| 1.3.1.8 Ensure the operating system has the policycoreutils package installed | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6 Ensure 'SCL Quarantine' is 'Enabled' | CIS Microsoft Exchange Server 2019 L1 Edge v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 1.6 UBTU-24-100100 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.28 OL08-00-010170 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.56 OL08-00-010359 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.76 OL08-00-010421 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.111 UBTU-22-651010 | CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.298 RHEL-09-431010 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT I | Unix | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 1.367 OL08-00-040342 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 2.2.35 Ensure 'Profile system performance' is set to 'Administrators, NT SERVICE\WdiServiceHost' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.17.4 Ensure 'User Account Control: Detect application installations and prompt for elevation' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| 3.1.5.12 klogin | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.8 Ensure that 'Inline Cloud Analysis' on Wildfire profiles is enabled | CIS Palo Alto Firewall 10 v1.3.0 L1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.2 Ensure 'Default Action and Mitigation Settings' is set to 'Enabled' (plus subsettings) - BannedFunctions | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.2 Ensure 'Default Action and Mitigation Settings' is set to 'Enabled' (plus subsettings) - ExploitAction | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| DTAM004 - McAfee VirusScan On-Access General Policies must be configured to notify local users when detections occur. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTAM004 - McAfee VirusScan On-Access Scanner General Settings must be configured to notify local users when detections occur. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTAM137 - McAfee VirusScan On-Access Scanner General Settings Artemis Heuristic network check for suspicious files must be enabled and set to sensitivity level Medium or higher - ArtemisLevel | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DTAM157 - McAfee VirusScan On-Delivery Email Scanner Artemis sensitivity level must be configured to Medium or higher. - enabled | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | CONFIGURATION MANAGEMENT |
| EX16-ED-002400 - The application must update malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX16-ED-002410 - The application must update malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| F5BI-LT-000219 - The BIG-IP Core implementation must be configured to protect against known types of Denial of Service (DoS) attacks by employing signatures when providing content filtering to virtual servers. | DISA F5 BIG-IP Local Traffic Manager STIG v2r4 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN006560 - The system vulnerability assessment tool, host-based intrusion detection tool, and file integrity tool must notify the SA and the IAO of a security breach or a suspected security breach. | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| GEN006560 - The system vulnerability assessment tool, host-based intrusion detection tool, and file integrity tool must notify the SA and the IAO of a security breach or a suspected security breach. | DISA STIG Solaris 10 SPARC v2r4 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| GEN006560 - The system vulnerability assessment tool, host-based intrusion detection tool, and file integrity tool must notify the SA and the IAO of a security breach or a suspected security breach. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| List bonded NIC groups | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| List crash dumps | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| List halted VMs | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| List networks | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| MYS8-00-001700 - The MySQL Database Server 8.0 must allow only the Information System Security Manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| OL09-00-000200 - OL 9 must have policycoreutils package installed. | DISA Oracle Linux 9 STIG v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PANW-AG-000020 - The Palo Alto Networks security platform, if used as a TLS gateway/decryption point or VPN concentrator, must use NIST FIPS-validated cryptography to protect the integrity of remote access sessions. | DISA Palo Alto Networks ALG STIG v3r4 | Palo_Alto | ACCESS CONTROL |
| PANW-IP-000033 - To protect against unauthorized data mining, the Palo Alto Networks security platform must detect and prevent code injection attacks launched against application objects including, at a minimum, application URLs and application code. | DISA Palo Alto Networks IDPS STIG v3r2 | Palo_Alto | ACCESS CONTROL |
| PANW-IP-000045 - Palo Alto Networks security platform components, including sensors, event databases, and management consoles must integrate with a network-wide monitoring capability. | DISA Palo Alto Networks IDPS STIG v3r2 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| PANW-IP-000058 - The Palo Alto Networks security platform must off-load log records to a centralized log server in real-time. | DISA Palo Alto Networks IDPS STIG v3r2 | Palo_Alto | AUDIT AND ACCOUNTABILITY |
| Review accounts used to mount remote storage | TNS Citrix Hypervisor | Unix | CONFIGURATION MANAGEMENT |
| SLEM-05-431010 - SLEM 5 must have policycoreutils package installed. | DISA SUSE Linux Enterprise Micro SLEM 5 STIG v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SLES-12-010499 - The SUSE operating system must use a file integrity tool to verify correct operation of all security functions. | DISA SLES 12 STIG v3r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| SPLK-CL-000050 - Splunk Enterprise must use TLS 1.2 and SHA-2 or higher cryptographic algorithms. | DISA STIG Splunk Enterprise 7.x for Windows v3r2 REST API | Splunk | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000220 - Symantec ProxySG must be configured to send the access logs to the centralized log server continuously. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | AUDIT AND ACCOUNTABILITY |
| The hosts.deny file blocks access by default | TNS Citrix Hypervisor | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-16-010510 - The file integrity tool must perform verification of the correct operation of security functions: upon system start-up and/or restart; upon command by a user with privileged access; and/or every 30 days. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WDNS-SI-000006 - The Windows 2012 DNS Server must perform verification of the correct operation of security functions: upon system start-up and/or restart; upon command by a user with privileged access; and/or every 30 days. | DISA Microsoft Windows 2012 Server Domain Name System STIG v2r7 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| WDNS-SI-000007 - The Windows 2012 DNS Server must log the event and notify the system administrator when anomalies in the operation of the signed zone transfers are discovered. | DISA Microsoft Windows 2012 Server Domain Name System STIG v2r7 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| XenServer - List halted VMs | TNS Citrix XenServer | Unix | CONFIGURATION MANAGEMENT |
| XenServer - List patches | TNS Citrix XenServer | Unix | SYSTEM AND INFORMATION INTEGRITY |
| XenServer - List security roles | TNS Citrix XenServer | Unix | ACCESS CONTROL |
| XenServer - List VLANs | TNS Citrix XenServer | Unix | CONFIGURATION MANAGEMENT |
| XenServer - The hosts.deny file blocks access by default | TNS Citrix XenServer | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| XenServer - XAPI SSL certificate is in default location | TNS Citrix XenServer | Unix | CONFIGURATION MANAGEMENT |
