| ESXI-70-000013 - The ESXi host Secure Shell (SSH) daemon must not allow host-based authentication. | DISA VMware vSphere 7.0 ESXi STIG v1r4 Unix | Unix | CONFIGURATION MANAGEMENT |
| ESXI-70-000030 - The ESXi host must produce audit records containing information to establish what type of events occurred. | DISA VMware vSphere 7.0 ESXi STIG v1r4 VMware | VMware | AUDIT AND ACCOUNTABILITY |
| ESXI-70-000031 - The ESXi host must be configured with a sufficiently complex password policy. | DISA VMware vSphere 7.0 ESXi STIG v1r4 VMware | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXI-70-000034 - The ESXi host must disable the Managed Object Browser (MOB). | DISA VMware vSphere 7.0 ESXi STIG v1r4 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000037 - The ESXi host must use Active Directory for local user authentication. | DISA VMware vSphere 7.0 ESXi STIG v1r4 VMware | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXI-70-000038 - ESXi hosts using Host Profiles and/or Auto Deploy must use the vSphere Authentication Proxy to protect passwords when adding themselves to Active Directory. | DISA VMware vSphere 7.0 ESXi STIG v1r4 VMware | VMware | IDENTIFICATION AND AUTHENTICATION |
| ESXI-70-000049 - The ESXi host must protect the confidentiality and integrity of transmitted information by protecting ESXi management traffic. | DISA VMware vSphere 7.0 ESXi STIG v1r4 VMware | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-70-000053 - Simple Network Management Protocol (SNMP) must be configured properly on the ESXi host. | DISA VMware vSphere 7.0 ESXi STIG v1r4 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000056 - The ESXi host must configure the firewall to restrict access to services running on the host. | DISA VMware vSphere 7.0 ESXi STIG v1r4 Unix | Unix | CONFIGURATION MANAGEMENT |
| ESXI-70-000057 - The ESXi host must configure the firewall to block network traffic by default - incoming | DISA VMware vSphere 7.0 ESXi STIG v1r4 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000058 - The ESXi host must enable Bridge Protocol Data Units (BPDU) filter on the host to prevent being locked out of physical switch ports with Portfast and BPDU Guard enabled. | DISA VMware vSphere 7.0 ESXi STIG v1r4 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000062 - Use of the dvFilter network application programming interfaces (APIs) must be restricted. | DISA VMware vSphere 7.0 ESXi STIG v1r4 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000079 - The ESXi host must not suppress warnings that the local or remote shell sessions are enabled. | DISA VMware vSphere 7.0 ESXi STIG v1r4 VMware | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000085 - The ESXi host must enable strict x509 verification for SSL syslog endpoints. | DISA VMware vSphere 7.0 ESXi STIG v1r4 Unix | Unix | CONFIGURATION MANAGEMENT |
| ESXI-70-000089 - The ESXi Host Client must be configured with a session timeout. | DISA VMware vSphere 7.0 ESXi STIG v1r4 VMware | VMware | CONFIGURATION MANAGEMENT |
| PHTN-30-000008 - The Photon operating system must have the sshd LogLevel set to 'INFO' - INFO. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | ACCESS CONTROL |
| PHTN-30-000015 - The Photon operating system audit log must attempt to log audit failures to syslog. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000020 - The Photon operating system must generate audit records when successful/unsuccessful attempts to access privileges occur. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| PHTN-30-000023 - The Photon operating system must enforce password complexity by requiring that at least one numeric character be used. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000024 - The Photon operating system must require that new passwords are at least four characters different from the old password. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000031 - The Photon operating system must require authentication upon booting into single-user and maintenance modes. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | ACCESS CONTROL |
| PHTN-30-000035 - The Photon operating system must disable new accounts immediately upon password expiration. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000040 - The Photon operating system '/var/log' directory must be owned by root. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| PHTN-30-000066 - The Photon operating system must remove all software components after updated versions have been installed. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| PHTN-30-000068 - The Photon operating system must generate audit records when successful/unsuccessful logon attempts occur. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000070 - The Photon operating system auditd service must generate audit records for all account creations, modifications, disabling, and termination events. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000075 - The Photon operating system must create a home directory for all new local interactive user accounts. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000078 - The Photon operating system must configure sshd to disallow Generic Security Service Application Program Interface (GSSAPI) authentication. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000082 - The Photon operating system must configure sshd to disallow Kerberos authentication. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000084 - The Photon operating system must configure sshd to disallow compression of the encrypted session stream. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000088 - The Photon operating system must configure sshd to limit the number of allowed login attempts per connection. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000090 - The Photon operating system must be configured so the '/etc/skel' default scripts are protected from unauthorized modification. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000092 - The Photon operating system must be configured so that all global initialization scripts are protected from unauthorized modification. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000095 - The Photon operating system must be configured so the '/etc/cron.allow' file is protected from unauthorized modification. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000100 - The Photon operating system must prevent IPv4 Internet Control Message Protocol (ICMP) redirect messages from being accepted. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000106 - The Photon operating system must not perform IPv4 packet forwarding. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000108 - The Photon operating system must be configured to protect the Secure Shell (SSH) public host key from unauthorized modification. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000110 - The Photon operating system must enforce password complexity on the root account. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000118 - The Photon operating system must ensure the old passwords are being stored. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCEM-67-000026 - ESX Agent Manager must have the debug option turned off. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCEM-67-000027 - Rsyslog must be configured to monitor and ship ESX Agent Manager log files - localhost | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| VMCH-70-000003 - Paste operations must be disabled on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000005 - Virtual disk wiping must be disabled on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000006 - Independent, nonpersistent disks must not be used on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000012 - Unauthorized USB devices must be disconnected on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000013 - Console connection sharing must be limited on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000022 - The virtual machine (VM) guest operating system must be locked when the last console connection is closed. | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| WBSP-AS-000212 - The WebSphere Application Server Java 2 security must not be bypassed. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | ACCESS CONTROL |
| ZEBR-11-003700 - Zebra Android 11 must be configured to not allow backup of [all applications, configuration data] to locally connected systems. | AirWatch - DISA Zebra Android 11 COBO STIG v1r4 | MDM | ACCESS CONTROL |
| ZEBR-11-003900 - Zebra Android 11 must be configured to not allow backup of all applications and configuration data to remote systems. | AirWatch - DISA Zebra Android 11 COBO STIG v1r4 | MDM | ACCESS CONTROL |
