| APPL-15-002024 - The macOS system must disable sending search data from Spotlight to Apple. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002039 - The macOS system must disable Siri Setup during Setup Assistant. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002040 - The macOS system must disable iCloud Keychain Sync. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| JUEX-L2-000050 - The Juniper EX switch must be configured to permit authorized users to select a user session to capture. | DISA Juniper EX Series Layer 2 Switch v2r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUEX-L2-000230 - The Juniper EX switch must be configured to set all user-facing or untrusted ports as access interfaces. | DISA Juniper EX Series Layer 2 Switch v2r2 | Juniper | CONFIGURATION MANAGEMENT |
| JUEX-NM-000080 - The Juniper EX switch must be configured to enforce the limit of three consecutive invalid logon attempts for any given user, after which time it must block any login attempt for that user for 15 minutes. | DISA Juniper EX Series Network Device Management v2r2 | Juniper | ACCESS CONTROL |
| JUEX-NM-000120 - The Juniper device must be configured to produce audit log records containing sufficient information to establish what type of event occurred. | DISA Juniper EX Series Network Device Management v2r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUEX-NM-000140 - The Juniper EX switch must be configured to produce audit records containing information to establish where the events occurred. | DISA Juniper EX Series Network Device Management v2r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUEX-NM-000150 - The Juniper EX switch must be configured to produce audit log records containing information to establish the source of events. | DISA Juniper EX Series Network Device Management v2r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUEX-NM-000210 - The Juniper EX switch must be configured to protect audit tools from unauthorized access. | DISA Juniper EX Series Network Device Management v2r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUEX-NM-000580 - The Juniper EX switch must be configured to generate audit records showing starting and ending time for administrator access to the system. | DISA Juniper EX Series Network Device Management v2r2 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUEX-RT-000010 - The Juniper router must be configured to enforce approved authorizations for controlling the flow of information within the network based on organization-defined information flow control policies. | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| JUEX-RT-000120 - The Juniper router must be configured to enforce approved authorizations for controlling the flow of information between interconnected networks in accordance with applicable policy. | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| JUEX-RT-000210 - The Juniper out-of-band management (OOBM) gateway router must not be configured to redistribute routes between the management network routing domain and the managed network routing domain. | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| JUEX-RT-000300 - The Juniper router must be configured to authenticate all routing protocol messages using NIST-validated FIPS 198-1 message authentication code algorithm. | DISA Juniper EX Series Router v2r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUEX-RT-000430 - The Juniper BGP router must be configured to reject outbound route advertisements for any prefixes belonging to the IP core. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000580 - The Juniper router must not be configured to have any zero-touch deployment feature enabled when connected to an operational network. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000650 - The Juniper BGP router must be configured to use the prefix limit feature to protect against route table flooding and prefix deaggregation attacks. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000700 - The Juniper multicast Designated Router (DR) must be configured to limit the number of mroute states resulting from Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Host Membership Reports. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000770 - The Juniper perimeter router must be configured to block all outbound management traffic. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000910 - The Juniper MPLS router must be configured to have TTL Propagation disabled. | DISA Juniper EX Series Router v2r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUEX-RT-000940 - The Juniper PE router must be configured to have each VRF with the appropriate Route Distinguisher (RD). | DISA Juniper EX Series Router v2r1 | Juniper | CONFIGURATION MANAGEMENT |
| PHTN-30-000033 - The Photon operating system must not have duplicate User IDs (UIDs). | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000037 - The Photon operating system must configure sshd to disconnect idle Secure Shell (SSH) sessions. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-30-000055 - The Photon operating system must configure auditd to keep five rotated log files. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000067 - The Photon operating system must generate audit records when the sudo command is used. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000074 - The Photon operating system must ensure audit events are flushed to disk at proper intervals. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000079 - The Photon operating system must configure sshd to disable environment processing. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000085 - The Photon operating system must configure sshd to display the last login immediately after authentication. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000086 - The Photon operating system must configure sshd to ignore user-specific trusted hosts lists. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000090 - The Photon operating system must be configured so the '/etc/skel' default scripts are protected from unauthorized modification. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000091 - The Photon operating system must be configured so the '/root' path is protected from unauthorized access. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000098 - The Photon operating system must not forward IPv4 or IPv6 source-routed packets. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000113 - The Photon operating system must protect all 'sysctl' configuration files from unauthorized access. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000240 - The Photon operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, generate cryptographic hashes, and protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-30-000245 - The Photon operating system must disable systemd fallback Domain Name System (DNS). | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| VCSA-80-000023 - The vCenter Server must enforce the limit of three consecutive invalid login attempts by a user. | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | ACCESS CONTROL |
| VCSA-80-000057 - vCenter Server plugins must be verified. | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000267 - The vCenter Server must disable the distributed virtual switch health check. | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000270 - The vCenter Server must set the distributed port group Promiscuous Mode policy to "Reject". | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000279 - The vCenter Server must protect the confidentiality and integrity of transmitted information by isolating Internet Protocol (IP)-based storage traffic. | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000282 - The vCenter Server must configure the vSAN Datastore name to a unique name. | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000293 - The vCenter server must have task and event retention set to at least 30 days. | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000294 - The vCenter server Native Key Provider must be backed up with a strong password. | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000296 - The vCenter server must enable the OVF security policy for content libraries. | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000298 - The vCenter Server must separate authentication and authorization for administrators. | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000303 - The vCenter Server must disable Secure Shell (SSH) access. | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000305 - The vCenter Server must disable accounts used for Integrated Windows Authentication (IWA). | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000008 - Unauthorized floppy devices must be disconnected on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000010 - Unauthorized parallel devices must be disconnected on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
