Item Search

NameAudit NamePluginCategory
ALMA-09-012010 - AlmaLinux OS 9 cron configuration directories must have a mode of 0700 or less permissive.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-013110 - AlmaLinux OS 9 /etc/group file must be owned by root.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-013330 - The /boot/grub2/grub.cfg file must be group-owned by root.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-014210 - AlmaLinux OS 9 /etc/gshadow file must have mode 0000 or less permissive to prevent unauthorized access.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-014760 - All AlmaLinux OS 9 local interactive user home directories must be group-owned by the home directory owner's primary group.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-015090 - All AlmaLinux OS 9 local interactive users must have a home directory assigned in the /etc/passwd file.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-015200 - Executable search paths within the initialization files of all local interactive AlmaLinux OS 9 users must only contain paths that resolve to the system default or the users home directory.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-015860 - AlmaLinux OS 9 must not have accounts configured with blank or null passwords.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-015970 - AlmaLinux OS 9 /etc/passwd- file must be group-owned by root.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-016630 - AlmaLinux OS 9 /etc/shadow- file must be group-owned by root.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-017950 - AlmaLinux OS 9 must not have unauthorized accounts.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-018610 - AlmaLinux OS 9 must ignore Internet Control Message Protocol (ICMP) redirect messages.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-019050 - AlmaLinux OS 9 must not respond to Internet Control Message Protocol (ICMP) echoes sent to a broadcast address.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-021800 - AlmaLinux OS 9 must enable hardening for the Berkeley Packet Filter (BPF) just-in-time (JIT) compiler.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-022020 - AlmaLinux OS 9 must be configured so that all system device files are correctly labeled to prevent unauthorized modification.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-022350 - The kdump service on AlmaLinux OS 9 must be disabled.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-022790 - AlmaLinux OS 9 must prevent code from being executed on file systems that are used with removable media.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-023450 - AlmaLinux OS 9 must prevent files with the setuid and setgid bit set from being executed on file systems that are imported via Network File System (NFS).DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-024220 - AlmaLinux OS 9 must display the date and time of the last successful account logon upon logon.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-024330 - AlmaLinux OS 9 security patches and updates must be installed and up to date.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-024550 - AlmaLinux OS 9 must enable the hardware random number generator entropy gatherer service.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-024770 - The SSH daemon must perform strict mode checking of home directory configuration files.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-025100 - AlmaLinux OS 9 must use a separate file system for /tmp.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ALMA-09-025540 - AlmaLinux OS 9 must use a separate file system for /var/tmp.DISA CloudLinux AlmaLinux OS 9 STIG v1r2Unix

CONFIGURATION MANAGEMENT

ESXI-80-000204 - The ESXi host Secure Shell (SSH) daemon must not permit user environment settings.DISA VMware vSphere 8.0 ESXi STIG v2r3Unix

CONFIGURATION MANAGEMENT

ESXI-80-000207 - The ESXi host Secure Shell (SSH) daemon must be configured to not allow gateway ports.DISA VMware vSphere 8.0 ESXi STIG v2r3Unix

CONFIGURATION MANAGEMENT

ESXI-80-000211 - The ESXi host Secure Shell (SSH) daemon must set a timeout interval on idle sessions.DISA VMware vSphere 8.0 ESXi STIG v2r3Unix

CONFIGURATION MANAGEMENT

ESXI-80-000229 - The ESXi host must use DOD-approved certificates.DISA VMware vSphere 8.0 ESXi STIG v2r3Unix

CONFIGURATION MANAGEMENT

GOOG-13-006100 - Google Android 13 must be configured to not allow passwords that include more than four repeating or sequential characters - CharactersAirWatch - DISA Google Android 13 COBO v2r2MDM

CONFIGURATION MANAGEMENT

GOOG-13-006100 - Google Android 13 must be configured to not allow passwords that include more than four repeating or sequential characters - Complex CharactersMobileIron - DISA Google Android 13 COBO v2r2MDM

CONFIGURATION MANAGEMENT

GOOG-13-006100 - Google Android 13 must be configured to not allow passwords that include more than four repeating or sequential characters - Complex CharactersMobileIron - DISA Google Android 13 COPE v2r2MDM

