Item Search

NameAudit NamePluginCategory
AADC-CN-001310 - The Adobe Acrobat Pro DC Continuous Welcome Screen must be disabled.DISA STIG Adobe Acrobat Pro DC Continuous Track v2r1Windows

CONFIGURATION MANAGEMENT

AIOS-12-012100 - Apple iOS must implement the management setting: force Apple Watch wrist detection.MobileIron - DISA Apple iOS 12 v2r1MDM

CONFIGURATION MANAGEMENT

AIOS-13-012100 - Apple iOS/iPadOS must implement the management setting: force Apple Watch wrist detection.AirWatch - DISA Apple iOS/iPadOS 13 v2r1MDM

CONFIGURATION MANAGEMENT

AIOS-15-001000 - Apple iOS/iPadOS 15 must provide the capability for the Administrator (MDM) to perform the following management function: enable/disable VPN protection across the device and [selection: other methods].MobileIron - DISA Apple iOS/iPadOS 14 v1r4MDM

CONFIGURATION MANAGEMENT

AIOS-16-712300 - Apple iOS/iPadOS 16 must not allow managed apps to write contacts to unmanaged contacts accounts.MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r1MDM

CONFIGURATION MANAGEMENT

AIOS-16-712400 - Apple iOS/iPadOS 16 must not allow unmanaged apps to read contacts from managed contacts accounts.AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r1MDM

CONFIGURATION MANAGEMENT

AIOS-17-011600 - Apple iOS/iPadOS 17 must implement the management setting: not have any Family Members in Family Sharing.MobileIron - DISA Apple iOS/iPadOS 17 v2r1MDM

CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

AIOS-17-012500 - Apple iOS/iPadOS 17 must implement the management setting: disable AirDrop.MobileIron - DISA Apple iOS/iPadOS 17 v2r1MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-17-013100 - Apple iOS/iPadOS 17 must disable 'Find My Friends' in the 'Find My' app - Find My app.AirWatch - DISA Apple iOS/iPadOS 17 v2r1MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

ARDC-CL-000070 - Adobe Reader DC must disable the Adobe Repair Installation.DISA STIG Adobe Acrobat Reader DC Classic Track v2r1Windows

CONFIGURATION MANAGEMENT

CISC-L2-000090 - The Cisco switch must have Root Guard enabled on all switch ports connecting to access layer switches.DISA STIG Cisco IOS XE Switch L2S v3r1Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-L2-000270 - The Cisco switch must not have any switchports assigned to the native VLAN.DISA STIG Cisco IOS Switch L2S v3r1Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000060 - The Cisco router must be configured to have all inactive interfaces disabled.DISA STIG Cisco IOS XE Router RTR v3r2Cisco

ACCESS CONTROL

CISC-RT-000200 - The Cisco router must be configured to log all packets that have been dropped at interfaces via ACL.DISA STIG Cisco IOS XE Router RTR v3r2Cisco

AUDIT AND ACCOUNTABILITY

CISC-RT-000230 - The Cisco router must be configured to disable the auxiliary port unless it is connected to a secured modem providing encryption and authentication.DISA STIG Cisco IOS XE Router RTR v3r2Cisco

ACCESS CONTROL

CISC-RT-000300 - The Cisco perimeter router must be configured to not redistribute static routes to an alternate gateway service provider into BGP or an Interior Gateway Protocol (IGP) peering with the NIPRNet or to other autonomous systems.DISA STIG Cisco IOS XE Router RTR v3r2Cisco

ACCESS CONTROL

CISC-RT-000470 - The Cisco BGP router must be configured to enable the Generalized TTL Security Mechanism (GTSM).DISA STIG Cisco IOS XE Router RTR v3r2Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000470 - The Cisco BGP switch must be configured to enable the Generalized TTL Security Mechanism (GTSM).DISA STIG Cisco IOS XE Switch RTR v3r1Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000590 - The Cisco MPLS router must be configured to use its loopback address as the source address for LDP peering sessions.DISA STIG Cisco IOS-XR Router RTR v3r2Cisco

CONTINGENCY PLANNING

CISC-RT-000810 - The Cisco multicast edge switch must be configured to establish boundaries for administratively scoped multicast traffic.DISA STIG Cisco IOS Switch RTR v3r1Cisco

ACCESS CONTROL

CISC-RT-000830 - The Cisco multicast Rendezvous Point (RP) switch must be configured to filter Protocol Independent Multicast (PIM) Register messages received from the Designated switch (DR) for any undesirable multicast groups and sources.DISA STIG Cisco IOS XE Switch RTR v3r1Cisco

