| 1.2.2 Ensure gpgcheck is globally activated | CIS Rocky Linux 8 Server L1 v2.0.0 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.2 Ensure gpgcheck is globally activated | CIS Rocky Linux 8 Workstation L1 v2.0.0 | Unix | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 1.2.3.13 Set 'Prevent installation of devices using drivers that match these device setup classes' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | MEDIA PROTECTION |
| 2.4 Ensure 'Signed-out search activity' is set to Disabled | MobileIron - CIS Google Android 7 v1.0.0 L1 | MDM | CONFIGURATION MANAGEMENT |
| 18.7.11 (L1) Ensure 'Point and Print Restrictions: When installing drivers for a new connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 | Windows | ACCESS CONTROL |
| 18.7.11 (L1) Ensure 'Point and Print Restrictions: When installing drivers for a new connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows Server 2019 Stand-alone v3.0.0 L1 MS | Windows | ACCESS CONTROL |
| 18.7.11 (L1) Ensure 'Point and Print Restrictions: When installing drivers for a new connection' is set to 'Enabled: Show warning and elevation prompt' | CIS Microsoft Windows Server 2019 v4.0.0 L1 DC | Windows | ACCESS CONTROL |
| 20.17 Ensure 'Deny-all, permit-by-exception policy to allow the execution of authorized software programs' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.17 Ensure 'Deny-all, permit-by-exception policy to allow the execution of authorized software programs' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| AIOS-02-080104 - Apple iOS must implement the management setting: require password when connecting to AirPlay device for the first time. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-12-011100 - Apple iOS must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device for the first time. | MobileIron - DISA Apple iOS 12 v2r1 | MDM | ACCESS CONTROL |
| AIOS-16-710900 - Apple iOS/iPadOS 16 must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device for the first time. | MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r1 | MDM | ACCESS CONTROL |
| AIOS-18-010950 - Apple iOS/iPadOS 18 must implement the management setting: require passcode for incoming Airplay connection requests. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | ACCESS CONTROL |
| APPL-14-005130 The macOS system must enforce installation of XProtect Remediator and Gatekeeper updates automatically. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-005130 - The macOS system must enforce installation of XProtect Remediator and Gatekeeper updates automatically. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| DB2X-00-002900 - The OS must limit privileges to change the DB2 software resident within software libraries (including privileged programs) | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Linux | Unix | CONFIGURATION MANAGEMENT |
| DB2X-00-002900 - The OS must limit privileges to change the DB2 software resident within software libraries (including privileged programs). | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Windows | Windows | CONFIGURATION MANAGEMENT |
| DB2X-00-008100 - DB2 and the operating system must enforce access restrictions associated with changes to the configuration of DB2 or database(s). | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Windows | Windows | CONFIGURATION MANAGEMENT |
| DB2X-00-008700 - DB2 must only accept end entity certificates issued by DoD PKI or DoD-approved PKI Certification Authorities (CAs) for the establishment of all encrypted sessions - CAs | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTAM141 - McAfee VirusScan Access Protection Rules Common Standard Protection must be set to prevent modification of McAfee files and settings. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | CONFIGURATION MANAGEMENT |
| DTAM142 - McAfee VirusScan Access Protection: Common Standard Protection must be set to prevent modification of McAfee Common Management Agent files and settings. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | CONFIGURATION MANAGEMENT |
| DTAM144 - McAfee VirusScan Access Protection Rules Common Standard Protection must be set to prevent termination of McAfee processes. | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | ACCESS CONTROL |
| DTAM144 - McAfee VirusScan Access Protection: Common Standard Protection must be set to prevent termination of McAfee processes. | DISA McAfee VirusScan 8.8 Managed Client STIG v6r1 | Windows | ACCESS CONTROL |
| Ensure iptables is installed - dpkg | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure iptables is installed - zypper | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure NIS Client is not installed - rpm | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure prelink is disabled - zypper | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure rsh client is not installed - rpm | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure rsh client is not installed - zypper | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure talk client is not installed - dpkg | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure talk client is not installed - zypper | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure telnet client is not installed - rpm | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Ensure telnet client is not installed - zypper | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| Manage processing of Queue-specific files | MSCT Windows 11 v22H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Manage processing of Queue-specific files | MSCT Windows 11 v24H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Manage processing of Queue-specific files | MSCT Windows 11 v23H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| MYS8-00-008400 - The MySQL Database Server 8.0 software installation account must be restricted to authorized users. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | CONFIGURATION MANAGEMENT |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows Server 1903 DC v1.19.9 | Windows | CONFIGURATION MANAGEMENT |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows Server v1909 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows Server v2004 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows 10 1909 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows 10 v21H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows 11 v24H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows 10 1803 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows 10 1903 v1.19.9 | Windows | CONFIGURATION MANAGEMENT |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows 10 v2004 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows 10 v20H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows Server 2016 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Specify use of ActiveX Installer Service for installation of ActiveX controls | MSCT Windows 11 v23H2 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| VCUI-70-000028 - vSphere UI must use a logging mechanism that is configured to allocate log record storage capacity large enough to accommodate the logging requirements of the web server. | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
