| AIX7-00-001007 - If AIX is using LDAP for authentication or account information, the /etc/ldap.conf file (or equivalent) must not contain passwords. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-001120 - AIX must enforce password complexity by requiring that at least one upper-case character be used. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-001121 - AIX must enforce password complexity by requiring that at least one lower-case character be used. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-001122 - AIX must enforce password complexity by requiring that at least one numeric character be used. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-001123 - AIX must require the change of at least 50% of the total number of characters when passwords are changed. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-001128 - AIX must use Loadable Password Algorithm (LPA) password hashing algorithm. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-001129 - AIX must enforce a minimum 15-character password length. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-003022 - AIX must disable trivial file transfer protocol. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AS24-U1-000520 - The Apache web server must generate a session ID using as much of the character set as possible to reduce the risk of brute force. | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000520 - The Apache web server must generate a session ID using as much of the character set as possible to reduce the risk of brute force. | DISA STIG Apache Server 2.4 Unix Server v3r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-000620 - The Cisco router must only store cryptographic representations of passwords. | DISA Cisco IOS Router NDM STIG v3r4 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-000620 - The Cisco switch must only store cryptographic representations of passwords. | DISA STIG Cisco IOS XE Switch NDM v3r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| ESXI-80-000133 - The ESXi Image Profile and vSphere Installation Bundle (VIB) acceptance level must be verified. | DISA VMware vSphere 8.0 ESXi STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| ESXI5-VM-000001 - The system must control virtual machine access to host resources - 'Memory limit' | DISA STIG VMWare ESXi 5 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| ESXI5-VM-000001 - The system must control virtual machine access to host resources - 'Memory reservation' | DISA STIG VMWare ESXi 5 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| ESXI5-VM-000001 - The system must control virtual machine access to host resources - 'Memory share' | DISA STIG VMWare ESXi 5 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| ESXI5-VM-000007 - The system must disable virtual disk shrinking. | DISA STIG VMWare ESXi 5 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| ESXI5-VM-000010 - The system must not use independent, non-persistent disks. | DISA STIG VMWare ESXi 5 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| GEN000000-LNX00320 - The system must not have special privilege accounts, such as shutdown and halt - /etc/passwd reboot' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| GEN000100 - The operating system must be a supported release. | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| GEN004220 - Administrative accounts must not run a web browser, except as needed for local service administration. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN004400 - Files executed through a mail aliases file must be owned by root and must reside within a directory owned and writable only by root. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN004600 - The SMTP service must be an up-to-date version - 'postfix' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| GEN004640 - The SMTP service must not have a uudecode alias active - '/etc/aliases' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| GEN004640 - The SMTP service must not have a uudecode alias active - '/usr/lib/aliases' | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| GEN005000 - Anonymous FTP accounts must not have a functional shell. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN005100 - The TFTP daemon must have mode 0755 or less permissive. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN005140 - Any active TFTP daemon must be authorized and approved in the system accreditation package. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN005200 - X displays must not be exported to the world. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN005300 - SNMP communities, users, and passphrases must be changed from the default. | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| GEN008600-ESXI5-000050 - The system must be configured to only boot from the system boot device. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| JUSX-VN-000005 - The Juniper SRX Services Gateway VPN must use AES encryption for the IPsec proposal to protect the confidentiality of remote access sessions. | DISA Juniper SRX Services Gateway VPN v3r1 | Juniper | ACCESS CONTROL |
| JUSX-VN-000006 - The Juniper SRX Services Gateway VPN must use AES encryption for the Internet Key Exchange (IKE) proposal to protect the confidentiality of remote access sessions. | DISA Juniper SRX Services Gateway VPN v3r1 | Juniper | ACCESS CONTROL |
| O121-C2-014600 - The DBMS must support organizational requirements to enforce password encryption for storage. | DISA STIG Oracle 12c v3r2 Windows | Windows | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-020060 - The Oracle Linux operating system must prevent the installation of software, patches, service packs, device drivers, or operating system components of local packages without verification they have been digitally signed using a certificate that is issued by a Certificate Authority (CA) that is recognized and approved by the organization - CA that is recognized and approved by the organization. | DISA Oracle Linux 7 STIG v3r2 | Unix | CONFIGURATION MANAGEMENT |
| SQL6-D0-007900 - If DBMS authentication using passwords is employed, SQL Server must enforce the DOD standards for password complexity and lifetime. | DISA STIG SQL Server 2016 Instance DB Audit v3r4 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| SRG-OS-000033-ESXI5 - The operating system must use cryptography to protect the confidentiality of remote access sessions. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | ACCESS CONTROL |
| SRG-OS-000090-ESXI5 - The system must verify the integrity of the installation media before installing ESXi. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| SRG-OS-000095-ESXI5 - Inetd and xinetd must be disabled or removed if no network services utilizing them are enabled. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| SRG-OS-000112-ESXI5 - The SSH daemon must be configured to only use the SSHv2 protocol. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| SRG-OS-000113-ESXI5 - The operating system must use organization-defined replay-resistant authentication mechanisms for network access to non-privileged accounts. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| SRG-OS-000193-ESXI5 - The Image Profile and VIB Acceptance Levels must be verified. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| SRG-OS-000248-ESXI5 - There must be no .rhosts or hosts.equiv files on the system. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| TCAT-AS-000630 - TLS must be enabled on JMX. | DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WN10-AC-000045 - Reversible password encryption must be disabled. | DISA Microsoft Windows 10 STIG v3r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN10-CC-000315 - The Windows Installer Always install with elevated privileges must be disabled. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN10-SO-000195 - The system must be configured to prevent the storage of the LAN Manager hash of passwords. | DISA Microsoft Windows 10 STIG v3r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-AC-000090 - Windows Server 2019 reversible password encryption must be disabled. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-CC-000430 - Windows Server 2019 must disable the Windows Installer Always install with elevated privileges option. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN19-SO-000300 - Windows Server 2019 must be configured to prevent the storage of the LAN Manager hash of passwords. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
