| 18.10.10.3.4 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Password' is set to 'Enabled: Do not allow 48-digit recovery password' | CIS Microsoft Windows 11 Stand-alone v4.0.0 BL | Windows | MEDIA PROTECTION |
| 18.10.10.3.5 (BL) Ensure 'Choose how BitLocker-protected removable drives can be recovered: Recovery Key' is set to 'Enabled: Do not allow 256-bit recovery key' | CIS Microsoft Windows 11 Stand-alone v4.0.0 BL | Windows | MEDIA PROTECTION |
| AIX7-00-001105 - AIX must only allow the use of DoD PKI-established certificate authorities for verification of the establishment of protected sessions. | DISA STIG AIX 7.x v3r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIX7-00-001108 - AIX must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AIX7-00-001124 - AIX root passwords must never be passed over a network in clear text form. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-001128 - AIX must use Loadable Password Algorithm (LPA) password hashing algorithm. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-001129 - AIX must enforce a minimum 15-character password length. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-002004 - AIX must produce audit records containing information to establish the source and the identity of any individual or process associated with an event. | DISA STIG AIX 7.x v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| AIX7-00-002005 - AIX must produce audit records containing information to establish the outcome of the events. | DISA STIG AIX 7.x v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| AIX7-00-002006 - AIX must produce audit records containing the full-text recording of privileged commands. | DISA STIG AIX 7.x v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| AIX7-00-002013 - Audit logs on the AIX system must be owned by root. | DISA STIG AIX 7.x v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| AIX7-00-002027 - AIX audit tools must be set to 4550 or less permissive. | DISA STIG AIX 7.x v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| AIX7-00-002032 - AIX must provide the function for assigned ISSOs or designated SAs to change the auditing to be performed on all operating system components, based on all selectable event criteria in near real time. | DISA STIG AIX 7.x v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| AIX7-00-002059 - AIX telnet daemon must not be running. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-002060 - AIX ftpd daemon must not be running. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-002061 - AIX must remove NOPASSWD tag from sudo config files. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-002066 - AIX must not have IP forwarding for IPv6 enabled unless the system is an IPv6 router. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-002100 - AIX must monitor and record successful remote logins. | DISA STIG AIX 7.x v3r1 | Unix | ACCESS CONTROL |
| AIX7-00-002107 - AIX must disable Kerberos Authentication in ssh config file to enforce access restrictions. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-002110 - AIX must setup SSH daemon to disable revoked public keys. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-002114 - AIX must turn on SSH daemon privilege separation. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-002120 - The AIX SSH daemon must be configured to disable empty passwords. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-002129 - If Bourne / ksh shell is used, AIX must display logout messages. | DISA STIG AIX 7.x v3r1 | Unix | ACCESS CONTROL |
| AIX7-00-002140 - The AIX /etc/hosts file must be owned by root. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-002143 - AIX cron and crontab directories must have a mode of 0640 or less permissive. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-002145 - The AIX /etc/syslog.conf file must be group-owned by system. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-002147 - The AIX /var/spool/cron/atjobs directory must be owned by root or bin. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-002201 - The AIX audit configuration files must be group-owned by audit. | DISA STIG AIX 7.x v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| AIX7-00-002202 - The AIX audit configuration files must be set to 640 or less permissive. | DISA STIG AIX 7.x v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| AIX7-00-003007 - AIX log files must not have extended ACLs, except as needed to support authorized software. | DISA STIG AIX 7.x v3r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| AIX7-00-003016 - The AIX ldd command must be disabled. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-003017 - AIX NFS server must be configured to restrict file system access to local hosts. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-003019 - The AIX user home directories must not have extended ACLs. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-003022 - AIX must disable trivial file transfer protocol. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-003033 - All AIX Group Identifiers (GIDs) referenced in the /etc/passwd file must be defined in the /etc/group file. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-003034 - All AIX files and directories must have a valid owner. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-003037 - The AIX hosts.lpd file must not contain a + character. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-003038 - AIX sendmail logging must not be set to less than nine in the sendmail.cf file. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-003040 - The AIX rsh daemon must be disabled. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-003051 - If IPv6 is not utilized on AIX server, the autoconf6 daemon must be disabled. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-003056 - If rwhod is not required on AIX, the rwhod daemon must be disabled. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-003061 - The aixmibd daemon must be disabled on AIX. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-003062 - The ndpd-host daemon must be disabled on AIX. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-003070 - The ntalk daemon must be disabled on AIX. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-003071 - The chargen daemon must be disabled on AIX. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-003078 - The klogin daemon must be disabled on AIX. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-003081 - The tftp daemon must be disabled on AIX. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-003093 - AIX process core dumps must be disabled. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-003094 - AIX kernel core dumps must be disabled unless needed. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-003096 - AIX must set Stack Execution Disable (SED) system wide mode to all. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
