| 4.8 Ensure 'Allow Azure services on the trusted services list to access this storage account' is Enabled for Storage Account Access | CIS Microsoft Azure Foundations v3.0.0 L2 | microsoft_azure | ACCESS CONTROL, MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| AIOS-14-009400 - Apple iOS/iPadOS must implement the management setting: Disable Allow MailDrop. | AirWatch - DISA Apple iOS/iPadOS 14 v1r3 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-14-009400 - Apple iOS/iPadOS must implement the management setting: Disable Allow MailDrop. | MobileIron - DISA Apple iOS/iPadOS 14 v1r3 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-16-011000 - Apple iOS/iPadOS 16 must implement the management setting: Disable Allow MailDrop. | AirWatch - DISA Apple iOS/iPadOS 16 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-16-011000 - Apple iOS/iPadOS 16 must implement the management setting: Disable Allow MailDrop. | MobileIron - DISA Apple iOS/iPadOS 16 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| ALMA-09-018720 - The firewalld service on AlmaLinux OS 9 must be active. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| ALMA-09-031700 - AlmaLinux OS 9 must have the firewalld package installed. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AOSX-13-000030 - The macOS system must monitor remote access methods and generate audit records when successful/unsuccessful attempts to access/modify privileges occur. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| AOSX-14-001002 - The macOS system must monitor remote access methods and generate audit records when successful/unsuccessful attempts to access/modify privileges occur. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| AOSX-15-001002 - The macOS system must monitor remote access methods and generate audit records when successful/unsuccessful attempts to access/modify privileges occur. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| APPL-15-001002 - The macOS system must be configured to audit all login and logout events. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ESXI-06-200035 - The VMM must provide the capability to immediately disconnect or disable remote access to the information system by disabling SSH. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | ACCESS CONTROL |
| ESXI-67-000035 - The ESXi host must be configured to disable nonessential capabilities by disabling SSH. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| ESXI-70-000035 - The ESXi host must be configured to disable nonessential capabilities by disabling Secure Shell (SSH). | DISA STIG VMware vSphere 7.0 ESXi v1r3 | VMware | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| ESXI-80-000193 - The ESXi host must be configured to disable nonessential capabilities by disabling Secure Shell (SSH). | DISA VMware vSphere 8.0 ESXi STIG v2r2 | VMware | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN008520 - The system must employ a local firewall. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN008540 - The systems local firewall must implement a deny-all, allow-by-exception policy. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Configure System to Audit All Log In and Log Out Events | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Monterey - Configure System to Audit All Log In and Log Out Events | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Monterey - Configure System to Audit All Log In and Log Out Events | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Monterey - Configure System to Audit All Log In and Log Out Events | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Monterey - Configure System to Audit All Log In and Log Out Events | NIST macOS Monterey v1.0.0 - 800-171 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Monterey - Configure System to Audit All Log In and Log Out Events | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Monterey - Configure System to Audit All Log In and Log Out Events | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Monterey - Configure System to Audit All Log In and Log Out Events | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Monterey - Configure System to Audit All Log In and Log Out Events | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OH12-1X-000021 - OHS must have a log directory location defined to generate information for use by external applications or entities to monitor and control remote access. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | ACCESS CONTROL |
| OL07-00-040100 - The Oracle Linux operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the Ports, Protocols, and Services Management Component Local Service Assessment (PPSM CLSA) and vulnerability assessments - PPSM CLSA and vulnerability assessments. | DISA Oracle Linux 7 STIG v3r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| RHEL-07-040100 - The Red Hat Enterprise Linux operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the Ports, Protocols, and Services Management Component Local Service Assessment (PPSM CLSA) and vulnerability assessments. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| RHEL-09-251010 - RHEL 9 must have the firewalld package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| UBTU-18-010507 - The Ubuntu operating system must enable and run the uncomplicated firewall(ufw). | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| WBLC-01-000011 - Oracle WebLogic must employ automated mechanisms to facilitate the monitoring and control of remote access methods. | Oracle WebLogic Server 12c Linux v2r2 | Unix | ACCESS CONTROL |
| WBSP-AS-000090 - The WebSphere Application Server users WebSphere auditor role must be configured in accordance with System Security Plan. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000090 - The WebSphere Application Server users WebSphere auditor role must be configured in accordance with System Security Plan. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000090 - The WebSphere Application Server users WebSphere auditor role must be configured in accordance with System Security Plan. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN10-AU-000065 - The system must be configured to audit Logon/Logoff - Logoff successes. | DISA Microsoft Windows 10 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN10-AU-000070 - The system must be configured to audit Logon/Logoff - Logon failures. | DISA Microsoft Windows 10 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN10-AU-000075 - The system must be configured to audit Logon/Logoff - Logon successes. | DISA Microsoft Windows 10 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN10-UR-000090 - The Deny log on through Remote Desktop Services user right on Windows 10 workstations must at a minimum be configured to prevent access from highly privileged domain accounts and local accounts on domain systems and unauthenticated access on all systems. | DISA Microsoft Windows 10 STIG v3r4 | Windows | ACCESS CONTROL |
| WN12-AU-000045 - The system must be configured to audit Logon/Logoff - Logoff successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000045 - The system must be configured to audit Logon/Logoff - Logoff successes. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000047 - The system must be configured to audit Logon/Logoff - Logon successes. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000047 - The system must be configured to audit Logon/Logoff - Logon successes. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000048 - The system must be configured to audit Logon/Logoff - Logon failures. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN12-AU-000048 - The system must be configured to audit Logon/Logoff - Logon failures. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN16-AU-000250 - Windows Server 2016 must be configured to audit Logon/Logoff - Logoff successes. | DISA Windows Server 2016 STIG v2r9 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN16-AU-000260 - Windows Server 2016 must be configured to audit Logon/Logoff - Logon successes. | DISA Windows Server 2016 STIG v2r9 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN16-AU-000270 - Windows Server 2016 must be configured to audit Logon/Logoff - Logon failures. | DISA Windows Server 2016 STIG v2r9 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-AU-000190 - Windows Server 2019 must be configured to audit logon successes. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN19-AU-000200 - Windows Server 2019 must be configured to audit logon failures. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
