| 2.022 - Disallow AutoPlay/Autorun from Autorun.inf | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 3.030 - Anonymous access to the registry must be restricted. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 3.061 - Unencrypted remote access is permitted to system services. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 4.005 - Unapproved Users have access to Debug programs. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 4.009 - Unauthorized users are granted right to Act as part of the operating system. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 4.027 - Only administrators responsible for the system must have Administrator rights on the system. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| CD12-00-008000 - PostgreSQL must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to generate and validate cryptographic hashes. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CD12-00-008200 - PostgreSQL must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owner's requirements. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvclean.dat | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvnames.dat | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvnames.dat | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-001 - The anti-virus signature file age must not exceed 7 days - avvscan.dat | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTBI999-IE11 - The version of Internet Explorer running on the system must be a supported version. | DISA STIG IE 11 v2r5 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTOO999-Word13 - The version of Microsoft Word running on the system must be a supported version. | DISA STIG Microsoft Word 2013 v1r7 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EPAS-00-004800 - When using command-line tools such as psql, users must use a logon method that does not expose the password. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION |
| EPAS-00-004810 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000295 - The FortiGate device must be configured to send log data to a central log server for the purpose of forwarding alerts to the administrators and the ISSO. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| GEN001100 - Root passwords must never be passed over a network in clear text form - 'root has logged in over a network' | DISA STIG AIX 5.3 v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN003850 - The telnet daemon must not be running. | DISA STIG AIX 5.3 v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN005500 - The SSH daemon must be configured to only use the SSHv2 protocol. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN006380 - The system must not use UDP for NIS/NIS+. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GOOG-09-999999 - All Google Android 9 installations must be removed. | AirWatch - DISA Google Android 9.x v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-010800 - Google Android 11 devices must have the latest available Google Android 11 operating system installed. | MobileIron - DISA Google Android 11 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-011-999999 - All Google Android 11 installations must be removed. | AirWatch - DISA Google Android 11 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-011-999999 - All Google Android 11 installations must be removed. | MobileIron - DISA Google Android 11 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-010800 - Android 12 devices must have the latest available Google Android 12 operating system installed. | MobileIron - DISA Google Android 12 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| HONW-09-008400 - On all Honeywell Mobility Edge Android Pie devices, cryptography must be configured to be in FIPS 140-2 validated mode. | AirWatch - DISA Honeywell Android 9.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| HONW-09-010900 - Honeywell Mobility Edge Android Pie devices must have a NIAP validated Honeywell Mobility Edge Android Pie devices operating system installed. | MobileIron - DISA Honeywell Android 9.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| HONW-09-999999 - All Honeywell Android 9 installations must be removed. | AirWatch - DISA Honeywell Android 9.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-018900 - The Samsung Android 7 with Knox must use a NIAP certified container for work data and applications. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| MD4X-00-003800 - MongoDB must protect the confidentiality and integrity of all information at rest. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MOTO-09-999999 - All Motorola Android 9 installations must be removed. | AirWatch - DISA Motorola Android Pie.x COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MOTO-09-999999 - All Motorola Android 9 installations must be removed. | MobileIron - DISA Motorola Android Pie.x COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MSFT-11-010800 - Microsoft Android 11 devices must have the latest available Microsoft Android 11 operating system installed. | AirWatch - DISA Microsoft Android 11 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| PHTN-67-000999 - The version of the Photon OS running on the server must be a supported version. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-010291 - The Red Hat Enterprise Linux operating system must not have accounts configured with blank or null passwords. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| SPLK-CL-000460 - Splunk Enterprise must be configured to protect the confidentiality and integrity of transmitted information. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST API | Splunk | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-016500 - SQL Server must have the SQL Server Data Tools (SSDT) software component removed from SQL Server if SSDT is unused. | DISA STIG SQL Server 2012 Database OS Audit v1r20 | Windows | CONFIGURATION MANAGEMENT |
| SYMP-AG-000300 - Symantec ProxySG must be configured to prohibit or restrict the use of network services as defined in the PPSM CAL and vulnerability assessments. - Destination | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | CONFIGURATION MANAGEMENT |
| SYMP-AG-000300 - Symantec ProxySG must be configured to prohibit or restrict the use of network services as defined in the PPSM CAL and vulnerability assessments. - Source | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | CONFIGURATION MANAGEMENT |
| SYMP-AG-000320 - Symantec ProxySG must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users) - Domain Joined | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000340 - Symantec ProxySG providing user authentication intermediary services must restrict user authentication traffic to specific authentication servers - Domain joined | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000220 - Symantec ProxySG must use only approved management services protocols. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | CONFIGURATION MANAGEMENT |
| SYMP-NM-000320 - Symantec ProxySG must enable Attack Detection. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCENTER-000099 - The version of vCenter running on the server must be a supported version. | DISA STIG VMWare ESXi vCenter 5 STIG v2r1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| VCFL-67-000999 - The version of Virgo-Client running on the system must be a supported version. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCLD-67-000034 - VAMI must implement TLS1.2 exclusively - sslv3 | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCLD-67-000034 - VAMI must implement TLS1.2 exclusively - tlsv10 | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VMCH-67-000999 - The version of VMM running on the server must be a supported version. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
| WINGE-000100 - EMET v5.5 or later must be installed on the system. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
