| 1.3 APPL-14-000003 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.4.5 Ensure version 7.2 or newer booted with a BIOS have a unique name for the grub superusers account | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 1.25 APPL-14-000110 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.29 APPL-14-000160 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.35 APPL-14-001010 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | AUDIT AND ACCOUNTABILITY |
| 1.57 APPL-14-002001 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.93 APPL-14-002066 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | CONFIGURATION MANAGEMENT |
| 1.121 APPL-14-003012 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.142 APPL-14-005052 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.3.28 Ensure SSH IgnoreUserKnownHosts is enabled | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 5.3.34 Ensure SSH compressions setting is delayed | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| CASA-FW-000020 - The Cisco ASA must immediately use updates made to policy enforcement mechanisms such as firewall rules, security policies, and security zones. | DISA STIG Cisco ASA FW v2r1 | Cisco | ACCESS CONTROL |
| CASA-FW-000290 - The Cisco ASA must be configured to restrict it from accepting outbound packets that contain an illegitimate address in the source address field via an egress filter or by enabling Unicast Reverse Path Forwarding (uRPF) - URF | DISA STIG Cisco ASA FW v2r1 | Cisco | CONFIGURATION MANAGEMENT |
| CASA-VN-000160 - The Cisco ASA must be configured to use Internet Key Exchange v2 (IKEv2) for all IPsec security associations. | DISA STIG Cisco ASA VPN v2r2 | Cisco | CONFIGURATION MANAGEMENT |
| CASA-VN-000460 - The Cisco ASA remote access VPN server must be configured to display the Standard Mandatory DoD Notice and Consent Banner before granting access to the network. | DISA STIG Cisco ASA VPN v2r2 | Cisco | ACCESS CONTROL |
| CASA-VN-000720 - The Cisco ASA VPN remote access server must be configured to generate log records when successful and/or unsuccessful VPN connection attempts occur. | DISA STIG Cisco ASA VPN v2r2 | Cisco | AUDIT AND ACCOUNTABILITY |
| DTOO104 - Disabling of user name and password syntax from being used in URLs must be enforced. | DISA STIG Microsoft Sharepoint Designer 2013 v1r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO111 - The Internet Explorer Bind to Object functionality must be enabled. | DISA STIG Microsoft Sharepoint Designer 2013 v1r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO117 - The Saved from URL mark must be selected to enforce Internet zone processing | DISA STIG Microsoft Sharepoint Designer 2013 v1r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO123 - Navigation to URLs embedded in Office products must be blocked. | DISA STIG Microsoft Sharepoint Designer 2013 v1r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO124 - Scripted Window Security must be enforced. | DISA STIG Microsoft Sharepoint Designer 2013 v1r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO126 - Word - Add-on Management functionality must be allowed. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO128 - Word - Data Execution Prevention must be enforced. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO131 - PowerPoint - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO132 - File downloads must be configured for proper restrictions. | DISA STIG Microsoft Sharepoint Designer 2013 v1r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO133 - Word - All automatic loading from Trusted Locations must be disabled. | DISA STIG Office 2010 Word v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO142 - PowerPoint - Force encrypted macros to be scanned in open XML documents must be determined and configured. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO236 - Outlook - The Add-In Trust Level must be configured. | DISA Microsoft Outlook 2010 STIG v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO237 - Outlook - The 'remember password' for internet e-mail accounts must be disabled. | DISA Microsoft Outlook 2010 STIG v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO240 - Outlook - The ability to display level 1 attachments must be disallowed. | DISA Microsoft Outlook 2010 STIG v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO242 - Outlook - Prompting behavior for Level 1 attachments on sending must be configured. | DISA Microsoft Outlook 2010 STIG v1r14 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO280 - Outlook - Authentication with Exchange Server must be required. | DISA Microsoft Outlook 2010 STIG v1r14 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO346 - Project - Untrusted intranet zone access to Project servers must not be allowed. | DISA STIG Office 2010 Project v1r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SLES-12-030261 - The SUSE operating system SSH daemon must prevent remote hosts from connecting to the proxy display. | DISA SLES 12 STIG v3r4 | Unix | CONFIGURATION MANAGEMENT |
| WN25-00-000230 - Windows Server 2025 nonsystem-created file shares must limit access to groups that require it. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN25-00-000240 - Windows Server 2025 must have software certificate installation files removed. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | CONFIGURATION MANAGEMENT |
| WN25-00-000270 - Windows Server 2025 must have the roles and features required by the system documented. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | CONFIGURATION MANAGEMENT |
| WN25-00-000340 - Windows Server 2025 must not have the Peer Name Resolution Protocol installed. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | CONFIGURATION MANAGEMENT |
| WN25-00-000370 - Windows Server 2025 must not have the TFTP Client installed. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | CONFIGURATION MANAGEMENT |
| WN25-00-000420 - Windows Server 2025 FTP servers must be configured to prevent anonymous logons. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | CONFIGURATION MANAGEMENT |
| WN25-AC-000010 - Windows Server 2025 account lockout duration must be configured to 15 minutes or greater. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | ACCESS CONTROL |
| WN25-AU-000130 - Windows Server 2025 must be configured to audit Detailed Tracking - Plug and Play Events successes. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WN25-AU-000170 - Windows Server 2025 must be configured to audit Logon/Logoff - Group Membership successes. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WN25-AU-000240 - Windows Server 2025 must be configured to audit Object Access - Removable Storage successes. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WN25-AU-000582 - Windows Server 2025 must be configured to audit file system successes. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WN25-AU-000585 - Windows Server 2025 must be configured to audit registry failures. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WN25-CC-000160 - Windows Server 2025 printing over HTTP must be turned off. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | CONFIGURATION MANAGEMENT |
| WN25-CC-000390 - Windows Server 2025 must prevent attachments from being downloaded from RSS feeds. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | CONFIGURATION MANAGEMENT |
| WN25-CC-000410 - Windows Server 2025 must prevent Indexing of encrypted files. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | CONFIGURATION MANAGEMENT |
| WN25-CC-000450 - Windows Server 2025 must disable automatically signing in the last interactive user after a system-initiated restart. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | CONFIGURATION MANAGEMENT |
