| 2.4.2 Ensure 'Minimum passcode length' is set to '6' or greater | AirWatch - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.4.2 Ensure 'Minimum passcode length' is set to '6' or greater | AirWatch - CIS Apple iOS 10 v2.0.0 End User Owned L1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.4.2 Ensure 'Minimum passcode length' is set to '6' or greater | MobileIron - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.4.5 Ensure 'Maximum number of failed attempts' is set to '6' | MobileIron - CIS Apple iOS 10 v2.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.4.5 Ensure 'Maximum number of failed attempts' is set to '6' | MobileIron - CIS Apple iOS 13 and iPadOS 13 v1.0.0 End User Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 2.4.6 Ensure 'Maximum number of failed attempts' is set to '6' | AirWatch - CIS Apple iOS 18 Benchmark v2.0.0 L1 End User Owned | MDM | ACCESS CONTROL |
| 2.4.6 Ensure 'Maximum number of failed attempts' is set to '6' | MobileIron - CIS Apple iOS 18 v2.0.0 L1 End User Owned | MDM | ACCESS CONTROL |
| 2.4.6 Ensure 'Maximum number of failed attempts' is set to '6' | AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 2.4.6 Ensure 'Maximum number of failed attempts' is set to '6' | MobileIron - CIS Apple iPadOS 26 v1.0.0 L1 End User Owned | MDM | ACCESS CONTROL |
| 3.4.2 Ensure 'Minimum passcode length' is set to '6' or greater | MobileIron - CIS Apple iOS 10 v2.0.0 Institution Owned L1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 3.4.2 Ensure 'Minimum passcode length' is set to '6' or greater | AirWatch - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 3.4.2 Ensure 'Minimum passcode length' is set to '6' or greater | MobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 3.4.2 Ensure 'Minimum passcode length' is set to '6' or greater | AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.4.5 Ensure 'Maximum number of failed attempts' is set to '6' | MobileIron - CIS Apple iOS 11 v1.0.0 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.4.5 Ensure 'Maximum number of failed attempts' is set to '6' | MobileIron - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.4.5 Ensure 'Maximum number of failed attempts' is set to '6' | MobileIron - CIS Apple iOS 12 v1.0.0 Institution Owned L1 | MDM | ACCESS CONTROL |
| 3.4.5 Ensure 'Maximum number of failed attempts' is set to '6' | AirWatch - CIS Apple iOS 13 and iPadOS 13 Institution Owned L1 | MDM | CONFIGURATION MANAGEMENT |
| 3.4.6 Ensure 'Maximum number of failed attempts' is set to '6' | AirWatch - CIS Apple iOS 18 v2.0.0 L1 Institution Owned | MDM | ACCESS CONTROL |
| 3.4.6 Ensure 'Maximum number of failed attempts' is set to '6' | MobileIron - CIS Apple iOS 26 v1.0.0 L1 Institution Owned | MDM | ACCESS CONTROL |
| 3.4.6 Ensure 'Maximum number of failed attempts' is set to '6' | AirWatch - CIS Apple iPadOS 18 v2.0.0 L1 Institutionally Owned | MDM | ACCESS CONTROL |
| 3.4.6 Ensure 'Maximum number of failed attempts' is set to '6' | AirWatch - CIS Apple iPadOS 17 Institutionally Owned L1 | MDM | ACCESS CONTROL |
| 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in default | CIS Apache Tomcat 9 L1 v1.2.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties files - check if java.util.logging.ConsoleHandler logging is enabled in web application | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler exists in default | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 7.2 Specify file handler in logging.properties files - check if org.apache.juli.FileHandler logging is enabled in default | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000017 - The system must use a Linux Security Module at boot time. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000023 - The system must use a Linux Security Module configured to limit the privileges of system services. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000236 - The SSH daemon must not allow host-based authentication. | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000274 - The system must prohibit the reuse of passwords within five iterations - password-auth | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000285 - The Oracle Linux operating system must implement the Endpoint Security for Linux Threat Prevention tool - mcafeetp package | DISA STIG Oracle Linux 6 v2r7 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OL6-00-000286 - The x86 Ctrl-Alt-Delete key sequence must be disabled - /sbin/shutdown | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000290 - X Windows must not be enabled unless required. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000292 - The DHCP client must be disabled if not needed. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000297 - Temporary accounts must be provisioned with an expiration date. | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000298 - Emergency accounts must be provisioned with an expiration date. | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000299 - The system must require passwords to contain no more than three consecutive repeating characters - system-auth | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000304 - The operating system must employ automated mechanisms to detect the presence of unauthorized software on organizational information systems and notify designated organizational officials in accordance with the organization defined frequency. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000307 - The operating system must ensure unauthorized, security-relevant configuration changes detected are tracked. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000311 - The audit system must provide a warning when allocated audit record storage volume reaches a documented percentage of maximum audit record storage capacity. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000339 - The FTP daemon must be configured for logging or verbose mode - 'log_ftp_protocol' | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000341 - The snmpd service must not use a default password. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000342 - The system default umask for the bash shell must be 077. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000343 - The system default umask for the csh shell must be 077. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000348 - The FTPS/FTP service on the system must be configured with the Department of Defense (DoD) login banner. | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000356 - The system must require administrator action to unlock an account locked by excessive failed login attempts - system-auth | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000372 - The operating system, upon successful logon/access, must display to the user the number of unsuccessful logon/access attempts since the last successful logon/access. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000507 - The operating system, upon successful logon, must display to the user the date and time of the last logon or access via ssh. | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000515 - The NFS server must not have the all_squash option enabled. | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000523 - The systems local IPv6 firewall must implement a deny-all, allow-by-exception policy for inbound packets. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000529 - The sudo command must require authentication - !authenticate | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
