEMENT |
| OL6-00-000002 - The system must use a separate file system for /var. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000009 - The Red Hat Network Service (rhnsd) service must not be running, unless it is being used to query the Oracle Unbreakable Linux Network for updates and information - CHKCONFIG | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000009 - The Red Hat Network Service (rhnsd) service must not be running, unless it is being used to query the Oracle Unbreakable Linux Network for updates and information - PROCESS_CHECK | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000092 - The system must not respond to ICMPv4 sent to a broadcast address. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000165 - The audit system must be configured to audit all attempts to alter system time through adjtimex - b32 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000165 - The audit system must be configured to audit all attempts to alter system time through adjtimex - b64 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000167 - The audit system must be configured to audit all attempts to alter system time through settimeofday - b32 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000167 - The audit system must be configured to audit all attempts to alter system time through settimeofday - b64 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000169 - The audit system must be configured to audit all attempts to alter system time through stime - b32 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000190 - The audit system must be configured to audit all discretionary access control permission modifications using setxattr, lsetxattr, fsetxattr, removexattr, lremovexattr, and fremovexattr - b64 auid=0 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000197 - The audit system must be configured to audit failed attempts to access files and programs - b32 EACCES auid>=500 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-212050 - RHEL 9 must enable mitigations against processor-based vulnerabilities. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| SQL4-00-010200 - SQL Server default account [sa] must have its name changed. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| UBTU-24-200610 - Ubuntu 24.04 LTS must automatically lock an account until the locked account is released by an administrator when three unsuccessful logon attempts have been made. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | ACCESS CONTROL |
| WBSP-AS-001480 - The WebSphere Application servers with an RMF categorization of high must be in a high-availability (HA) cluster. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-DC-000160 - Windows Server 2022 directory service must be configured to terminate LDAP-based network connections to the directory server after five minutes of inactivity. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| WNFWA-000010 - Windows Defender Firewall with Advanced Security must log dropped packets when connected to a domain. | DISA Microsoft Windows Firewall v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WNFWA-000017 - Windows Defender Firewall with Advanced Security log size must be configured for private network connections. | DISA Microsoft Windows Firewall v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
