| 2.3.10.3 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.3.10.5 Ensure 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 3.1.1.2 Configure EIGRP Passive interfaces for interfaces that do not have peers | CIS Cisco NX-OS v1.2.0 L1 | Cisco | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.7 Ensure the Core Dump Directory Is Secured | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | |
| 3.7 Ensure the Core Dump Directory Is Secured | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | |
| 3.7 Ensure the Core Dump Directory Is Secured | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | |
| 3.8 Ensure Plugin Directory Has Appropriate Permissions | CIS MySQL 5.7 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.8 Ensure Plugin Directory Has Appropriate Permissions | CIS MySQL 5.7 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 5.4 (L1) Host must filter Bridge Protocol Data Unit (BPDU) packets | CIS VMware ESXi 8.0 v1.2.0 L1 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| 17.7.2 Ensure 'Audit Audit Policy Change' is set to include 'Success and Failure' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.51.1.2 Ensure 'Enable Windows NTP Client' is set to 'Enabled: DoD time server' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | AUDIT AND ACCOUNTABILITY |
| 18.9.51.1.2 Ensure 'Enable Windows NTP Client' is set to 'Enabled: DoD time server' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 20.2 Ensure 'Active Directory AdminSDHolder object is configured with proper audit settings' (STIG DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 20.7 Ensure 'Active Directory Group Policy objects have proper access control permissions' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 20.8 Ensure 'Active Directory Infrastructure object is configured with proper audit settings' (STIG DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 20.24 Ensure 'Domain Controllers run on a machine dedicated to that function' (STIG DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.24 Ensure 'Domain Controllers run on a machine dedicated to that function' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.59 Ensure 'Software certificate installation files must be removed' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| APPL-13-000005 - The macOS system must be configured to lock the user session when a smart token is removed. | DISA STIG Apple macOS 13 v1r5 | Unix | ACCESS CONTROL |
| AS24-W1-000670 - The Apache web server must restrict inbound connections from nonsecure zones. | DISA STIG Apache Server 2.4 Windows Server v3r3 | Windows | ACCESS CONTROL |
| Big Sur - Configure System to Audit All Log In and Log Out Events | NIST macOS Big Sur v1.4.0 - 800-53r4 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Big Sur - Configure System to Audit All Log In and Log Out Events | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Big Sur - Configure System to Audit All Log In and Log Out Events | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Big Sur - Configure System to Audit All Log In and Log Out Events | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Big Sur - Configure System to Audit All Log In and Log Out Events | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Big Sur - Configure System to Audit All Log In and Log Out Events | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Catalina - Configure System to Audit All Log In and Log Out Events | NIST macOS Catalina v1.5.0 - 800-171 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Catalina - Configure System to Audit All Log In and Log Out Events | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Catalina - Configure System to Audit All Log In and Log Out Events | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Catalina - Configure System to Audit All Log In and Log Out Events | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Catalina - Configure System to Audit All Log In and Log Out Events | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Catalina - Configure System to Audit All Log In and Log Out Events | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| JUEX-RT-000460 - The Juniper out-of-band management (OOBM) gateway must be configured to transport management traffic to the Network Operations Center (NOC) via dedicated circuit, MPLS/VPN service, or IPsec tunnel. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| KNOX-07-004700 - The Samsung must be configured to not allow backup of [all applications, configuration data] to locally connected systems. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | ACCESS CONTROL |
| KNOX-07-004700 - The Samsung must be configured to not allow backup of [all applications, configuration data] to locally connected systems. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | ACCESS CONTROL |
| Monterey - Configure System to Audit All Log In and Log Out Events | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Monterey - Configure System to Audit All Log In and Log Out Events | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Monterey - Configure System to Audit All Log In and Log Out Events | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Monterey - Configure System to Audit All Log In and Log Out Events | NIST macOS Monterey v1.0.0 - 800-171 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Monterey - Configure System to Audit All Log In and Log Out Events | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Monterey - Configure System to Audit All Log In and Log Out Events | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| Monterey - Configure System to Audit All Log In and Log Out Events | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| OH12-1X-000032 - OHS must have the Order, Allow, and Deny directives set within the Files directives set to restrict inbound connections from nonsecure zones. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | ACCESS CONTROL |
| SQL4-00-038000 - SQL Server must generate Trace or Audit records when concurrent logons/connections by the same user from different workstations occur - Event ID 16 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-038000 - SQL Server must generate Trace or Audit records when concurrent logons/connections by the same user from different workstations occur - Event ID 17 | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-038000 - SQL Server must generate Trace or Audit records when concurrent logons/connections by the same user from different workstations occur - LOGOUT_GROUP | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL4-00-038000 - SQL Server must generate Trace or Audit records when concurrent logons/connections by the same user from different workstations occur. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| VCSA-80-000110 - The vCenter Server must manage excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of denial-of-service (DoS) attacks by enabling Network I/O Control (NIOC). | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000045 - The system must be configured to use Safe DLL Search Mode. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-SO-000045 - The system must be configured to use Safe DLL Search Mode. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
