ESXI-80-000202 - The ESXi host Secure Shell (SSH) daemon must not allow host-based authentication. | DISA VMware vSphere 8.0 ESXi STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
ESXI-80-000209 - The ESXi host Secure Shell (SSH) daemon must not permit tunnels. | DISA VMware vSphere 8.0 ESXi STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
GOOG-15-006400 - Google Android 15 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 15 COBO v1r2 | MDM | ACCESS CONTROL |
GOOG-15-006400 - Google Android 15 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Google Android 15 COPE v1r2 | MDM | ACCESS CONTROL |
GOOG-15-006500 - Google Android 15 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DOD-approved commercial app repository, MDM server, mobile application store]. | MobileIron - DISA Google Android 15 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
GOOG-15-006700 - Google Android 15 allow list must be configured to not include applications with the following characteristics: | AirWatch - DISA Google Android 15 COBO v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
GOOG-15-006700 - Google Android 15 allow list must be configured to not include applications with the following characteristics: | MobileIron - DISA Google Android 15 COBO v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
GOOG-15-007400 - Google Android 15 must be configured to disable developer modes. | AirWatch - DISA Google Android 15 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
GOOG-15-007400 - Google Android 15 must be configured to disable developer modes. | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
GOOG-15-007800 - Google Android 15 must be configured to generate audit records for the following auditable events: Detected integrity violations. | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | AUDIT AND ACCOUNTABILITY |
GOOG-15-008400 - Google Android 15 must be configured to disable USB mass storage mode. | AirWatch - DISA Google Android 15 COPE v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
GOOG-15-008600 - Google Android 15 must be configured to not allow backup of [all applications, configuration data] to remote systems. | AirWatch - DISA Google Android 15 COPE v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
GOOG-15-008600 - Google Android 15 must be configured to not allow backup of [all applications, configuration data] to remote systems. | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
GOOG-15-009900 - Google Android 15 must be configured to disable Wi-Fi Sharing. | AirWatch - DISA Google Android 15 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
GOOG-15-009950 - Google Android 15 must be configured to enforce a password for Wi-Fi and Bluetooth hotspot, if approved for use by the authorizing official (AO). If not approved for use, Wi-Fi and Bluetooth hotspot must be disabled. | MobileIron - DISA Google Android 15 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
GOOG-15-009950 - Google Android 15 must be configured to enforce a password for Wi-Fi and Bluetooth hotspot, if approved for use by the authorizing official (AO). If not approved for use, Wi-Fi and Bluetooth hotspot must be disabled. | AirWatch - DISA Google Android 15 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
GOOG-15-010100 - The Google Android 15 work profile must be configured to prevent users from adding personal email accounts to the work email app. | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
GOOG-15-010300 - Google Android 15 must be provisioned as a fully managed device and configured to create a work profile. | AirWatch - DISA Google Android 15 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
GOOG-15-010400 - The Google Android 15 work profile must be configured to disable automatic completion of workspace internet browser text input. | AirWatch - DISA Google Android 15 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
GOOG-15-010400 - The Google Android 15 work profile must be configured to disable automatic completion of workspace internet browser text input. | MobileIron - DISA Google Android 15 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
GOOG-15-010400 - The Google Android 15 work profile must be configured to disable automatic completion of workspace internet browser text input. | AirWatch - DISA Google Android 15 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
RHEL-09-253045 - RHEL 9 must not forward IPv4 source-routed packets by default. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-253050 - RHEL 9 must use a reverse-path filter for IPv4 network traffic when possible by default. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-253055 - RHEL 9 must not respond to Internet Control Message Protocol (ICMP) echoes sent to a broadcast address. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-254015 - RHEL 9 must ignore IPv6 Internet Control Message Protocol (ICMP) redirect messages. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-254025 - RHEL 9 must not enable IPv6 packet forwarding unless the system is a router. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-255155 - RHEL 9 SSH daemon must disable remote X connections for interactive users. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-255175 - RHEL 9 SSH daemon must prevent remote hosts from connecting to the proxy display. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-411060 - All RHEL 9 local interactive users must have a home directory assigned in the /etc/passwd file. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-412070 - RHEL 9 must define default permissions for the system default profile. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-431020 - RHEL 9 must configure SELinux context type to allow the use of a nondefault faillock tally directory. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
RHEL-09-611030 - RHEL 9 must configure the use of the pam_faillock.so module in the /etc/pam.d/system-auth file. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | ACCESS CONTROL |
RHEL-09-611155 - RHEL 9 must not have accounts configured with blank or null passwords. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-652015 - RHEL 9 must have the packages required for encrypting offloaded audit logs installed. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
RHEL-09-652025 - RHEL 9 must be configured so that the rsyslog daemon does not accept log messages from other servers unless the server is being used for log aggregation. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
RHEL-09-653020 - RHEL 9 audit system must take appropriate action when an error writing to the audit storage volume occurs. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
RHEL-09-653110 - RHEL 9 must allow only the information system security manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
RHEL-09-653115 - RHEL 9 /etc/audit/auditd.conf file must have 0640 or less permissive to prevent unauthorized access. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
RHEL-09-654190 - Successful/unsuccessful uses of the poweroff command in RHEL 9 must generate an audit record. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
RHEL-09-654200 - Successful/unsuccessful uses of the shutdown command in RHEL 9 must generate an audit record. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | AUDIT AND ACCOUNTABILITY |
SLES-12-010111 - The SUSE operating system must restrict privilege elevation to authorized personnel. | DISA SLES 12 STIG v3r2 | Unix | CONFIGURATION MANAGEMENT |
WN22-00-000200 - Windows Server 2022 accounts must require passwords. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
WN22-00-000240 - Windows Server 2022 must have software certificate installation files removed. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
WN22-00-000350 - Windows Server 2022 must not have Simple TCP/IP Services installed. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
WN22-00-000400 - Windows Server 2022 must have the Server Message Block (SMB) v1 protocol disabled on the SMB client. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
WN22-00-000460 - Windows Server 2022 systems must have Unified Extensible Firmware Interface (UEFI) firmware and be configured to run in UEFI mode, not Legacy BIOS. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
WN22-AU-000170 - Windows Server 2022 must be configured to audit Logon/Logoff - Group Membership successes. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
WN22-CC-000100 - Windows Server 2022 must be configured to enable Remote host allows delegation of nonexportable credentials. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
WN22-CC-000110 - Windows Server 2022 virtualization-based security must be enabled with the platform security level configured to Secure Boot or Secure Boot with DMA Protection. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
WN22-CC-000290 - Windows Server 2022 System event log size must be configured to 32768 KB or greater. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | AUDIT AND ACCOUNTABILITY |