| 2.2.4.7.4 Ensure 'Scan encrypted macros in Excel Open XML workbooks' is set to 'Enabled: Scan encrypted macros (default)' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.3.27.16 (L1) Ensure 'Macro Runtime Scan Scope' is set to 'Enabled: Enable for all documents' | CIS Microsoft Intune for Office v1.1.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 2.3.27.16 Ensure 'Macro Runtime Scan Scope' is set to 'Enabled: Enable for all documents' | CIS Microsoft Office Enterprise v1.2.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM149 - McAfee VirusScan Access Protection: Anti-Virus Standard Protection must be set to prevent remote creation of autorun files. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM150 - McAfee VirusScan Access Protection: Anti-Virus Standard Protection must be set to prevent mass mailing worms from sending mail. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTAM151 - McAfee VirusScan Access Protection: Anti-Virus Standard Protection must be set to prevent IRC communication. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTAVSEL-013 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Clean infected files automatically as first action when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-014 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Move infected files to the quarantine directory if first action fails when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-014 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to Quarantine if first action fails when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-100 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to run a scheduled On-Demand scan at least once a week. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-100 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to run a scheduled On-Demand scan at least once a week. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-101 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to decompress archives when scanning. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-103 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find unknown macro viruses. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-104 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to find potentially unwanted programs. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-106 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Clean infected files automatically as first action when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-106 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Clean infected files automatically as first action when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-107 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Move infected files to the quarantine directory if first action fails when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-107 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Move infected files to the quarantine directory if first action fails when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-112 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to decode MIME encoded files. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTBC-0052 - Deletion of browser history must be disabled. | DISA STIG Google Chrome v2r9 | Windows | AUDIT AND ACCOUNTABILITY |
| DTBI760 - Browser must retain history on exit. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | ACCESS CONTROL |
| DTBI760-IE11 - Browser must retain history on exit. | DISA STIG IE 11 v2r5 | Windows | AUDIT AND ACCOUNTABILITY |
| EX16-ED-000720 - The application must configure malicious code protection mechanisms to perform periodic scans of the information system every seven days. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX16-ED-000720 - The application must configure malicious code protection mechanisms to perform periodic scans of the information system every seven days. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| F5BI-AS-000109 - The BIG-IP ASM module must be configured to update malicious code protection mechanisms and signature definitions when providing content filtering to virtual servers for whenever new releases are available in accordance with organizational configuration management policy and procedures. | DISA F5 BIG-IP Application Security Manager STIG v2r2 | F5 | SYSTEM AND INFORMATION INTEGRITY |
| Flaw Remediation - Review version of running image | Tenable Cisco Viptela SD-WAN - vBond | Cisco_Viptela | SYSTEM AND INFORMATION INTEGRITY |
| Flaw Remediation - Review version of running image | Tenable Cisco Viptela SD-WAN - vEdge | Cisco_Viptela | CONFIGURATION MANAGEMENT |
| Flaw Remediation - Review version of running image | Tenable Cisco Viptela SD-WAN - vSmart | Cisco_Viptela | SYSTEM AND INFORMATION INTEGRITY |
| Flaw Remediation - Review version of running image | Tenable Cisco Viptela SD-WAN - vManage | Cisco_Viptela | SYSTEM AND INFORMATION INTEGRITY |
| GEN006640 - The system must use and update a DoD-approved virus scan program - 'clean.dat' | DISA STIG AIX 5.3 v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN006640 - The system must use and update a DoD-approved virus scan program - 'clean.dat' - update date | DISA STIG AIX 5.3 v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN006640 - The system must use and update a DoD-approved virus scan program - 'names.dat' | DISA STIG AIX 5.3 v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN006640 - The system must use and update a DoD-approved virus scan program - 'names.dat' - update date | DISA STIG AIX 5.3 v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN006640 - The system must use and update a DoD-approved virus scan program - 'scan.dat' | DISA STIG AIX 5.3 v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN006640 - The system must use and update a DoD-approved virus scan program - 'scan.dat' - update date | DISA STIG AIX 5.3 v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN006640 - The system must use and update a DoD-approved virus scan program - 'uvscan exists in crontabs' | DISA STIG AIX 5.3 v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN006640 - The system must use and update a DoD-approved virus scan program. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN008380 - A root kit check tool must be run on the system at least weekly. | DISA STIG AIX 5.3 v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-IP-000008 - The Juniper Networks SRX Series Gateway IDPS must detect, at a minimum, mobile code that is unsigned or exhibiting unusual behavior, has not undergone a risk assessment, or is prohibited for use based on a risk assessment. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-IP-000009 - The Juniper Networks SRX Series Gateway IDPS must block any prohibited mobile code at the enclave boundary when it is detected. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| Macro Runtime Scan Scope | MSCT Microsoft 365 Apps for Enterprise 2112 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Macro Runtime Scan Scope | MSCT Office 365 ProPlus 1908 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| O365-CO-000001 - The Macro Runtime Scan Scope must be enabled for all documents. | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| PANW-IP-000020 - The Palo Alto Networks security platform must detect and deny any prohibited mobile or otherwise malicious code at the enclave boundary | DISA STIG Palo Alto IDPS v3r1 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| PANW-IP-000026 - The Palo Alto Networks security platform must detect and drop any prohibited mobile or otherwise malicious code at internal boundaries | DISA STIG Palo Alto IDPS v3r1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| SP13-00-000140 - SharePoint must prevent non-privileged users from circumventing malicious code protection capabilities. | DISA STIG SharePoint 2013 v2r4 | Windows | ACCESS CONTROL |
| UBTU-16-030910 - The system must update the DoD-approved virus scan program every seven days or more frequently. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WN10-00-000045 - The Windows 10 system must use an anti-virus program. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WPAW-00-000200 - Site IT resources designated as high value by the Authorizing Official (AO) must be remotely managed only via a Windows privileged access workstation (PAW) - AO must be remotely managed only via PAW | DISA MS Windows Privileged Access Workstation v3r1 | Windows | CONFIGURATION MANAGEMENT |
