| 3.1.2 Ensure wireless interfaces are disabled | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-15-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization - DisableBluetooth | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-12-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization. | DISA STIG Apple macOS 12 v1r9 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000870 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to prohibit client-side scripts from reading the cookie data | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000870 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to prohibit client-side scripts from reading the cookie data. | DISA STIG Apache Server 2.4 Unix Server v3r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000900 - The Apache web server must remove all export ciphers to protect the confidentiality and integrity of transmitted information. | DISA STIG Apache Server 2.4 Unix Server v3r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000900 - The Apache web server must remove all export ciphers to protect the confidentiality and integrity of transmitted information. | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-W2-000870 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to prohibit client-side scripts from reading the cookie data - Session On | DISA STIG Apache Server 2.4 Windows Site v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-W2-000880 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to force the encryption of cookies - Session On | DISA STIG Apache Server 2.4 Windows Site v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-W2-000880 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to force the encryption of cookies - SessionCookieName | DISA STIG Apache Server 2.4 Windows Site v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-W2-000880 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to force the encryption of cookies - SessionCryptoPassphrase | DISA STIG Apache Server 2.4 Windows Site v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-65-000050 - The ESXi host must protect the confidentiality and integrity of transmitted information by protecting IP based management traffic. | DISA STIG VMware vSphere ESXi 6.5 v2r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-CA-000150 - Exchange OWA must use https - Internal | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-EG-000340 - Exchange internal Receive connectors must require encryption. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000680 - Exchange internal Receive connectors must require encryption. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000690 - Exchange internal Send connectors must require encryption - DomainSecureEnabled | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000690 - Exchange internal Send connectors must require encryption - DomainSecureEnabled | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000690 - Exchange internal Send connectors must require encryption - RequireTLS | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000690 - Exchange internal Send connectors must require encryption - TlsAuthLevel | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000690 - Exchange internal Send connectors must require encryption - TlsDomain | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-ED-000690 - Exchange internal Send connectors must require encryption - TlsDomain | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IIST-SV-000154 - The IIS 10.0 web server must maintain the confidentiality of controlled information during transmission through the use of an approved Transport Layer Security (TLS) version. | DISA IIS 10.0 Server v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IISW-SI-000244 - IIS 8.5 website session IDs must be sent to the client using TLS. | DISA IIS 8.5 Site v2r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IISW-SV-000152 - IIS 8.5 web server session IDs must be sent to the client using TLS. | DISA IIS 8.5 Server v2r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IISW-SV-000154 - A web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version. | DISA IIS 8.5 Server v2r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| JBOS-AS-000650 - JBoss must be configured to use an approved TLS version. | DISA JBoss EAP 6.3 STIG v2r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000308 - OHS must have the LoadModule ossl_module directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000309 - OHS must have the SSLFIPS directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000310 - OHS must have the SSLEngine, SSLProtocol, SSLWallet directives enabled and configured to prevent unauthorized disclosure of information during transmission - SSLProtocol | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000311 - OHS must have the SSLCipherSuite directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000313 - OHS must have the WLSSLWallet directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000315 - If using the WebLogic Web Server Proxy Plugin and configuring SSL termination at OHS, OHS must have the WLProxySSL directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000320 - OHS must have the LoadModule ossl_module directive enabled to maintain the confidentiality of controlled information during transmission through the use of an approved TLS version. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000322 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000322 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLProtocol | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000322 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLWallet | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL07-00-040310 - The Oracle Linux operating system must be configured so that all networked systems use SSH for confidentiality and integrity of transmitted and received information as well as information during preparation for transmission. | DISA Oracle Linux 7 STIG v3r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-060070 - The operating system must protect the integrity of transmitted information. | DISA STIG Solaris 11 X86 v3r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SPLK-CL-000070 - Splunk Enterprise must use SSL to protect the confidentiality and integrity of transmitted information. | DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API | Splunk | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-18-010521 - The Ubuntu operating system must disable all wireless network adapters. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-20-010042 - The Ubuntu operating system must use SSH to protect the confidentiality and integrity of transmitted information. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WDNS-SC-000028 - The Windows 2012 DNS Server must protect the integrity of transmitted information. | DISA Microsoft Windows 2012 Server DNS STIG v2r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-SO-000035 - Outgoing secure channel traffic must be encrypted or signed. | DISA Microsoft Windows 11 STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-SO-000040 - Outgoing secure channel traffic must be encrypted. | DISA Microsoft Windows 11 STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-SO-000045 - Outgoing secure channel traffic must be signed. | DISA Microsoft Windows 11 STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-SO-000060 - Windows Server 2022 setting Domain member: Digitally encrypt or sign secure channel data (always) must be configured to Enabled. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-SO-000110 - Windows Server 2022 must be configured to require a strong session key. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-SO-000160 - Windows Server 2022 setting Microsoft network client: Digitally sign communications (always) must be configured to Enabled. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-SO-000170 - Windows Server 2022 setting Microsoft network client: Digitally sign communications (if server agrees) must be configured to Enabled. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-SO-000190 - Windows Server 2022 setting Microsoft network server: Digitally sign communications (always) must be configured to Enabled. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
