Item Search

NameAudit NamePluginCategory
AIOS-02-080104 - Apple iOS must implement the management setting: require password when connecting to AirPlay device for the first time.MobileIron - DISA Apple iOS 10 v1r3MDM

ACCESS CONTROL, CONFIGURATION MANAGEMENT

AIOS-12-000200 - Apple iOS must be configured to not allow passwords that include more than two repeating or sequential characters.MobileIron - DISA Apple iOS 12 v2r1MDM

CONFIGURATION MANAGEMENT

AIOS-12-011100 - Apple iOS must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device for the first time.MobileIron - DISA Apple iOS 12 v2r1MDM

ACCESS CONTROL

AIOS-13-000400 - Apple iOS/iPadOS must be configured to not allow more than 10 consecutive failed authentication attempts.AirWatch - DISA Apple iOS/iPadOS 13 v2r1MDM

ACCESS CONTROL

AIOS-16-712400 - Apple iOS/iPadOS 16 must not allow unmanaged apps to read contacts from managed contacts accounts.MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r1MDM

CONFIGURATION MANAGEMENT

BIND-9X-001621 - On a BIND 9.x server all root name servers listed in the local root zone file hosted on a BIND 9.x authoritative name server must be empty or removed.DISA BIND 9.x STIG v2r3Unix

CONFIGURATION MANAGEMENT

CISC-L2-000090 - The Cisco switch must have Root Guard enabled on all switch ports connecting to access layer switches.DISA STIG Cisco IOS Switch L2S v3r1Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-L2-000170 - The Cisco switch must have IGMP or MLD Snooping configured on all VLANs.DISA STIG Cisco IOS Switch L2S v3r1Cisco

CONFIGURATION MANAGEMENT

CISC-RT-000060 - The Cisco switch must be configured to have all inactive Layer 3 interfaces disabled.DISA STIG Cisco IOS Switch RTR v3r1Cisco

ACCESS CONTROL

CISC-RT-000060 - The Cisco switch must be configured to have all inactive layer 3 interfaces disabled.DISA STIG Cisco IOS XE Switch RTR v3r1Cisco

ACCESS CONTROL

CISC-RT-000160 - The Cisco switch must be configured to have IP directed broadcast disabled on all interfaces.DISA STIG Cisco IOS XE Switch RTR v3r1Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000590 - The Cisco MPLS switch must be configured to use its loopback address as the source address for LDP peering sessions.DISA STIG Cisco IOS XE Switch RTR v3r1Cisco

CONFIGURATION MANAGEMENT

CISC-RT-000600 - The Cisco MPLS switch must be configured to synchronize Interior Gateway Protocol (IGP) and LDP to minimize packet loss when an IGP adjacency is established prior to LDP peers completing label exchange.DISA STIG Cisco IOS XE Switch RTR v3r1Cisco

CONFIGURATION MANAGEMENT

CISC-RT-000710 - The Cisco PE switch must be configured to implement Internet Group Management Protocol (IGMP) or Multicast Listener Discovery (MLD) snooping for each Virtual Private LAN Services (VPLS) bridge domain.DISA STIG Cisco IOS XE Switch RTR v3r1Cisco

SYSTEM AND COMMUNICATIONS PROTECTION

CISC-RT-000810 - The Cisco multicast edge router must be configured to establish boundaries for administratively scoped multicast traffic.DISA STIG Cisco IOS-XR Router RTR v3r2Cisco

ACCESS CONTROL

CISC-RT-000930 - The Cisco Multicast Source Discovery Protocol (MSDP) router must be configured to filter source-active multicast advertisements to external MSDP peers to avoid global visibility of local-only multicast sources and groups.DISA STIG Cisco IOS XE Router RTR v3r2Cisco

ACCESS CONTROL

JUSX-DM-000030 - For local accounts created on the device, the Juniper SRX Services Gateway must enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period.DISA Juniper SRX Services Gateway NDM v3r2Juniper