CONFIGURATION MANAGEMENT

GOOG-13-006500 - Google Android 13 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DOD-approved commercial app repository, MDM server, mobile application store].MobileIron - DISA Google Android 13 COBO v2r2MDM

CONFIGURATION MANAGEMENT

GOOG-13-006500 - Google Android 13 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DOD-approved commercial app repository, MDM server, mobile application store].AirWatch - DISA Google Android 13 COPE v2r2MDM

CONFIGURATION MANAGEMENT

GOOG-13-006500 - Google Android 13 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DOD-approved commercial app repository, MDM server, mobile application store].MobileIron - DISA Google Android 13 COPE v2r2MDM

CONFIGURATION MANAGEMENT

GOOG-13-006700 - Google Android 13 allowlist must be configured to not include applications with the following characteristics:MobileIron - DISA Google Android 13 COBO v2r2MDM

CONFIGURATION MANAGEMENT

GOOG-13-006700 - Google Android 13 allowlist must be configured to not include applications with the following characteristics:MobileIron - DISA Google Android 13 COPE v2r2MDM

CONFIGURATION MANAGEMENT

GOOG-13-009800 - Google Android 13 users must complete required training.AirWatch - DISA Google Android 13 COPE v2r2MDM

CONFIGURATION MANAGEMENT

GOOG-13-010000 - Google Android 13 must have the DOD root and intermediate PKI certificates installed.AirWatch - DISA Google Android 13 COBO v2r2MDM

CONFIGURATION MANAGEMENT

GOOG-13-010000 - Google Android 13 must have the DOD root and intermediate PKI certificates installed.MobileIron - DISA Google Android 13 COBO v2r2MDM

CONFIGURATION MANAGEMENT

GOOG-13-010200 - The Google Android 13 work profile must be configured to enforce the system application disable list.AirWatch - DISA Google Android 13 COPE v2r2MDM

CONFIGURATION MANAGEMENT

GOOG-13-010200 - The Google Android 13 work profile must be configured to enforce the system application disable list.MobileIron - DISA Google Android 13 COPE v2r2MDM

CONFIGURATION MANAGEMENT

GOOG-13-010300 - Google Android 13 must be provisioned as a fully managed device and configured to create a work profile.MobileIron - DISA Google Android 13 COPE v2r2MDM

CONFIGURATION MANAGEMENT

GOOG-14-006500 - Google Android 14 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DOD-approved commercial app repository, MDM server, mobile application store].AirWatch - DISA Google Android 14 COPE v2r2MDM

CONFIGURATION MANAGEMENT

GOOG-14-010200 - The Google Android 14 work profile must be configured to enforce the system application disable list.MobileIron - DISA Google Android 14 COBO v2r2MDM

CONFIGURATION MANAGEMENT

GOOG-14-011000 - Android 14 devices must be configured to enable Common Criteria Mode (CC Mode) - CC Mode.MobileIron - DISA Google Android 14 COPE v2r2MDM

CONFIGURATION MANAGEMENT

GOOG-15-010400 - The Google Android 15 work profile must be configured to disable automatic completion of workspace internet browser text input.MobileIron - DISA Google Android 15 COPE v1r2MDM

CONFIGURATION MANAGEMENT

GOOG-15-010500 - The Google Android 15 work profile must be configured to disable the autofill services.MobileIron - DISA Google Android 15 COBO v1r2MDM

CONFIGURATION MANAGEMENT

JUNI-RT-000235 - The Juniper router must not be configured to use IPv6 Site Local Unicast addresses.DISA STIG Juniper Router RTR v3r2Juniper

CONFIGURATION MANAGEMENT

WN10-CC-000070 - Virtualization Based Security must be enabled on Windows 10 with the platform security level configured to Secure Boot or Secure Boot with DMA Protection.DISA Microsoft Windows 10 STIG v3r4Windows

CONFIGURATION MANAGEMENT

WN10-CC-000080 - Virtualization-based protection of code integrity must be enabled.DISA Microsoft Windows 10 STIG v3r4Windows

CONFIGURATION MANAGEMENT