| 1.5.8 Ensure DNS is servers are configured | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 3.029 - Print driver installation privilege is not restricted to administrators. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.243 - Windows Installer - Vendor Signed Updates | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| AIOS-18-010500 - Apple iOS/iPadOS 18 must implement the management setting: limit Ad Tracking. | AirWatch - DISA Apple iOS/iPadOS 18 v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-18-010850 - Apple iOS/iPadOS 18 must implement the management setting: not allow use of iPhone widgets on Mac. | AirWatch - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-012400 - Apple iOS/iPadOS 18 must not allow unmanaged apps to read contacts from managed contacts accounts. | AirWatch - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-013400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | MobileIron - DISA Apple iOS/iPadOS 18 v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-18-016800 - Apple iOS/iPadOS 18 must disable AirPrint: Allow storage of AirPrint credentials in Keychain. | AirWatch - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-017000 - Apple iOS/iPadOS 18 must disable Allowed Content Ratings (Movies). | MobileIron - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-017100 - Apple iOS/iPadOS 18 must disable Allowed Content Ratings (TV Shows). | MobileIron - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-017200 - Apple iOS/iPadOS 18 must disable the Apple Intelligence feature: Image Wand. | AirWatch - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-017300 - Apple iOS/iPadOS 18 must disable the Apple Intelligence feature: Image Generation. | AirWatch - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-017400 - Apple iOS/iPadOS 18 must disable the Apple Intelligence feature: generate new Genmoji. | MobileIron - DISA Apple iOS/iPadOS 18 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-26-010600 - Apple iOS/iPadOS 26 must implement the management setting: not allow automatic completion of Safari browser passcodes. | AirWatch - DISA Apple iOS/iPadOS 26 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-26-010850 - Apple iOS/iPadOS 26 must implement the management setting: not allow use of iPhone widgets on Mac. | AirWatch - DISA Apple iOS/iPadOS 26 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-26-011800 - Apple iOS/iPadOS 26 must implement the management setting: force Apple Watch wrist detection. | AirWatch - DISA Apple iOS/iPadOS 26 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-26-012300 - Apple iOS/iPadOS 26 must not allow managed apps to write contacts to unmanaged contacts accounts. | AirWatch - DISA Apple iOS/iPadOS 26 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-26-017300 - Apple iOS/iPadOS 26 must disable Apple Intelligence feature: Image Generation. | AirWatch - DISA Apple iOS/iPadOS 26 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-26-017900 - DOD Apple iOS/iPadOS 26 devices must disable eSIM transfers. | AirWatch - DISA Apple iOS/iPadOS 26 v1r2 | MDM | CONFIGURATION MANAGEMENT |
| CASA-VN-000010 - The Cisco ASA must be configured to generate log records containing information to establish what type of VPN events occurred. | DISA STIG Cisco ASA VPN v2r2 | Cisco | AUDIT AND ACCOUNTABILITY |
| CASA-VN-000520 - The Cisco ASA remote access VPN server must be configured to generate log records containing information to establish the source of the events. | DISA STIG Cisco ASA VPN v2r2 | Cisco | AUDIT AND ACCOUNTABILITY |
| GEN000244 - The system must use time sources local to the enclave. | DISA AIX 5.3 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN000850 - The system must restrict the ability to switch to the root user to members of a defined group. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN001290 - All manual page files must not have extended ACLs - '/usr/share/info/*' | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN001290 - All manual page files must not have extended ACLs - '/usr/share/infopage/*' | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN001290 - All manual page files must not have extended ACLs - '/usr/share/man/*' | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditmerge' | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditselect' | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditstream' | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN002750 - The audit system must be configured to audit account creation - 'User audit class assignments should be reviewed' | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN002751 - The audit system must be configured to audit account modification - 'User audit class assignments should be reviewed' | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN002870 - The system must be configured to send audit records to a remote audit server - '/etc/syslog.conf has been configured' | DISA AIX 5.3 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN003650 - All local file systems must employ journaling or another mechanism ensuring file system consistency. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN005524 - The SSH daemon must not permit GSSAPI authentication unless needed. | DISA AIX 5.3 STIG v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN005525 - The SSH client must not permit GSSAPI authentication unless needed. | DISA AIX 5.3 STIG v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN005526 - The SSH daemon must not permit Kerberos authentication unless needed. | DISA AIX 5.3 STIG v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN005770 - The NFS exports configuration file must not have an extended ACL. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| JUEX-L2-000250 - The Juniper EX switch must not have any access interfaces assigned to a VLAN configured as native for any trunked interface. | DISA Juniper EX Series Layer 2 Switch v2r4 | Juniper | CONFIGURATION MANAGEMENT |
| JUEX-RT-000150 - The Juniper multicast edge router must be configured to establish boundaries for administratively scoped multicast traffic. | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| JUEX-RT-000190 - The Juniper perimeter router must not be configured to redistribute static routes to an alternate gateway service provider into BGP or an IGP peering with the NIPRNet or to other autonomous systems. | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| JUEX-RT-000660 - The Juniper BGP router must be configured to limit the prefix size on any inbound route advertisement to /24 or the least significant prefixes issued to the customer. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000670 - The Juniper PE router must be configured to implement Internet Group Management Protocol (IGMP) or Multicast Listener Discovery (MLD) snooping for each Virtual Private LAN Services (VPLS) bridge domain. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000890 - The Juniper MPLS router must be configured to use its loopback address as the source address for LDP peering sessions. | DISA Juniper EX Series Router v2r1 | Juniper | CONFIGURATION MANAGEMENT |
| WINCC-000147 - The touch keyboard or input panel must not highlight keys as passwords are entered. - PasswordSecurityState | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WINGE-000200 - A group must be defined on domain systems to include all local administrator accounts. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| WN25-CC-000260 - Windows Server 2025 Windows Update must not obtain updates from other PCs on the internet. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | CONFIGURATION MANAGEMENT |
| WN25-SO-000370 - Windows Server 2025 default permissions of global system objects must be strengthened. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | CONFIGURATION MANAGEMENT |
| ZEBR-11-006100 - Zebra Android 11 must be configured to generate audit records for the following auditable events: Detected integrity violations. | MobileIron - DISA Zebra Android 11 COBO STIG v1r4 | MDM | AUDIT AND ACCOUNTABILITY |
| ZEBR-11-011000 - Zebra Android 11 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Zebra Android 11 COBO STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-11-011100 - Zebra Android 11 devices must be configured to enable Common Criteria Mode (CC Mode). | MobileIron - DISA Zebra Android 11 COBO STIG v1r4 | MDM | CONFIGURATION MANAGEMENT |
