| AS24-U1-000950 - The Apache web server must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs. | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | CONFIGURATION MANAGEMENT |
| AS24-U2-000960 - The Apache web server must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs. | DISA STIG Apache Server 2.4 Unix Site v2r6 Middleware | Unix | CONFIGURATION MANAGEMENT |
| CISC-L2-000090 - The Cisco switch must have Root Guard enabled on all switch ports connecting to access layer switches and hosts. | DISA Cisco NX OS Switch L2S STIG v3r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000060 - The Cisco router must be configured to have all inactive interfaces disabled. | DISA Cisco IOS Router RTR STIG v3r3 | Cisco | ACCESS CONTROL |
| CISC-RT-000300 - The Cisco perimeter router must be configured to not redistribute static routes to an approved gateway service provider into BGP, an IGP peering with the NIPRNet, or other autonomous systems. | DISA Cisco IOS Router RTR STIG v3r3 | Cisco | ACCESS CONTROL |
| CISC-RT-000570 - The Cisco BGP switch must be configured to limit the prefix size on any inbound route advertisement to /24, or the least significant prefixes issued to the customer. | DISA Cisco NX OS Switch RTR STIG v3r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000810 - The Cisco multicast edge router must be configured to establish boundaries for administratively scoped multicast traffic. | DISA Cisco IOS Router RTR STIG v3r3 | Cisco | ACCESS CONTROL |
| CISC-RT-000810 - The Cisco multicast edge switch must be configured to establish boundaries for administratively scoped multicast traffic. | DISA Cisco NX OS Switch RTR STIG v3r3 | Cisco | ACCESS CONTROL |
| CISC-RT-000920 - The Cisco Multicast Source Discovery Protocol (MSDP) router must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources. | DISA Cisco IOS Router RTR STIG v3r3 | Cisco | ACCESS CONTROL |
| CISC-RT-000930 - The Cisco Multicast Source Discovery Protocol (MSDP) switch must be configured to filter source-active multicast advertisements to external MSDP peers to avoid global visibility of local-only multicast sources and groups. | DISA Cisco NX OS Switch RTR STIG v3r3 | Cisco | ACCESS CONTROL |
| DTBI1135-IE11 - Internet Explorer Development Tools Must Be Disabled. | DISA STIG IE 11 v2r5 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTOO120 - Open/Save actions for web pages and Excel 2003 XML spreadsheets must be blocked. | DISA STIG Microsoft Excel 2013 v1r8 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000070 - Exchange Circular Logging must be disabled. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | AUDIT AND ACCOUNTABILITY |
| GEN002750 - The audit system must be configured to audit account creation - 'passwd' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN002752 - The audit system must be configured to audit account disabling. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - 'groupdel' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN008820 - The system package management tool must not automatically obtain updates. | DISA STIG for Oracle Linux 5 v2r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000099 - OHS must not have the ForceLanguagePriority directive enabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000112 - OHS must have the LoadModule dir_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000113 - OHS must have the DirectoryIndex directive disabled - DirectoryIndex | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000113 - OHS must have the DirectoryIndex directive disabled - IfModule dir_module | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000141 - OHS must have the LoadModule usertrack_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000205 - OHS must have the RewriteLogLevel directive set to the proper log level. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000218 - OHS content and configuration files must be part of a routine backup program. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 415 | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 501 | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OL07-00-020300 - The Oracle Linux operating system must be configured so that all Group Identifiers (GIDs) referenced in the /etc/passwd file are defined in the /etc/group file - GIDs referenced in the /etc/passwd file are defined in the /etc/group file. | DISA Oracle Linux 7 STIG v3r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-021320 - The Oracle Linux operating system must use a separate file system for /var. | DISA Oracle Linux 7 STIG v3r2 | Unix | CONFIGURATION MANAGEMENT |
| OL07-00-021330 - The Oracle Linux operating system must use a separate file system for the system audit data path large enough to hold at least one week of audit data. | DISA Oracle Linux 7 STIG v3r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-021340 - The Oracle Linux operating system must use a separate file system for /tmp (or equivalent) - or equivalent. | DISA Oracle Linux 7 STIG v3r2 | Unix | CONFIGURATION MANAGEMENT |
| OL07-00-021610 - The Oracle Linux operating system must be configured so that the file integrity tool is configured to verify extended attributes. | DISA Oracle Linux 7 STIG v3r2 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-020110 - OL 8 must enforce password complexity by requiring that at least one uppercase character be used. | DISA Oracle Linux 8 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| TCAT-AS-000510 - DefaultServlet debug parameter must be disabled. | DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware | Unix | CONFIGURATION MANAGEMENT |
| TCAT-AS-000560 - Example applications must be removed. | DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware | Unix | CONFIGURATION MANAGEMENT |
| TCAT-AS-001710 - Hosted applications must be documented in the system security plan. | DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware | Unix | CONFIGURATION MANAGEMENT |
| UBTU-18-010031 - The Ubuntu operating system must enforce a delay of at least 4 seconds between logon prompts following a failed logon attempt. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | CONFIGURATION MANAGEMENT |
| WBLC-02-000069 - Oracle WebLogic must generate audit records for the DoD-selected list of auditable events - HTTP Access Log | Oracle WebLogic Server 12c Linux v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000073 - Oracle WebLogic must produce process events and severity levels to establish what type of HTTPD-related events and severity levels occurred. | Oracle WebLogic Server 12c Linux v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000076 - Oracle WebLogic must produce audit records containing sufficient information to establish when (date and time) the events occurred. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000076 - Oracle WebLogic must produce audit records containing sufficient information to establish when (date and time) the events occurred. | Oracle WebLogic Server 12c Windows v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000078 - Oracle WebLogic must produce audit records containing sufficient information to establish the sources of the events. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000083 - Oracle WebLogic must provide a real-time alert when organization-defined audit failure events occur - Module-HealthState | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000083 - Oracle WebLogic must provide a real-time alert when organization-defined audit failure events occur - SMTP Notification | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000084 - Oracle WebLogic must alert designated individual organizational officials in the event of an audit processing failure - SMTP Notification | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000086 - Oracle WebLogic must notify administrative personnel as a group in the event of audit processing failure - Module-HealthState | Oracle WebLogic Server 12c Linux v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-03-000129 - Oracle WebLogic must utilize automated mechanisms to prevent program execution on the information system. | Oracle WebLogic Server 12c Windows v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WBLC-09-000252 - Oracle WebLogic must identify potentially security-relevant error conditions. | Oracle WebLogic Server 12c Linux v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WBLC-09-000252 - Oracle WebLogic must identify potentially security-relevant error conditions. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WN16-CC-000040 - Internet Protocol version 6 (IPv6) source routing must be configured to the highest protection level to prevent IP source routing. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | CONFIGURATION MANAGEMENT |
| WN16-SO-000450 - The default permissions of global system objects must be strengthened. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | CONFIGURATION MANAGEMENT |
