| ALMA-09-001230 - AlmaLinux OS 9 must conceal, via the session lock, information previously visible on the display with a publicly viewable image. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | ACCESS CONTROL |
| ALMA-09-001890 - AlmaLinux OS 9 must automatically exit interactive command shell user sessions after 10 minutes of inactivity. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| ALMA-09-002110 - AlmaLinux OS 9 must prevent a user from overriding the disabling of the graphical user smart card removal action. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | ACCESS CONTROL |
| ALMA-09-003100 - AlmaLinux OS 9 must implement DOD-approved encryption ciphers to protect the confidentiality of SSH connections. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | ACCESS CONTROL |
| ALMA-09-003320 - The AlmaLinux 9 SSH server must be configured to use only DOD-approved encryption ciphers employing FIPS 140-3-validated cryptographic hash algorithms to protect the confidentiality of SSH server connections. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | ACCESS CONTROL |
| ALMA-09-003430 - AlmaLinux OS 9 must implement DOD-approved systemwide cryptographic policies to protect the confidentiality of SSH server connections. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | ACCESS CONTROL |
| ALMA-09-004970 - AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-005080 - AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-006070 - AlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect the files within /etc/sudoers.d/ | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| ALMA-09-006290 - AlmaLinux OS 9 must require a boot loader password. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | ACCESS CONTROL |
| ALMA-09-006510 - AlmaLinux OS 9 must require authentication to access single-user mode. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | ACCESS CONTROL |
| ALMA-09-006620 - The systemd Ctrl-Alt-Delete burst key sequence in AlmaLinux OS 9 must be disabled. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | ACCESS CONTROL |
| ALMA-09-006730 - The Ctrl-Alt-Delete key sequence must be disabled on AlmaLinux OS 9. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | ACCESS CONTROL |
| ALMA-09-006950 - The AlmaLinux OS 9 debug-shell systemd service must be disabled. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | ACCESS CONTROL |
| ALMA-09-007720 - AlmaLinux OS 9 must automatically lock an account when three unsuccessful logon attempts occur during a 15-minute time period. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | ACCESS CONTROL |
| ALMA-09-007830 - AlmaLinux OS 9 must configure the use of the pam_faillock.so module in the /etc/pam.d/system-auth file. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | ACCESS CONTROL |
| ALMA-09-009480 - AlmaLinux OS 9 SSH daemon must not allow Kerberos authentication. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-009810 - AlmaLinux OS 9 must check the GPG signature of locally installed software packages before installation. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-010140 - AlmaLinux OS 9 must prevent the loading of a new kernel for later execution. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-010910 - AlmaLinux OS 9 library files must be group-owned by root or a system account. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-011460 - AlmaLinux OS 9 must disable storing core dumps. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-011570 - AlmaLinux OS 9 must disable core dump backtraces. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-011900 - AlmaLinux OS 9 cron configuration files directory must be owned by root. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-012120 - AlmaLinux OS 9 /etc/crontab file must have mode 0600. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-013220 - AlmaLinux OS 9 /etc/group file must have mode 0644 or less permissive to prevent unauthorized access. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-014100 - AlmaLinux OS 9 /etc/gshadow file must be owned by root. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-014540 - All AlmaLinux OS 9 local interactive user accounts must be assigned a home directory upon creation. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-015090 - All AlmaLinux OS 9 local interactive users must have a home directory assigned in the /etc/passwd file. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-015310 - All AlmaLinux OS 9 local interactive user home directories must have mode 0750 or less permissive. | DISA CloudLinux AlmaLinux OS 9 STIG v1r4 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-70-000003 - The ESXi host must verify the exception users list for lockdown mode. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000004 - Remote logging for ESXi hosts must be configured. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| ESXI-70-000006 - The ESXi host must enforce an unlock timeout of 15 minutes after a user account is locked out. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | ACCESS CONTROL |
| ESXI-70-000034 - The ESXi host must disable the Managed Object Browser (MOB). | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000035 - The ESXi host must be configured to disable nonessential capabilities by disabling Secure Shell (SSH). | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| ESXI-70-000037 - The ESXi host must use Active Directory for local user authentication. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXI-70-000053 - Simple Network Management Protocol (SNMP) must be configured properly on the ESXi host. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000074 - The ESXi host must exclusively enable Transport Layer Security (TLS) 1.2 for all endpoints. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-70-000081 - The ESXi host must not suppress warnings about unmitigated hyperthreading vulnerabilities. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000086 - The ESXi host must verify certificates for SSL syslog endpoints. | DISA STIG VMware vSphere 7.0 ESXi v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000013 - The vCenter Server must set the distributed port group Forged Transmits policy to reject. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000016 - The vCenter Server must only send NetFlow traffic to authorized collectors. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000026 - The vCenter Server must check the privilege reassignment after restarts. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000029 - The vCenter Server must enable all tasks to be shown to Administrators in the Web Client. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000035 - vCenter Server plugins must be verified. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000040 - The vCenter Server passwords must contain at least one uppercase character. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCTR-67-000043 - The vCenter Server passwords must contain at least one special character. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCTR-67-000062 - The vCenter Server must enable the login banner for vSphere Client. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000065 - The vCenter Server must have Mutual CHAP configured for vSAN iSCSI targets. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000074 - The vCenter Server Administrators must clean up log files after failed installations. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000077 - The vCenter Server must enable TLS 1.2 exclusively. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
