Item Search

NameAudit NamePluginCategory
DTOO265 - Outlook - Warning about invalid signatures must be enforced.DISA STIG Office 2010 Outlook v1r14Windows

IDENTIFICATION AND AUTHENTICATION

ESXI-70-000005 - The ESXi host must enforce the limit of three consecutive invalid logon attempts by a user.DISA STIG VMware vSphere 7.0 ESXi v1r4VMware

ACCESS CONTROL

ESXI-70-000020 - The ESXi host Secure Shell (SSH) daemon must perform strict mode checking of home directory configuration files.DISA STIG VMware vSphere 7.0 ESXi OS v1r4Unix

CONFIGURATION MANAGEMENT

ESXI-70-000039 - Active Directory ESX Admin group membership must not be used when adding ESXi hosts to Active Directory.DISA STIG VMware vSphere 7.0 ESXi v1r4VMware

IDENTIFICATION AND AUTHENTICATION

ESXI-70-000042 - The ESXi host must terminate shell services after 10 minutes.DISA STIG VMware vSphere 7.0 ESXi v1r4VMware

SYSTEM AND COMMUNICATIONS PROTECTION

ESXI-70-000043 - The ESXi host must log out of the console UI after two minutes.DISA STIG VMware vSphere 7.0 ESXi v1r4VMware

SYSTEM AND COMMUNICATIONS PROTECTION

ESXI-70-000050 - The ESXi host must protect the confidentiality and integrity of transmitted information by isolating IP-based storage traffic.DISA STIG VMware vSphere 7.0 ESXi v1r4VMware

SYSTEM AND COMMUNICATIONS PROTECTION

ESXI-70-000056 - The ESXi host must configure the firewall to restrict access to services running on the host.DISA STIG VMware vSphere 7.0 ESXi OS v1r4Unix

CONFIGURATION MANAGEMENT

ESXI-70-000057 - The ESXi host must configure the firewall to block network traffic by default - outgoingDISA STIG VMware vSphere 7.0 ESXi v1r4VMware

CONFIGURATION MANAGEMENT

ESXI-70-000061 - All port groups on standard switches must be configured to reject guest promiscuous mode requests.DISA STIG VMware vSphere 7.0 ESXi v1r4VMware

CONFIGURATION MANAGEMENT

ESXI-70-000062 - Use of the dvFilter network application programming interfaces (APIs) must be restricted.DISA STIG VMware vSphere 7.0 ESXi v1r4VMware

CONFIGURATION MANAGEMENT

ESXI-70-000084 - The ESXi host must enable audit logging.DISA STIG VMware vSphere 7.0 ESXi OS v1r4Unix

CONFIGURATION MANAGEMENT

ESXI-70-000091 - The ESXi host must be configured with an appropriate maximum password age.DISA STIG VMware vSphere 7.0 ESXi v1r4VMware

CONFIGURATION MANAGEMENT

ESXI-70-000097 - The ESXi Common Information Model (CIM) service must be disabled.DISA STIG VMware vSphere 7.0 ESXi v1r4VMware

CONFIGURATION MANAGEMENT

ESXI-80-000111 - The ESXi host must enforce an unlock timeout of 15 minutes after a user account is locked out.DISA VMware vSphere 8.0 ESXi STIG v2r3VMware

ACCESS CONTROL

ESXI-80-000196 - The ESXi host must set a timeout to automatically end idle DCUI sessions after 10 minutes.DISA VMware vSphere 8.0 ESXi STIG v2r3VMware

SYSTEM AND COMMUNICATIONS PROTECTION

ESXI-80-000199 - The ESXi host must protect the confidentiality and integrity of transmitted information by isolating IP-based storage traffic.DISA VMware vSphere 8.0 ESXi STIG v2r3VMware

SYSTEM AND COMMUNICATIONS PROTECTION

ESXI-80-000201 - The ESXi host lockdown mode exception users list must be verified.DISA VMware vSphere 8.0 ESXi STIG v2r3VMware

CONFIGURATION MANAGEMENT

ESXI-80-000216 - The ESXi host must configure virtual switch security policies to reject forged transmits.DISA VMware vSphere 8.0 ESXi STIG v2r3VMware

CONFIGURATION MANAGEMENT

ESXI-80-000218 - The ESXi host must configure virtual switch security policies to reject promiscuous mode requests.DISA VMware vSphere 8.0 ESXi STIG v2r3VMware

CONFIGURATION MANAGEMENT

ESXI-80-000219 - The ESXi host must restrict use of the dvFilter network application programming interface (API).DISA VMware vSphere 8.0 ESXi STIG v2r3VMware

