| 19.7.4.2 (L1) Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Disable Wi-Fi When Connected to Ethernet | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
| Big Sur - Disable Wi-Fi When Connected to Ethernet | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL |
| Big Sur - Disable Wi-Fi When Connected to Ethernet | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL |
| Catalina - Disable Wi-Fi When Connected to Ethernet | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | ACCESS CONTROL |
| Catalina - Disable Wi-Fi When Connected to Ethernet | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL |
| DTBI515 - Web sites in less privileged web content zones must be disallowed to navigate into the Internet zone. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | ACCESS CONTROL |
| DTBI520 - Web sites in less privileged web content zones must be disallowed to navigate into the Restricted Site zone. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | ACCESS CONTROL |
| EX13-EG-000025 - Exchange external Receive connectors must be domain secure-enabled. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r5 | Windows | ACCESS CONTROL |
| GEN003600 - The system must not forward IPv4 source-routed packets. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003602 - The system must not process ICMP timestamp requests. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003603 - The system must not respond to ICMPv4 echoes sent to a broadcast address. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003604 - The system must not respond to ICMP timestamp requests sent to a broadcast address. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003605 - The system must not apply reversed source routing to TCP responses. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003606 - The system must prevent local applications from generating source-routed packets. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003607 - The system must not accept source-routed IPv4 packets. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003608 - Proxy ARP must not be enabled on the system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003610 - The system must not send IPv4 ICMP redirects. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003860 - The system must not have the finger service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007700 - The IPv6 protocol handler must not be bound to the network stack unless needed. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007720 - The IPv6 protocol handler must be prevented from dynamic loading unless needed. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007760 - Proxy Neighbor Discovery Protocol (NDP) must not be enabled on the system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007780 - The system must not have 6to4 enabled. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007820 - The system must not have IP tunnels configured - 'ifconfig -a' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007820 - The system must not have IP tunnels configured - 'lstun -a' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007860 - The system must ignore IPv6 ICMP redirect messages. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007880 - The system must not send IPv6 ICMP redirects. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007900 - The system must use an appropriate reverse-path filter for IPv6 network traffic, if the system uses IPv6. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007920 - The system must not forward IPv6 source-routed packets. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007940 - The system must not accept source-routed IPv6 packets. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - 800-171 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Wi-Fi When Connected to Ethernet | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL |
| Monterey - Disable Wi-Fi When Connected to Ethernet | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |
| Monterey - Disable Wi-Fi When Connected to Ethernet | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| Monterey - Disable Wi-Fi When Connected to Ethernet | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | ACCESS CONTROL |
| Monterey - Disable Wi-Fi When Connected to Ethernet | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
| SHPT-00-000130 - For environments requiring an Internet-facing capability, the SharePoint application server upon which Central Administration is installed must not be installed in the DMZ. | DISA STIG SharePoint 2010 v1r9 | Windows | ACCESS CONTROL |
| SYMP-AG-000070 - Symantec ProxySG must restrict or block harmful or suspicious communications traffic by controlling the flow of information between interconnected networks based on attribute- and content-based inspection of the source, destination, headers, and/or content of the communications traffic - SSL | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | ACCESS CONTROL |
| SYMP-AG-000070 - Symantec ProxySG must restrict or block harmful or suspicious communications traffic by controlling the flow of information between interconnected networks based on attribute- and content-based inspection of the source, destination, headers, and/or content of the communications traffic - Web Access | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | ACCESS CONTROL |
| SYMP-AG-000090 - Symantec ProxySG must immediately use updates made to policy enforcement mechanisms such as policies and rules - Web Access | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | ACCESS CONTROL |
| SYMP-NM-000040 - Symantec ProxySG must be configured to enforce assigned privilege levels for approved administrators when accessing the management console, SSH, and the command line interface (CLI). | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | ACCESS CONTROL |
