| 4.012 - Minimum password age does not meet minimum requirements. | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 4.013 - For systems utilizing a logon ID as the individual identifier, passwords must be a minimum of 14 characters in length. | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTAVSEL-007 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to find potentially unwanted programs. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-009 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to scan files when being read from disk. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-011 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner maximum scan time must not be less than 45 seconds - scanMaxTmo | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-018 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to allow access to files if scanning times out. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-019 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be enabled to scan mounted volumes when mounted volumes point to a network server without an anti-virus solution installed. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-106 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Clean infected files automatically as first action when a virus or Trojan is detected. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-111 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Demand scanner must be configured to Move infected files to the quarantine directory if first action fails when programs and jokes are found. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| MADB-10-000500 - MariaDB must provide audit record generation capability for DoD-defined auditable events within all DBMS/database components. | DISA MariaDB Enterprise 10.x v2r4 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-002300 - MariaDB must protect its audit features from unauthorized access. | DISA MariaDB Enterprise 10.x v2r4 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-002500 - MariaDB must protect its audit features from unauthorized removal. | DISA MariaDB Enterprise 10.x v2r4 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-003500 - MariaDB must be configured to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments. | DISA MariaDB Enterprise 10.x v2r4 DB | MySQLDB | CONFIGURATION MANAGEMENT |
| MADB-10-005100 - In the event of a system failure, MariaDB must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes. | DISA MariaDB Enterprise 10.x v2r4 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MADB-10-005900 - MariaDB and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack. | DISA MariaDB Enterprise 10.x v2r4 DB | MySQLDB | SYSTEM AND INFORMATION INTEGRITY |
| MADB-10-006200 - MariaDB must automatically terminate a user's session after organization-defined conditions or trigger events requiring session disconnect. | DISA MariaDB Enterprise 10.x v2r4 DB | MySQLDB | ACCESS CONTROL |
| MADB-10-009700 - MariaDB must generate audit records when unsuccessful attempts to access categories of information (e.g., classification levels/security levels) occur. | DISA MariaDB Enterprise 10.x v2r4 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-010100 - MariaDB must generate audit records when unsuccessful attempts to modify privileges/permissions occur. | DISA MariaDB Enterprise 10.x v2r4 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-010200 - MariaDB must generate audit records when security objects are modified. | DISA MariaDB Enterprise 10.x v2r4 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-011100 - MariaDB must generate audit records when unsuccessful attempts to delete categories of information (e.g., classification levels/security levels) occur. | DISA MariaDB Enterprise 10.x v2r4 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-011400 - MariaDB must generate audit records for all privileged activities or other system-level access. | DISA MariaDB Enterprise 10.x v2r4 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-012000 - MariaDB must generate audit records for all direct access to the database(s). | DISA MariaDB Enterprise 10.x v2r4 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MADB-10-012100 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to provision digital signatures. | DISA MariaDB Enterprise 10.x v2r4 OS Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MADB-10-012300 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to protect unclassified information requiring confidentiality and cryptographic protection, in accordance with the data owners requirements. | DISA MariaDB Enterprise 10.x v2r4 OS Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 18' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 173' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 175' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012100 - SQL Server must produce audit records containing sufficient information to establish the sources (origins) of the events - 'Event ID 177' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012200 - SQL Server must produce audit records containing sufficient information to establish the outcome (success or failure) of the events - 'Event ID 15' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012200 - SQL Server must produce audit records containing sufficient information to establish the outcome (success or failure) of the events - 'Event ID 18' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012200 - SQL Server must produce audit records containing sufficient information to establish the outcome (success or failure) of the events - 'Event ID 108' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012200 - SQL Server must produce audit records containing sufficient information to establish the outcome (success or failure) of the events - 'Event ID 116' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012200 - SQL Server must produce audit records containing sufficient information to establish the outcome (success or failure) of the events - 'Event ID 152' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012200 - SQL Server must produce audit records containing sufficient information to establish the outcome (success or failure) of the events - 'Event ID 173' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012300 - SQL Server must produce audit records containing sufficient information to establish the identity of any user/subject associated with the event - 'Event ID 104' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012300 - SQL Server must produce audit records containing sufficient information to establish the identity of any user/subject associated with the event - 'Event ID 106' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012300 - SQL Server must produce audit records containing sufficient information to establish the identity of any user/subject associated with the event - 'Event ID 113' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012300 - SQL Server must produce audit records containing sufficient information to establish the identity of any user/subject associated with the event - 'Event ID 115' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012300 - SQL Server must produce audit records containing sufficient information to establish the identity of any user/subject associated with the event - 'Event ID 118' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012300 - SQL Server must produce audit records containing sufficient information to establish the identity of any user/subject associated with the event - 'Event ID 128' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012300 - SQL Server must produce audit records containing sufficient information to establish the identity of any user/subject associated with the event - 'Event ID 133' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012300 - SQL Server must produce audit records containing sufficient information to establish the identity of any user/subject associated with the event - 'Event ID 134' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012300 - SQL Server must produce audit records containing sufficient information to establish the identity of any user/subject associated with the event - 'Event ID 153' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012300 - SQL Server must produce audit records containing sufficient information to establish the identity of any user/subject associated with the event - 'Event ID 175' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012300 - SQL Server must produce audit records containing sufficient information to establish the identity of any user/subject associated with the event - 'Event ID 177' | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SQL2-00-016200 - SQL Server must have the publicly available NorthWind sample database removed. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL2-00-017800 - SQL Server backup procedures must be defined, documented, and implemented. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONTINGENCY PLANNING |
| SQL2-00-020000 - SQL Server must protect the integrity of publicly available information and SQL Servers configuration from unauthorized Securables access. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL2-00-020200 - SQL Server must protect the integrity of publicly available information and SQL Servers configuration from unauthorized User Mapping access. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL2-00-020300 - SQL Server must protect the integrity of publicly available information and SQL Servers configuration from unauthorized Server Roles access. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | CONFIGURATION MANAGEMENT |
