| APPL-15-000005 - The macOS system must configure user session lock when a smart token is removed. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | ACCESS CONTROL |
| APPL-15-000009 - The macOS system must prevent AdminHostInfo from being available at LoginWindow. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | ACCESS CONTROL |
| APPL-15-000022 - The macOS system must limit consecutive failed login attempts to three. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | ACCESS CONTROL |
| APPL-15-000031 - The macOS system must configure the audit log folder to not contain access control lists (ACLs). | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-000110 - The macOS system must configure the SSH ServerAliveInterval to 900. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-001020 - The macOS system must be configured to audit all deletions of object attributes. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| APPL-15-001030 - The macOS system must configure audit capacity warning. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-001060 - The macOS system must set smart card certificate trust to moderate. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-001110 - The macOS system must configure audit_control group to wheel. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-001130 - The macOS system must configure audit_control owner to mode 440 or less permissive. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-002001 - The macOS system must disable Server Message Block (SMB) sharing. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | ACCESS CONTROL |
| APPL-15-002007 - The macOS system must disable Internet Sharing. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002009 - The macOS system must disable AirDrop. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| APPL-15-002020 - The macOS system must disable Siri. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002037 - The macOS system must disable iCloud storage setup during Setup Assistant. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002050 - The macOS system must disable Screen Sharing and Apple Remote Desktop. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | ACCESS CONTROL |
| APPL-15-002068 - The macOS system must secure users' home folders. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002069 - The macOS system must require an administrator password to modify systemwide preferences. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | ACCESS CONTROL |
| APPL-15-002080 - The macOS system must disable Airplay Receiver. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| APPL-15-002130 - The macOS system must disable CD/DVD Sharing. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002210 - The macOS system must disable sending Siri and Dictation information to Apple. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002230 - The macOS system must disable Dictation. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-003011 - The macOS system must require that passwords contain a minimum of one special character. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-15-003013 - The macOS system must enable firmware password. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-003014 - The macOS system must remove password hints from user accounts. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-15-003051 - The macOS system must enforce multifactor authentication for the su command. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-15-005020 - The macOS system must enforce FileVault. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-005050 - The macOS system must enable macOS Application Firewall. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-005056 - The macOS system must disable Unlock with Apple Watch during Setup Assistant. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-005090 - The macOS system must authorize USB devices before allowing connection. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-15-005140 - The macOS system must disable Genmoji. | DISA Apple macOS 15 (Sequoia) STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-70-000003 - The ESXi host must verify the exception users list for lockdown mode. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000004 - Remote logging for ESXi hosts must be configured. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| ESXI-70-000006 - The ESXi host must enforce an unlock timeout of 15 minutes after a user account is locked out. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | ACCESS CONTROL |
| ESXI-70-000034 - The ESXi host must disable the Managed Object Browser (MOB). | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000035 - The ESXi host must be configured to disable nonessential capabilities by disabling Secure Shell (SSH). | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| VCTR-67-000007 - The vCenter Server must manage excess capacity, bandwidth, or other redundancy to limit the effects of information-flooding types of denial-of-service (DoS) attacks by enabling Network I/O Control (NIOC). | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000010 - The vCenter Server must limit the use of the built-in SSO administrative account. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCTR-67-000012 - The vCenter Server must disable the distributed virtual switch health check. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000013 - The vCenter Server must set the distributed port group Forged Transmits policy to reject. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000016 - The vCenter Server must only send NetFlow traffic to authorized collectors. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000026 - The vCenter Server must check the privilege reassignment after restarts. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000029 - The vCenter Server must enable all tasks to be shown to Administrators in the Web Client. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000035 - vCenter Server plugins must be verified. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000040 - The vCenter Server passwords must contain at least one uppercase character. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCTR-67-000043 - The vCenter Server passwords must contain at least one special character. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCTR-67-000062 - The vCenter Server must enable the login banner for vSphere Client. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000065 - The vCenter Server must have Mutual CHAP configured for vSAN iSCSI targets. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000074 - The vCenter Server Administrators must clean up log files after failed installations. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000077 - The vCenter Server must enable TLS 1.2 exclusively. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
