| 9.3 Ensure 'safkeyringhw:' is set to use a hardware crypto card | CIS IBM WebSphere Liberty v1.0.0 L2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.28.2 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.28.2 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.28.2 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.28.2 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled' | CIS Microsoft Windows 10 Stand-alone v3.0.0 L1 BL NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.29.2 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.29.2 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.29.2 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.29.2 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL NG | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.29.3 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.29.3 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 BL | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.29.3 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 18.10.29.3 (L1) Ensure 'Turn off Data Execution Prevention for Explorer' is set to 'Disabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| AMLS-L3-000220 - The Arista Multilayer Switch must enable neighbor router authentication for control plane protocols except RIP - BGP | DISA STIG Arista MLS DCS-7000 Series RTR v1r4 | Arista | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AMLS-L3-000220 - The Arista Multilayer Switch must enable neighbor router authentication for control plane protocols except RIP - OSPF message-digest | DISA STIG Arista MLS DCS-7000 Series RTR v1r4 | Arista | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| DG0141-ORACLE11 - Attempts to bypass access controls should be audited. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | AUDIT AND ACCOUNTABILITY |
| Java permissions - Local Machine Zone | MSCT Windows Server v20H2 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Local Machine Zone | MSCT Windows 11 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Local Machine Zone | MSCT Windows Server 1903 DC v1.19.9 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Local Machine Zone | MSCT Windows Server v1909 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Local Machine Zone | MSCT Windows Server v2004 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Local Machine Zone | MSCT Windows 10 v1507 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Local Machine Zone | MSCT Windows 11 v24H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Local Machine Zone | MSCT Windows Server 2025 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Locked-Down Intranet Zone | MSCT Windows 10 1803 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Locked-Down Intranet Zone | MSCT Windows 10 v21H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Locked-Down Intranet Zone | MSCT Windows Server 2016 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Locked-Down Intranet Zone | MSCT MSCT Windows Server 2022 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Locked-Down Intranet Zone | MSCT Windows 10 v22H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Locked-Down Intranet Zone | MSCT Windows Server 1903 MS v1.19.9 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Locked-Down Intranet Zone | MSCT Windows Server v20H2 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Locked-Down Intranet Zone | MSCT Windows 10 1909 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Restricted Sites Zone | MSCT Windows Server v1909 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Restricted Sites Zone | MSCT Windows 10 v1507 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Restricted Sites Zone | MSCT Windows 10 v2004 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Restricted Sites Zone | MSCT Windows Server 2025 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Trusted Sites Zone | MSCT MSCT Windows Server 2022 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Trusted Sites Zone | MSCT Windows Server v20H2 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Trusted Sites Zone | MSCT Windows 10 v21H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Trusted Sites Zone | MSCT Windows Server v1909 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Trusted Sites Zone | MSCT Windows 10 v20H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Java permissions - Trusted Sites Zone | MSCT Windows 11 v22H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| KNOX-07-000600 - The Samsung Android 7 with Knox must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | ACCESS CONTROL |
| KNOX-07-002600 - The Samsung must be configured to not display the following notifications when the device is locked: All notifications. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| KNOX-07-005700 - The Samsung must be configured to disable automatic transfer of diagnostic data. Disable Google Crash Report. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-012800 - The Samsung Android 7 with Knox must be configured to implement the management setting: Enable Container. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-013000 - The Samsung Android 7 with Knox must implement the management setting: Enable Certificate Revocation Status (CRL) Check. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| WBLC-08-000236 - Oracle WebLogic must protect against or limit the effects of HTTP types of Denial of Service (DoS) attacks. | Oracle WebLogic Server 12c Windows v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-08-000236 - Oracle WebLogic must protect against or limit the effects of HTTP types of Denial of Service (DoS) attacks. | Oracle WebLogic Server 12c Linux v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-08-000236 - Oracle WebLogic must protect against or limit the effects of HTTP types of Denial of Service (DoS) attacks. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
