| 1.10 Audit Docker files and directories - docker.service | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.10 Audit Docker files and directories - docker.service | CIS Docker 1.11.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.13 Audit Docker files and directories - /etc/docker/daemon.json | CIS Docker 1.11.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.13 Audit Docker files and directories - /etc/docker/daemon.json | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 1.13 Audit Docker files and directories - /var/run/docker.sock | CIS Docker 1.6 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
| 2.1.3 Ensure dhcp server services are not in use | CIS AlmaLinux OS 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.1.3 Ensure dhcp server services are not in use | CIS Oracle Linux 9 v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.1.3 Ensure dhcp server services are not in use | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.1.3 Ensure dhcp server services are not in use | CIS Red Hat Enterprise Linux 9 v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.1.3 Ensure dhcp server services are not in use | CIS Rocky Linux 9 v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.1.4 Ensure dhcp server services are not in use | CIS Oracle Linux 8 v4.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.1.4 Ensure dhcp server services are not in use | CIS AlmaLinux OS 8 v4.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT |
| 2.2.3 Ensure dhcp server services are not in use | CIS CentOS Linux 7 v4.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT |
| 2.3.2 Ensure Screen Saver Corners Are Secure - tl-corner | CIS Apple macOS 10.15 Catalina v3.0.0 L2 | Unix | ACCESS CONTROL |
| 2.3.2 Ensure Screen Saver Corners Are Secure - tr-corner | CIS Apple macOS 10.15 Catalina v3.0.0 L2 | Unix | ACCESS CONTROL |
| 3.1.6 - AirWatch - Limit the 'Number of failed attempts allowed' | AirWatch - CIS Apple iOS 9 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 3.1.6 - AirWatch - Limit the 'Number of failed attempts allowed' | AirWatch - CIS Apple iOS 8 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 3.1.6 - MobileIron - Limit the 'Number of failed attempts allowed' | MobileIron - CIS Apple iOS 8 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 3.1.6 - MobileIron - Limit the 'Number of failed attempts allowed' | MobileIron - CIS Apple iOS 9 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 5.2.6 Ensure SSH MaxAuthTries is set to 4 or less | CIS Debian Family Server L1 v1.0.0 | Unix | ACCESS CONTROL |
| 5.2.7 Ensure SSH MaxAuthTries is set to 4 or less | CIS Debian 8 Server L1 v2.0.2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.2.7 Ensure SSH MaxAuthTries is set to 4 or less | CIS Debian 9 Workstation L1 v1.0.1 | Unix | ACCESS CONTROL |
| 5.2.7 Ensure SSH MaxAuthTries is set to 4 or less | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | ACCESS CONTROL |
| 5.2.7 Ensure SSH MaxAuthTries is set to 4 or less | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | ACCESS CONTROL |
| 5.2.7 Ensure SSH MaxAuthTries is set to 4 or less | CIS Debian 9 Server L1 v1.0.1 | Unix | ACCESS CONTROL |
| 5.2.7 Ensure SSH MaxAuthTries is set to 4 or less | CIS Fedora 19 Family Linux Server L1 v1.0.0 | Unix | ACCESS CONTROL |
| 5.2.7 Ensure SSH MaxAuthTries is set to 4 or less | CIS Ubuntu Linux 18.04 LXD Host L1 Workstation v1.0.0 | Unix | ACCESS CONTROL |
| 5.3.8 Ensure SSH MaxAuthTries is set to 4 or less | CIS Red Hat 6 Server L1 v3.0.0 | Unix | ACCESS CONTROL |
| 5.3.8 Ensure SSH MaxAuthTries is set to 4 or less | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | ACCESS CONTROL |
| 5.3.8 Ensure SSH MaxAuthTries is set to 4 or less | CIS CentOS 6 Workstation L1 v3.0.0 | Unix | ACCESS CONTROL |
| 5.3.8 Ensure SSH MaxAuthTries is set to 4 or less | CIS Oracle Linux 6 Workstation L1 v2.0.0 | Unix | ACCESS CONTROL |
| 5.3.9 Ensure SSH MaxAuthTries is set to 4 or less | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | AUDIT AND ACCOUNTABILITY |
| 7.10 Ensure Password Encryption Uses SHA algorithms 'CRYPT_DEFAULT' | CIS Solaris 10 L1 v5.2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.2.1 Set 'Java permissions' to 'Enabled:High safety' | CIS IE 10 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 8.5.1 Set 'Java permissions' to 'Enabled:High safety' | CIS IE 10 v1.1.0 | Windows | CONFIGURATION MANAGEMENT |
| 9.1 Starting Tomcat with Security Manager | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.1 Starting Tomcat with Security Manager | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 9.1 Starting Tomcat with Security Manager | CIS Apache Tomcat 9 L1 v1.2.0 | Unix | CONFIGURATION MANAGEMENT |
| DTAM171 - (U) McAfee VirusScan must have the current security patches installed. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| F5BI-DM-300010 - The F5 BIG-IP appliance must be configured to assign appropriate user roles or access levels to authenticated users. | DISA F5 BIG-IP TMOS NDM STIG v1r2 | F5 | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| TCAT-AS-000470 - Stack tracing must be disabled. | DISA STIG Apache Tomcat Application Server 9 v3r3 Middleware | Unix | CONFIGURATION MANAGEMENT |
| VCFL-67-000014 - vSphere Client must have mappings set for Java servlet pages. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-70-000013 - Lookup Service must have mappings set for Java servlet pages. | DISA STIG VMware vSphere 7.0 Lookup Service v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCPF-67-000012 - Performance Charts must have mappings set for Java servlet pages. | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCUI-70-000013 - vSphere UI must have mappings set for Java servlet pages. | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | CONFIGURATION MANAGEMENT |
| WG610 A22 - Web sites must utilize ports, protocols, and services according to PPSM guidelines. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | |
| WG610 A22 - Web sites must utilize ports, protocols, and services according to PPSM guidelines. | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | |
| WN10-CC-000063 - Windows 10 systems must use either Group Policy or an approved Mobile Device Management (MDM) product to enforce STIG compliance. | DISA Microsoft Windows 10 STIG v3r6 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000063 - Windows 11 systems must use either Group Policy or an approved Mobile Device Management (MDM) product to enforce STIG compliance. | DISA Microsoft Windows 11 STIG v2r7 | Windows | CONFIGURATION MANAGEMENT |
| ZEBR-11-000100 - Zebra Android 11 must be configured to enforce a minimum password length of six characters. | MobileIron - DISA Zebra Android 11 COBO STIG v1r4 | MDM | IDENTIFICATION AND AUTHENTICATION |
