| 20.69 Ensure 'US DoD CCEB Interoperability Root CA cross-certificates' are installed in the 'Untrusted Certificates Store' on unclassified systems | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 20.69 Ensure 'US DoD CCEB Interoperability Root CA cross-certificates' are installed in the 'Untrusted Certificates Store' on unclassified systems | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DISA_F5_BIG-IP_Device_Management_v2r4.audit from DISA F5 BIG-IP Device Management v2r4 STIG | DISA F5 BIG-IP Device Management STIG v2r4 | F5 | |
| DISA_STIG_Adobe_Acrobat_Pro_DC_Continuous_Track_v2r1.audit from DISA Adobe Acrobat Professional DC Continuous Track v2r1 STIG | DISA STIG Adobe Acrobat Pro DC Continuous Track v2r1 | Windows | |
| DISA_STIG_Apache_Server-2.4_Unix_v3r2_Middleware.audit from DISA Apache Server 2.4 UNIX Server v3r2 STIG | DISA STIG Apache Server 2.4 Unix Server v3r2 Middleware | Unix | |
| DISA_STIG_Apache_Server-2.4_Windows_v3r3.audit from DISA Apache Server 2.4 Windows Server v3r3 STIG | DISA STIG Apache Server 2.4 Windows Server v3r3 | Windows | |
| DISA_STIG_Apache_Site-2.4_Unix_v2r6.audit from DISA Apache Server 2.4 UNIX Site v2r6 STIG | DISA STIG Apache Server 2.4 Unix Site v2r6 | Unix | |
| DISA_STIG_Apple_macOS_11_v1r5.audit from DISA Apple macOS 11 (Big Sur) v1r5 STIG | DISA STIG Apple macOS 11 v1r5 | Unix | |
| DISA_STIG_Apple_macOS_11_v1r8.audit from DISA Apple macOS 11 (Big Sur) v1r8 STIG | DISA STIG Apple macOS 11 v1r8 | Unix | |
| DISA_STIG_Apple_OS_X_10.15_v1r10.audit from DISA Apple OS X 10.15 (Catalina) v1r10 STIG | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | |
| DISA_STIG_Cisco_IOS_XE_Router_NDM_v3r2.audit from DISA Cisco IOS XE Router NDM v3r2 STIG | DISA STIG Cisco IOS XE Router NDM v3r2 | Cisco | |
| DISA_STIG_Microsoft_Exchange_2013_Client_Access_Server_v2r2.audit from DISA Microsoft Exchange 2013 Client Access Server v2r2 STIG | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DISA_STIG_Microsoft_Exchange_2013_Edge_Transport_Server_v1r6.audit from DISA Microsoft Exchange 2013 Edge Transport Server v1r6 STIG | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DISA_STIG_Microsoft_Exchange_2016_Mailbox_Server_v2r6.audit from DISA Microsoft Exchange 2016 Mailbox Server v2r6 STIG | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DISA_STIG_MongoDB_Enterprise_Advanced_3.x_DB_v2r3.audit from DISA MongoDB Enterprise Advanced 3.x v2r3 STIG | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 DB | MongoDB | |
| DISA_STIG_MongoDB_Enterprise_Advanced_3.x_OS_Linux_v2r3.audit from DISA MongoDB Enterprise Advanced 3.x v2r3 STIG | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | |
| DISA_STIG_MSSQL_2014_Instance-OS_v2r4.audit from DISA MS SQL Server 2014 Instance v2r4 STIG | DISA STIG SQL Server 2014 Instance OS Audit v2r4 | Windows | |
| DISA_STIG_MSSQL_2016_Instance-OS_v3r4.audit from DISA MS SQL Server 2016 Instance v3r4 STIG | DISA STIG SQL Server 2016 Instance OS Audit v3r4 | Windows | |
| DISA_STIG_VMware_vSphere_6.7_VAMI-lighttpd_v1r3.audit from DISA VMware vSphere 6.7 VAMI-lighttpd v1r3 STIG | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | |
| DISA_STIG_VMware_vSphere_7.0_vCA_Perfcharts_v1r1.audit from DISA VMware vSphere 7.0 vCenter Appliance Perfcharts v1r1 STIG | DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1 | Unix | |
| DISA_STIG_VMware_vSphere_7.0_vCA_UI_v1r2.audit from DISA VMware vSphere 7.0 vCenter Appliance UI v1r2 STIG | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | |
| DISA_VMware_vSphere_8.0_vCenter_Appliance_Perfcharts_STIG_v2r1.audit from DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1 | DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1 | Unix | |
| EX19-ED-000238 - Exchange must render hyperlinks from email sources from non-.mil domains as unclickable. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| TCAT-AS-000700 - DOD root CA certificates must be installed in Tomcat trust store. | DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCWN-06-000001 - The system must prohibit password reuse for a minimum of five generations. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCWN-06-000003 - The system must enforce a 60-day maximum password lifetime restriction. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCWN-06-000004 - The system must terminate management sessions after 10 minutes of inactivity. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCWN-06-000007 - The system must limit the effects of information-flooding types of Denial of Service (DoS) attacks. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCWN-06-000009 - The system must use Active Directory authentication. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCWN-06-000013 - The distributed port group Forged Transmits policy must be set to reject. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-06-000017 - The system must not override port group settings at the port level on distributed switches. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-06-000019 - All port groups must not be configured to VLAN 4095 unless Virtual Guest Tagging (VGT) is required. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-06-000020 - All port groups must not be configured to VLAN values reserved by upstream physical switches. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-06-000021 - The system must enable SSL for Network File Copy (NFC). | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-06-000022 - The vCenter Server services must be ran using a service account instead of a built-in Windows account. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-06-000023 - The system must ensure the vpxuser auto-password change meets policy. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-06-000024 - The system must ensure the vpxuser password meets length policy. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-06-000025 - The system must disable the managed object browser at all times, when not required for troubleshooting or maintenance. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-06-000027 - The system must minimize access to the vCenter server. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-06-000028 - Log files must be cleaned up after failed installations of the vCenter Server. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-06-000032 - A least-privileges assignment must be used for the Update Manager database user. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-06-000033 - A least-privileges assignment must be used for the vCenter Server database user. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-06-000034 - The system must use unique service accounts when applications connect to vCenter. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-06-000035 - vSphere Client plugins must be verified. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCWN-06-000036 - The system must produce audit records containing information to establish what type of events occurred. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| VCWN-06-000039 - Passwords must be at least 15 characters in length. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCWN-06-000045 - The system must limit the maximum number of failed login attempts to three. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | ACCESS CONTROL |
| VCWN-06-000048 - The system must alert administrators on permission creation operations. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| VCWN-06-000049 - The system must alert administrators on permission deletion operations. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| VCWN-06-000050 - The system must alert administrators on permission update operations. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | SYSTEM AND INFORMATION INTEGRITY |
