| 1.3.1 Ensure 'Enforce user logon restrictions' is set to 'Enabled' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 1.8.11 Ensure overriding the screensaver lock-delay setting is prevented | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 1.8.14 Ensure the screensaver idle-activation-enabled setting | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 2.3.7.3 (L1) Configure 'Interactive logon: Message text for users attempting to log on' | CIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.1 | Windows | ACCESS CONTROL |
| 2.3.7.4 (L1) Configure 'Interactive logon: Message text for users attempting to log on' | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | ACCESS CONTROL |
| 2.3.7.4 (L1) Configure 'Interactive logon: Message text for users attempting to log on' | CIS Microsoft Windows Server 2022 v4.0.0 L1 DC | Windows | ACCESS CONTROL |
| 2.3.7.4 Configure 'Interactive logon: Message text for users attempting to log on' | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | ACCESS CONTROL |
| 2.3.7.5 (L1) Configure 'Interactive logon: Message text for users attempting to log on' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 BL | Windows | ACCESS CONTROL |
| 2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' | CIS Microsoft Windows 10 EMS Gateway v3.0.0 L1 | Windows | ACCESS CONTROL |
| 2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' | CIS Microsoft Windows 11 Stand-alone v4.0.0 L1 | Windows | ACCESS CONTROL |
| 2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' | CIS Microsoft Windows 10 Enterprise v4.0.0 L1 | Windows | ACCESS CONTROL |
| 2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 BitLocker | Windows | ACCESS CONTROL |
| 2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | ACCESS CONTROL |
| 2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 BL | Windows | ACCESS CONTROL |
| 2.3.10.10 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L1 NG | Windows | ACCESS CONTROL |
| 7. OpenStack Identity - Policy.json - 'identity:get_endpoint' | TNS OpenStack Keystone/Identity Security Guide | Unix | ACCESS CONTROL |
| 7. OpenStack Networking - Policy.json - 'get_port:queue_id' | TNS OpenStack Neutron/Networking Security Guide | Unix | ACCESS CONTROL |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - AcroRd32.exe | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - EXCEL.EXE | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - INFOPATH.EXE | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - java.exe | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - javaw.exe | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - LYNC.EXE | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - MSACCESS.EXE | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - MSPUB.EXE | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - OUTLOOK.EXE | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - PPTVIEW.EXE | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - VISIO.EXE | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.9.24.5 Ensure 'Default Protections for Recommended Software' is set to 'Enabled' - wordpad.exe | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 18.10.16.1 Ensure 'Download Mode' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 20.27 Ensure 'Event Viewer must be protected from unauthorized modification and deletion' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 20.27 Ensure 'Event Viewer must be protected from unauthorized modification and deletion' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 20.30 Ensure 'FTP servers must be configured to prevent anonymous logons' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| 20.30 Ensure 'FTP servers must be configured to prevent anonymous logons' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | CONFIGURATION MANAGEMENT |
| 20.34 Ensure 'Manually managed application account passwords are 14 characters in length' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 20.34 Ensure 'Manually managed application account passwords are 14 characters in length' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 20.34 Ensure 'Manually managed application account passwords are 14 characters in length' (STIG Only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 20.34 Ensure 'Manually managed application account passwords are 14 characters in length' (STIG Only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 49.20 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' | CIS Microsoft Intune for Windows 10 v4.0.0 L1 | Windows | ACCESS CONTROL |
| 49.20 (L1) Ensure 'Network access: Restrict clients allowed to make remote calls to SAM' is set to 'Administrators: Remote Access: Allow' | CIS Microsoft Intune for Windows 11 v4.0.0 L1 | Windows | ACCESS CONTROL |
| AADC-CL-000290 - Adobe Acrobat Pro DC Classic must be configured to block Flash Content. | DISA STIG Adobe Acrobat Pro DC Classic Track v2r1 | Windows | CONFIGURATION MANAGEMENT |
| AADC-CL-000840 - Adobe Acrobat Pro DC Classic privileged file and folder locations must be disabled. | DISA STIG Adobe Acrobat Pro DC Classic Track v2r1 | Windows | CONFIGURATION MANAGEMENT |
| AADC-CL-001010 - Adobe Acrobat Pro DC Classic Protected Mode must be enabled. | DISA STIG Adobe Acrobat Pro DC Classic Track v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AADC-CL-001280 - Adobe Acrobat Pro DC Classic Default Handler changes must be disabled. | DISA STIG Adobe Acrobat Pro DC Classic Track v2r1 | Windows | CONFIGURATION MANAGEMENT |
| AADC-CL-001290 - Adobe Acrobat Pro DC Classic Cloud Synchronization must be disabled. | DISA STIG Adobe Acrobat Pro DC Classic Track v2r1 | Windows | CONFIGURATION MANAGEMENT |
| JUSX-VN-000004 - The Juniper SRX Services Gateway VPN device also fulfills the role of IDPS in the architecture, the device must inspect the VPN traffic in compliance with DoD IDPS requirements. | DISA Juniper SRX Services Gateway VPN v3r1 | Juniper | ACCESS CONTROL |
| WN12-00-000180 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client - LanManWorkstation | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000180 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client - LanManWorkstation | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000180 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client - mrxsmb10 | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000180 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client - mrxsmb10 | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
