| JUEX-L2-000170 - If STP is used, the Juniper EX switch must be configured to implement Rapid STP, or Multiple STP, where VLANs span multiple switches with redundant links. | DISA Juniper EX Series Layer 2 Switch v2r4 | Juniper | CONFIGURATION MANAGEMENT |
| JUEX-NM-000010 - The Juniper EX switch must be configured to limit the number of concurrent management sessions to 10 or an organization-defined value. | DISA Juniper EX Series Network Device Management v2r4 | Juniper | ACCESS CONTROL |
| JUEX-NM-000080 - The Juniper EX switch must be configured to enforce the limit of three consecutive invalid logon attempts for any given user, after which time it must block any login attempt for that user for 15 minutes. | DISA Juniper EX Series Network Device Management v2r4 | Juniper | ACCESS CONTROL |
| JUEX-NM-000130 - The Juniper EX switch must be configured to produce audit records containing information to establish when (date and time) the events occurred. | DISA Juniper EX Series Network Device Management v2r4 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUEX-NM-000200 - The Juniper EX switch must be configured to protect audit information from unauthorized deletion. | DISA Juniper EX Series Network Device Management v2r4 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUEX-NM-000410 - The Juniper EX switch must be configured to allocate audit record storage capacity in accordance with organization-defined audit record storage requirements. | DISA Juniper EX Series Network Device Management v2r4 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUEX-NM-000530 - The Juniper EX switch must be configured to protect against known types of denial-of-service (DoS) attacks by employing organization-defined security safeguards. | DISA Juniper EX Series Network Device Management v2r4 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000030 - The Juniper BGP router must be configured to reject inbound route advertisements for any prefixes belonging to the local autonomous system (AS). | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| JUEX-RT-000640 - The Juniper router must be configured to have Internet Control Message Protocol (ICMP) redirects disabled on all external interfaces. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-001000 - The Juniper router must not be configured to use IPv6 Site Local Unicast addresses. | DISA Juniper EX Series Router v2r1 | Juniper | CONFIGURATION MANAGEMENT |
| RHEL-08-010040 - RHEL 8 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a ssh logon. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-08-010049 - RHEL 8 must display a banner before granting local or remote access to the system via a graphical user logon. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-08-010141 - RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require a unique superusers name upon booting into single-user mode and maintenance. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-10-000550 - RHEL 10 must use a separate file system for "/var". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-000560 - RHEL 10 must use a separate file system for "/var/log". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-200648 - RHEL 10 must use cron logging. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-10-200692 - RHEL 10 must be configured to prevent unrestricted mail relaying. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-200700 - RHEL 10 must have the "cronie" package installed. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-400005 - RHEL 10 must be configured so that the "/etc/group" file is group-owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400015 - RHEL 10 must be configured so that the "/etc/group-" file is group-owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400020 - RHEL 10 must be configured so that the "/etc/gshadow" file is owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400030 - RHEL 10 must be configured so that the "/etc/gshadow-" file is owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400065 - RHEL 10 must be configured so that the "/etc/shadow" file is group-owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400080 - RHEL 10 must be configured so that the "/var/log" directory is owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-10-400140 - RHEL 10 must be configured so that world-writable directories are owned by root, sys, bin, or an application user. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-400155 - RHEL 10 must be configured so that the Secure Shell (SSH) server configuration file is owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400240 - RHEL 10 must enforce mode "0750" or less permissive for local interactive user home directories. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400260 - RHEL 10 must enforce mode "0000" or less permissive for the "/etc/gshadow-" file to prevent unauthorized access. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400265 - RHEL 10 must enforce mode "0644" or less permissive for the "/etc/passwd" file to prevent unauthorized access. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400275 - RHEL 10 must enforce mode "0000" or less permissive for "/etc/shadow-" file to prevent unauthorized access. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400315 - RHEL 10 must define default permissions for the bash shell. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400330 - RHEL 10 must define default permissions for the system default profile. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400340 - RHEL 10 must enforce mode "0600" or less permissive for Secure Shell (SSH) private host key files. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-500015 - RHEL 10 must write audit records to disk. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-10-500020 - RHEL 10 must log username information when unsuccessful login attempts occur. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-500120 - RHEL 10 must produce audit records containing information to establish the identity of any individual or process associated with the event. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-10-500620 - RHEL 10 must generate audit records for successful and unsuccessful uses of the "init" command. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-10-500630 - RHEL 10 must generate audit records for successful and unsuccessful uses of the "poweroff" command. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-10-600000 - RHEL 10 must require a boot loader superuser password. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-600020 - RHEL 10 must not assign an interactive login shell for system accounts. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-10-600190 - RHEL 10 must ensure that all local interactive user home directories defined in the "/etc/passwd" file must exist. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-600400 - RHEL 10 must allow only the root account to have unrestricted access to the system. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-600470 - RHEL 10 must have a unique group ID (GID) for each group in "/etc/group". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-600530 - RHEL 10 must require users to reauthenticate for privilege escalation. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-700550 - RHEL 10 must be configured so that the Secure Shell (SSH) daemon disables remote X connections for interactive users. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-10-700590 - RHEL 10 must be configured so that Secure Shell (SSH) server configuration files' permissions are not modified. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-700680 - RHEL 10 must not have a "shosts.equiv" file on the system. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-700830 - RHEL 10 must disable the ability of a user to accidentally press Ctrl-Alt-Del and cause a system to shut down or reboot. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-701110 - RHEL 10 must disable the Stream Control Transmission Protocol (SCTP) kernel module. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-701260 - RHEL 10 must require authentication to access single-user mode. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