CONFIGURATION MANAGEMENT

ESXI-80-000227 - The ESXi host must be configured with an appropriate maximum password age.DISA VMware vSphere 8.0 ESXi STIG v2r3VMware

CONFIGURATION MANAGEMENT

ESXI-80-000232 - The ESXi host must enable audit logging.DISA VMware vSphere 8.0 ESXi STIG v2r3VMware

CONFIGURATION MANAGEMENT

UBTU-20-010002 - The Ubuntu operating system must enable the graphical user logon banner to display the Standard Mandatory DoD Notice and Consent Banner before granting local access to the system via a graphical user logon.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

ACCESS CONTROL

UBTU-20-010057 - The Ubuntu operating system must be configured so that when passwords are changed or new passwords are established, pwquality must be used.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

CONFIGURATION MANAGEMENT

UBTU-20-010133 - The Ubuntu operating system must be configured so that audit configuration files are not write-accessible by unauthorized users.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

UBTU-20-010135 - The Ubuntu operating system must permit only authorized groups to own the audit configuration files.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

UBTU-20-010137 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chfn command.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

UBTU-20-010139 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the umount command.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

UBTU-20-010141 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the ssh-keysign command.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

UBTU-20-010142 - The Ubuntu operating system must generate audit records for any use of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

UBTU-20-010152 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chmod, fchmod, and fchmodat system calls.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

UBTU-20-010167 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the setfacl command.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

UBTU-20-010169 - The Ubuntu operating system must generate audit records for the use and modification of the tallylog file.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

UBTU-20-010170 - The Ubuntu operating system must generate audit records for the use and modification of faillog file.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

UBTU-20-010171 - The Ubuntu operating system must generate audit records for the use and modification of the lastlog file.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

UBTU-20-010175 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the chage command.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

UBTU-20-010279 - The Ubuntu operating system must generate audit records for the /var/log/btmp file.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

UBTU-20-010296 - The Ubuntu operating system must generate audit records when successful/unsuccessful attempts to use modprobe command.DISA Canonical Ubuntu 20.04 LTS STIG v2r2Unix

AUDIT AND ACCOUNTABILITY

WN22-CC-000330 - Windows Server 2022 File Explorer shell protocol must run in protected mode.DISA Microsoft Windows Server 2022 STIG v2r4Windows

CONFIGURATION MANAGEMENT

WN22-CC-000350 - Windows Server 2022 Remote Desktop Services must prevent drive redirection.DISA Microsoft Windows Server 2022 STIG v2r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN22-DC-000340 - Windows Server 2022 Access this computer from the network user right must only be assigned to the Administrators, Authenticated Users, and Enterprise Domain Controllers groups on domain controllers.DISA Microsoft Windows Server 2022 STIG v2r4Windows

ACCESS CONTROL

WN22-DC-000360 - Windows Server 2022 Allow log on through Remote Desktop Services user right must only be assigned to the Administrators group on domain controllers.DISA Microsoft Windows Server 2022 STIG v2r4Windows

ACCESS CONTROL

WN22-DC-000370 - Windows Server 2022 Deny access to this computer from the network user right on domain controllers must be configured to prevent unauthenticated access.DISA Microsoft Windows Server 2022 STIG v2r4Windows

ACCESS CONTROL

WN22-DC-000400 - Windows Server 2022 Deny log on locally user right on domain controllers must be configured to prevent unauthenticated access.DISA Microsoft Windows Server 2022 STIG v2r4Windows

ACCESS CONTROL

WN22-MS-000030 - Windows Server 2022 local users on domain-joined member servers must not be enumerated.DISA Microsoft Windows Server 2022 STIG v2r4Windows

CONFIGURATION MANAGEMENT

WN22-MS-000080 - Windows Server 2022 Deny access to this computer from the network user right on domain-joined member servers must be configured to prevent access from highly privileged domain accounts and local accounts and from unauthenticated access on all systems.DISA Microsoft Windows Server 2022 STIG v2r4Windows

ACCESS CONTROL

WN22-SO-000010 - Windows Server 2022 must have the built-in guest account disabled.DISA Microsoft Windows Server 2022 STIG v2r4Windows

IDENTIFICATION AND AUTHENTICATION

WN22-SO-000380 - Windows Server 2022 User Account Control (UAC) approval mode for the built-in Administrator must be enabled.DISA Microsoft Windows Server 2022 STIG v2r4Windows

IDENTIFICATION AND AUTHENTICATION

WN22-SO-000450 - Windows Server 2022 User Account Control (UAC) must virtualize file and registry write failures to per-user locations.DISA Microsoft Windows Server 2022 STIG v2r4Windows

SYSTEM AND COMMUNICATIONS PROTECTION