ACCESS CONTROL

CISC-RT-000840 - The Cisco multicast Rendezvous Point (RP) switch must be configured to filter Protocol Independent Multicast (PIM) Join messages received from the Designated Cisco switch (DR) for any undesirable multicast groups.DISA STIG Cisco IOS XE Switch RTR v3r1Cisco

ACCESS CONTROL

CISC-RT-000940 - The Cisco Multicast Source Discovery Protocol (MSDP) router must be configured to limit the amount of source-active messages it accepts on a per-peer basis.DISA STIG Cisco IOS XE Router RTR v3r2Cisco

ACCESS CONTROL

JUSX-DM-000044 - The Juniper SRX Services Gateway must generate log records when privileged commands are executed.DISA Juniper SRX Services Gateway NDM v3r2Juniper

AUDIT AND ACCOUNTABILITY

JUSX-DM-000164 - The Juniper SRX Services Gateway must implement service redundancy to protect against or limit the effects of common types of Denial of Service (DoS) attacks on the device itself.DISA Juniper SRX Services Gateway NDM v3r2Juniper

SYSTEM AND COMMUNICATIONS PROTECTION

O121-BP-021500 - A minimum of two Oracle control files must be defined and configured to be stored on separate, archived disks (physical or virtual) or archived partitions on a RAID device.DISA STIG Oracle 12c v3r2 DatabaseOracleDB

CONFIGURATION MANAGEMENT

TCAT-AS-000550 - xpoweredBy attribute must be disabled.DISA STIG Apache Tomcat Application Server 9 v3r2 MiddlewareUnix

CONFIGURATION MANAGEMENT

TCAT-AS-001660 - STRICT_SERVLET_COMPLIANCE must be set to true.DISA STIG Apache Tomcat Application Server 9 v3r2 MiddlewareUnix

CONFIGURATION MANAGEMENT

WN10-00-000085 - Standard local user accounts must not exist on a system in a domain.DISA Microsoft Windows 10 STIG v3r4Windows

CONFIGURATION MANAGEMENT

WN10-CC-000206 - Windows Update must not obtain updates from other PCs on the internet.DISA Microsoft Windows 10 STIG v3r4Windows

CONFIGURATION MANAGEMENT

WN10-CC-000220 - Turning off File Explorer heap termination on corruption must be disabled.DISA Microsoft Windows 10 STIG v3r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN10-SO-000055 - The maximum age for machine account passwords must be configured to 30 days or less.DISA Microsoft Windows 10 STIG v3r4Windows

CONFIGURATION MANAGEMENT

WN10-SO-000085 - Caching of logon credentials must be limited.DISA Microsoft Windows 10 STIG v3r4Windows

CONFIGURATION MANAGEMENT

WN12-00-000017 - System-related documentation must be backed up in accordance with local recovery time and recovery point objectives.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-CC-000020 - An Error Report must not be sent when a generic device driver is installed.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-CC-000033 - Event Viewer Events.asp links must be turned off.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-CC-000066 - Microsoft Support Diagnostic Tool (MSDT) interactive communication with Microsoft must be prevented.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-CC-000071 - The Application Compatibility Program Inventory must be prevented from collecting data and sending the information to Microsoft.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-CC-000109 - Automatic download of updates from the Windows Store must be turned off.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-GE-000014 - Outdated or unused accounts must be removed from the system or disabled.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

IDENTIFICATION AND AUTHENTICATION

WN12-SO-000037 - IPv6 source routing must be configured to the highest protection level.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-SO-000044 - The system must be configured to disable the Internet Router Discovery Protocol (IRDP).DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN12-SO-000046 - The system must be configured to have password protection take effect within a limited time frame when the screen saver becomes active.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-SO-000047 - IPv6 TCP data retransmissions must be configured to prevent resources from becoming exhausted.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN12-SO-000048 - The system must limit how many times unacknowledged TCP data is retransmitted.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN12-SO-000048 - The system must limit how many times unacknowledged TCP data is retransmitted.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN12-SO-000088 - Optional Subsystems must not be permitted to operate on the system.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-UC-000005 - Notifications from Windows Push Network Service must be turned off.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN12-UC-000006 - Toast notifications to the lock screen must be turned off.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT

WN19-CC-000060 - Windows Server 2019 must be configured to ignore NetBIOS name release requests except from WINS servers.DISA Microsoft Windows Server 2019 STIG v3r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION