| 3.034 - Unencrypted passwords must not be sent to third-party SMB Servers. | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 4.011 - Maximum password age does not meet minimum requirements. | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 4.014 - The password history must be configured to 24 passwords remembered. | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| ADBP-XI-000275 - Adobe Acrobat Pro XI PDF file attachments must be blocked. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | CONFIGURATION MANAGEMENT |
| ADBP-XI-001010 - Adobe Acrobat Pro XI Protected Mode must be enabled. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ADBP-XI-001290 - Adobe Acrobat Pro XI Adobe Cloud Synchronization must be disabled. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | CONFIGURATION MANAGEMENT |
| AIOS-18-003600 - Apple iOS/iPadOS 18 must not allow backup to remote systems (managed applications data stored in iCloud) - managed applications data stored in iCloud. | MobileIron - DISA Apple iOS/iPadOS 18 v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-18-006800 - Apple iOS/iPadOS 18 must be configured to lock the display after 15 minutes (or less) of inactivity - or less of inactivity. | MobileIron - DISA Apple iOS/iPadOS 18 v1r1 | MDM | ACCESS CONTROL |
| AIOS-18-006900 - Apple iOS/iPadOS 18 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | ACCESS CONTROL |
| AIOS-18-006900 - Apple iOS/iPadOS 18 must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Apple iOS/iPadOS 18 v1r1 | MDM | ACCESS CONTROL |
| AIOS-18-007400 - Apple iOS/iPadOS 18 allow list must be configured to not include applications with the following characteristics: - Backs up MD data to non-DOD cloud servers (including user and application access to cloud backup services);- Transmits MD diagnostic data to non-DOD servers;- Allows synchronization of data or applications between devices associated with user; and- Allows unencrypted (or encrypted but not FIPS 140-3 validated) data sharing with other MDs or printers.- Apps which backup their own data to a remote system - allows unencrypted (or encrypted but not FIPS 140-2 validated) data sharing with other MDs or printers. | MobileIron - DISA Apple iOS/iPadOS 18 v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| AIOS-18-009200 - Apple iOS/iPadOS 18 must be configured to not allow backup of [all applications, configuration data] to locally connected systems. | MobileIron - DISA Apple iOS/iPadOS 18 v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-18-010700 - Apple iOS/iPadOS 18 must implement the management setting: encrypt backups/Encrypt local backup. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-011300 - Apple iOS/iPadOS 18 must implement the management setting: use SSL for Exchange ActiveSync. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| AIOS-18-011700 - Apple iOS/iPadOS 18 must implement the management setting: not share location data through iCloud. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | ACCESS CONTROL |
| AIOS-18-011700 - Apple iOS/iPadOS 18 must implement the management setting: not share location data through iCloud. | MobileIron - DISA Apple iOS/iPadOS 18 v1r1 | MDM | ACCESS CONTROL |
| AIOS-18-012200 - Apple iOS/iPadOS 18 must implement the management setting: enable USB Restricted Mode. | MobileIron - DISA Apple iOS/iPadOS 18 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-013300 - Apple iOS/iPadOS 18 must disable 'Allow USB drive access in Files app' if the authorizing official (AO) has not approved the use of DOD-approved USB storage drives with iOS/iPadOS devices - Allow USB drive access in Files app if the Authorizing Official (AO) has not approved the use of DoD-approved USB storage drives with iOS/iPadOS | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-18-014300 - Apple iOS/iPadOS 18 must disable 'Allow network drive access in Files access' - Allow network drive access in Files access. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-014400 - Apple iOS/iPadOS 18 must disable connections to Siri servers for the purpose of dictation. | MobileIron - DISA Apple iOS/iPadOS 18 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-014900 - Apple iOS/iPadOS 18 must disable the installation of alternative marketplace apps. | MobileIron - DISA Apple iOS/iPadOS 18 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-015400 - Apple iOS/iPadOS 18 must disable ChatGPT connection for Apple Intelligence. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| APPL-13-003013 - The macOS system must be configured with a firmware password to prevent access to single user mode and booting from alternative media. | DISA STIG Apple macOS 13 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-13-004001 - The macOS system must be configured with system log files owned by root and group-owned by wheel or admin. | DISA STIG Apple macOS 13 v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| APPL-13-004002 - The macOS system must be configured with system log files set to mode 640 or less permissive. | DISA STIG Apple macOS 13 v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| APPL-13-005051 - The macOS system must restrict the ability of individuals to use USB storage devices. | DISA STIG Apple macOS 13 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-13-005054 - The macOS system must be configured to disable prompts to configure Touch ID. | DISA STIG Apple macOS 13 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| CASA-ND-000010 - The Cisco ASA must be configured to limit the number of concurrent management sessions to an organization-defined number. | DISA STIG Cisco ASA NDM v2r2 | Cisco | ACCESS CONTROL |
| CASA-ND-000270 - The Cisco ASA must be configured to produce audit records containing information to establish when (date and time) the events occurred. | DISA STIG Cisco ASA NDM v2r2 | Cisco | AUDIT AND ACCOUNTABILITY |
| CASA-ND-000300 - The Cisco ASA must be configured to produce audit records that contain information to establish the outcome of the event. | DISA STIG Cisco ASA NDM v2r2 | Cisco | AUDIT AND ACCOUNTABILITY |
| CASA-ND-001180 - The Cisco ASA must be configured to protect against known types of denial-of-service (DoS) attacks by enabling the Threat Detection feature - DoS attacks by enabling the Threat Detection feature. | DISA STIG Cisco ASA NDM v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-VN-000160 - The Cisco ASA must be configured to use Internet Key Exchange v2 (IKEv2) for all IPsec security associations. | DISA STIG Cisco ASA VPN v2r2 | Cisco | CONFIGURATION MANAGEMENT |
| CASA-VN-000200 - The Cisco ASA must be configured to use a FIPS-validated cryptographic module to implement IPsec encryption services. | DISA STIG Cisco ASA VPN v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD7X-00-005500 MongoDB must prevent unauthorized and unintended information transfer via shared system resources. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SHPT-00-000191 - SharePoint farm service account (Database Access account) must be configured with minimum privileges in Active Directory (AD). | DISA STIG SharePoint 2010 v1r9 | Windows | ACCESS CONTROL |
| SHPT-00-000195 - The SharePoint setup user domain account must be configured with the minimum privileges for the local server. | DISA STIG SharePoint 2010 v1r9 | Windows | ACCESS CONTROL |
| WBSP-AS-000010 - The WebSphere Application Server maximum in-memory session count must be set according to application requirements. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | ACCESS CONTROL |
| WBSP-AS-000590 - WebSphere Application Server must allocate audit log record storage capacity in accordance with requirements - maxLogs | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000590 - WebSphere Application Server must allocate audit log record storage capacity in accordance with requirements - maxLogs | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000650 - The WebSphere Application Server audit subsystem failure action must be set to Log warning. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000650 - The WebSphere Application Server audit subsystem failure action must be set to Log warning. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000780 - The WebSphere Application Server wsadmin file must be protected from unauthorized modification. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000970 - The WebSphere Application Server must disable JSP class reloading. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| WBSP-AS-001390 - The WebSphere Application Servers must not be in the DMZ. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001570 - The WebSphere Application Server high availability applications must be installed on a cluster. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001590 - The WebSphere Application Server thread pool size must be defined to application load requirements - ORB | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001590 - The WebSphere Application Server thread pool size must be defined to application load requirements - SIBFAPInbound | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001590 - The WebSphere Application Server thread pool size must be defined to application load requirements - TCPChannel.DCS | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001590 - The WebSphere Application Server thread pool size must be defined to application load requirements - WebContainer | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001760 - The WebSphere Application Server must install security-relevant software updates within the time period | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