ACCESS CONTROL

JUSX-DM-000032 - The Juniper SRX Services Gateway must display the Standard Mandatory DoD Notice and Consent Banner before granting access.DISA Juniper SRX Services Gateway NDM v3r2Juniper

ACCESS CONTROL

JUSX-DM-000042 - The Juniper SRX Services Gateway must generate log records when administrator privileges are deleted.DISA Juniper SRX Services Gateway NDM v3r2Juniper

AUDIT AND ACCOUNTABILITY

RHEL-06-000194 - The audit system must be configured to audit all discretionary access control permission modifications using lsetxattr - auid>=500 64 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000195 - The audit system must be configured to audit all discretionary access control permission modifications using removexattr - auid>=500 32 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000195 - The audit system must be configured to audit all discretionary access control permission modifications using removexattr - auid>=500 64 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000196 - The audit system must be configured to audit all discretionary access control permission modifications using setxattr - auid=0 32 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000196 - The audit system must be configured to audit all discretionary access control permission modifications using setxattr - auid=0 64 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000200 - The audit system must be configured to audit user deletions of files and programs - renameat 32 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000200 - The audit system must be configured to audit user deletions of files and programs - unlink 64 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000200 - The audit system must be configured to audit user deletions of files and programs - unlinkat 64 bitDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000246 - The avahi service must be disabled - CHKCONFIG.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000246 - The avahi service must be disabled - PROCESS_CHECK.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000262 - The atd service must be disabled - CHKCONFIG.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000265 - The ntpdate service must not be running - 'PROCESS_CHECK'.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000268 - The rdisc service must not be running - 'CHKCONFIG'.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000271 - The noexec option must be added to removable media partitions.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000275 - The operating system must employ cryptographic mechanisms to protect information in storage.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000296 - All accounts on the system must have unique user or account namesDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-06-000321 - The system must provide VPN connectivity for communications over untrusted networks.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000339 - The FTP daemon must be configured for logging or verbose mode - 'xferlog_enable = yes'.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000343 - The system default umask for the csh shell must be 077.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000346 - The system default umask for daemons must be 027 or 022.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000515 - The NFS server must not have the all_squash option enabled.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-06-000517 - The system package management tool must verify group-ownership on all files and directories associated with packages.DISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-06-000525 - Auditing must be enabled at boot by setting a kernel parameter - BIOSDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

RHEL-06-000526 - Automated file system mounting tools must not be enabled unless needed - PROCESSDISA Red Hat Enterprise Linux 6 STIG v2r2Unix

CONFIGURATION MANAGEMENT

RHEL-07-020300 - The Red Hat Enterprise Linux operating system must be configured so that all Group Identifiers (GIDs) referenced in the /etc/passwd file are defined in the /etc/group file.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-07-021310 - The Red Hat Enterprise Linux operating system must be configured so that a separate file system is used for user home directories (such as /home or an equivalent).DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

RHEL-07-021320 - The Red Hat Enterprise Linux operating system must use a separate file system for /var.DISA Red Hat Enterprise Linux 7 STIG v3r15Unix

CONFIGURATION MANAGEMENT

WN10-CC-000035 - The system must be configured to ignore NetBIOS name release requests except from WINS servers.DISA Microsoft Windows 10 STIG v3r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN10-CC-000170 - The setting to allow Microsoft accounts to be optional for modern style apps must be enabled.DISA Microsoft Windows 10 STIG v3r4Windows

CONFIGURATION MANAGEMENT

WN10-CC-000175 - The Application Compatibility Program Inventory must be prevented from collecting data and sending the information to Microsoft.DISA Microsoft Windows 10 STIG v3r4Windows

CONFIGURATION MANAGEMENT

WN12-SO-000073 - The shutdown option must not be available from the logon dialog box.DISA Windows Server 2012 and 2012 R2 MS STIG v3r7Windows

CONFIGURATION MANAGEMENT