| 2.6.7 Audit Lockdown Mode | CIS Apple macOS 13.0 Ventura v3.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 2.6.7 Audit Lockdown Mode | CIS Apple macOS 14.0 Sonoma v2.1.0 L2 | Unix | CONFIGURATION MANAGEMENT, MAINTENANCE |
| 4.5 Activate AppArmor - 'Profiles are loaded' - Review | CIS Ubuntu 12.04 LTS Benchmark L2 v1.1.0 | Unix | ACCESS CONTROL |
| 5.017 - The user is allowed to launch Windows Messenger (MSN Messenger, .NET Messenger). | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.57.2 Ensure 'Turn on Basic feed authentication over HTTP' is set to 'Not configured' or 'Disabled' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.57.2 Ensure 'Turn on Basic feed authentication over HTTP' is set to 'Not configured' or 'Disabled' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.10.75.2.2 Ensure 'Configure Windows Defender SmartScreen' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 19.7.15.1.2 Ensure 'Turn on off details pane' is set to 'Enabled: Always hide' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.31 Ensure 'Host-based firewall is installed and enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 20.31 Ensure 'Host-based firewall is installed and enabled' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 20.31 Ensure 'Host-based firewall is installed and enabled' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-14-005090 The macOS system must authorize USB devices before allowing connection. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-001200 - The Cisco router must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions. | DISA Cisco IOS Router NDM STIG v3r4 | Cisco | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| CISC-ND-001200 - The Cisco router must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of remote maintenance sessions. | DISA Cisco IOS XE Router NDM STIG v3r4 | Cisco | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| PHTN-67-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less - duration | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL, MAINTENANCE |
| PHTN-67-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less - export | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL, MAINTENANCE |
| PHTN-67-000008 - The Photon operating system must have the sshd LogLevel set to 'INFO' - INFO. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL |
| PHTN-67-000011 - The Photon operating system must configure auditd to use the correct log format. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000014 - The Photon operating system audit log must attempt to log audit failures to syslog - disk_error_action | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000020 - The Photon operating system must generate audit records when successful/unsuccessful attempts to access privileges occur - uid 32 | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000021 - The Photon operating system must enforce password complexity by requiring that at least one uppercase character be used. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-67-000024 - The Photon operating system must require that new passwords are at least four characters different from the old password. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-67-000028 - The Photon operating system must be configured so that passwords for new users are restricted to a 90-day maximum lifetime. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-67-000029 - The Photon operating system must prohibit password reuse for a minimum of five generations. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-67-000033 - The Photon operating system must disable the loading of unnecessary kernel modules - appletalk | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| PHTN-67-000033 - The Photon operating system must disable the loading of unnecessary kernel modules - jffs2 | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| PHTN-67-000044 - The Photon operating system must audit all account modifications - groupmod | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000044 - The Photon operating system must audit all account modifications - usermod | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000045 - The Photon operating system must audit all account modifications - group | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL |
| PHTN-67-000048 - The Photon operating system must initiate auditing as part of the boot process. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000054 - The Photon operating system must set an inactivity timeout value for non-interactive sessions - readonly | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL |
| PHTN-67-000062 - The Photon operating system RPM package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000070 - The Photon operating system must remove all software components after updated versions have been installed. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| PHTN-67-000072 - The Photon operating system must generate audit records when successful/unsuccessful logon attempts occur - faillog | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000072 - The Photon operating system must generate audit records when successful/unsuccessful logon attempts occur - tallylog | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000087 - The Photon operating system must configure sshd to disallow Kerberos authentication. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000088 - The Photon operating system must configure sshd to use privilege separation. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000103 - The Photon operating system must be configured so that all cron paths are protected from unauthorized modification - cron.monthly | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000104 - The Photon operating system must not forward IPv4 or IPv6 source-routed packets - net.ipv4.conf.eth0.accept_source_route | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000105 - The Photon operating system must not respond to IPv4 Internet Control Message Protocol (ICMP) echoes sent to a broadcast address. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000107 - The Photon operating system must prevent IPv4 Internet Control Message Protocol (ICMP) secure redirect messages from being accepted - net.ipv4.conf.all.secure_redirects | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000107 - The Photon operating system must prevent IPv4 Internet Control Message Protocol (ICMP) secure redirect messages from being accepted - net.ipv4.conf.default.secure_redirects | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000108 - The Photon operating system must not send IPv4 Internet Control Message Protocol (ICMP) redirects - net.ipv4.conf.all.send_redirects | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000108 - The Photon operating system must not send IPv4 Internet Control Message Protocol (ICMP) redirects - net.ipv4.conf.eth0.send_redirects | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000109 - The Photon operating system must log IPv4 packets with impossible addresses - net.ipv4.conf.eth0.log_martians | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000110 - The Photon operating system must use a reverse-path filter for IPv4 network traffic - net.ipv4.conf.all.rp_filter | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000110 - The Photon operating system must use a reverse-path filter for IPv4 network traffic - net.ipv4.conf.eth0.rp_filter | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000118 - The Photon operating system must protect all boot configuration files from unauthorized access. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000119 - The Photon operating system must protect sshd configuration from unauthorized access. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000999 - The version of the Photon OS running on the server must be a supported version. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
