| KNOX-07-013900 - The Samsung Android 7 with Knox must implement the management setting: Disable Move Files from Container to Personal. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| SPLK-CL-000130 - Splunk Enterprise must be configured to retain the DoD-defined attributes of the log records sent by the devices and hosts. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST API | Splunk | AUDIT AND ACCOUNTABILITY |
| SPLK-CL-000290 - Analysis, viewing, and indexing functions, services, and applications used as part of Splunk Enterprise must be configured to comply with DoD-trusted path and access requirements. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST API | Splunk | CONFIGURATION MANAGEMENT |
| SPLK-CL-000300 - When Splunk Enterprise is distributed over multiple servers, each server must be configured to disable non-essential capabilities. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST API | Splunk | CONFIGURATION MANAGEMENT |
| SYMP-AG-000090 - Symantec ProxySG must immediately use updates made to policy enforcement mechanisms such as policies and rules - Web Access | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | ACCESS CONTROL |
| SYMP-AG-000310 - Symantec ProxySG providing user authentication intermediary services must require users to reauthenticate every 900 seconds when organization-defined circumstances or situations require reauthentication. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-AG-000510 - Symantec ProxySG must fail to a secure state upon failure of initialization, shutdown, or abort actions. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-16-030401 - The Ubuntu operating system SSH daemon must prevent remote hosts from connecting to the proxy display. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | CONFIGURATION MANAGEMENT |
| VCEM-70-000006 - ESX Agent Manager must generate log records for system startup and shutdown. | DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCEM-70-000011 - ESX Agent Manager must be configured to limit access to internal packages. | DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCEM-70-000016 - ESX Agent Manager must not have any symbolic links in the web content directory tree. | DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCEM-70-000020 - ESX Agent Manager must set URIEncoding to UTF-8 - URIEncoding to UTF-8. | DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCEM-70-000023 - ESX Agent Manager must not show directory listings. | DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCEM-70-000032 - ESX Agent Manager must disable the shutdown port. | DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCFL-67-000016 - vSphere Client must be configured with memory leak protection. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCFL-67-000022 - vSphere Client must set the 'welcome-file' node to a default web page - welcome-file node to a default web page. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCFL-67-000023 - vSphere Client must not show directory listings. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCFL-67-000024 - vSphere Client must be configured to show error pages with minimal information. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCFL-67-000025 - vSphere Client must not enable support for TRACE requests. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCFL-67-000029 - vSphere Client must disable the shutdown port. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCLD-67-000016 - VAMI must only load allowed server modules - mod_cgi | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCLD-67-000016 - VAMI must only load allowed server modules - mod_rewrite | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCLD-67-000017 - VAMI must have Multipurpose Internet Mail Extensions (MIME) that invoke OS shell programs disabled. | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCLD-67-000019 - VAMI must remove all mappings to unused scripts - cgi | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCLD-67-000029 - VAMI must disable directory browsing. | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCLD-67-000031 - VAMI must have debug logging disabled. | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCLU-70-000002 - Lookup Service must limit the number of concurrent connections permitted. | DISA STIG VMware vSphere 7.0 Lookup Service v1r2 | Unix | ACCESS CONTROL |
| VCLU-70-000013 - Lookup Service must have mappings set for Java servlet pages. | DISA STIG VMware vSphere 7.0 Lookup Service v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCTR-67-000004 - The vCenter Server must terminate management sessions after 10 minutes of inactivity. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCTR-67-000008 - The vCenter Server must provide an immediate real-time alert to the SA and ISSO, at a minimum, of all audit failure events. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | AUDIT AND ACCOUNTABILITY |
| VCTR-67-000014 - The vCenter Server must set the distributed port group MAC Address Change policy to reject. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000019 - The vCenter Server must not configure VLAN Trunking unless Virtual Guest Tagging (VGT) is required and authorized. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000020 - The vCenter Server must not configure all port groups to VLAN values reserved by upstream physical switches. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000025 - The vCenter Server must disable the managed object browser (MOB) at all times when not required for troubleshooting or maintenance of managed objects. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000036 - The vCenter Server must produce audit records containing information to establish what type of events occurred. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| VCTR-67-000046 - The vCenter Server must set the interval for counting failed login attempts to at least 15 minutes. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | ACCESS CONTROL |
| VCTR-67-000047 - The vCenter Server must require an administrator to unlock an account locked due to excessive login failures. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | ACCESS CONTROL |
| VCTR-67-000052 - The vCenter Server must protect the confidentiality and integrity of transmitted information by isolating IP-based storage traffic. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000055 - The vCenter Server must configure the vSAN Datastore name to a unique name. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000059 - The vCenter Server must enable certificate based authentication. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000070 - The vCenter Server must not automatically refresh client sessions. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCTR-67-000071 - The vCenter Server must terminate management sessions after 10 minutes of inactivity. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCTR-67-000072 - The vCenter Server services must be ran using a service account instead of a built-in Windows account. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000075 - The vCenter Server must enable all tasks to be shown to Administrators in the Web Client. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCUI-67-000019 - vSphere UI must set URIEncoding to UTF-8. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCUI-67-000021 - The vSphere UI must not show directory listings. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCUI-67-000025 - vSphere UI must have the debug option turned off. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCUI-67-000031 - vSphere UI must not be configured with the 'UserDatabaseRealm' enabled - UserDatabaseRealm enabled. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VMCH-67-000007 - HGFS file transfers must be disabled on the virtual machine. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-67-000012 - Unauthorized USB devices must be disconnected on the virtual machine. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
