| 3.092 - The system must generate an audit event when the audit log reaches a percentage of full threshold. | DISA Windows Vista STIG v6r41 | Windows | AUDIT AND ACCOUNTABILITY |
| AIOS-14-008900 - Apple iOS/iPadOS must implement the management setting: limit Ad Tracking. | MobileIron - DISA Apple iOS/iPadOS 14 v1r3 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-14-009000 - Apple iOS/iPadOS must implement the management setting: not allow automatic completion of Safari browser passcodes. | MobileIron - DISA Apple iOS/iPadOS 14 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-14-009200 - Apple iOS/iPadOS must implement the management setting: not allow use of Handoff. | MobileIron - DISA Apple iOS/iPadOS 14 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-14-010700 - Apple iOS/iPadOS must not allow managed apps to write contacts to unmanaged contacts accounts. | AirWatch - DISA Apple iOS/iPadOS 14 v1r3 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-16-001000 - Apple iOS/iPadOS 16 must allow the Administrator (MDM) to perform the following management function: enable/disable VPN protection across the device and [selection: other methods] - MDM to perform the following management function: enable/disable VPN protection across the device and [selection: other methods]. | AirWatch - DISA Apple iOS/iPadOS 16 v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| ESXI5-VM-000050 - The system must use templates to deploy VMs whenever possible. | DISA STIG VMWare ESXi 5 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| GEN000452 - The system must display the date and time of the last successful account login upon login. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000510 - The system must display a publicly-viewable pattern during a graphical desktop environment session lock. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000850 - The system must restrict the ability to switch to the root user to members of a defined group. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN001280 - Manual page files must have mode 0644 or less permissive - '/usr/share/info/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN001280 - Manual page files must have mode 0644 or less permissive - '/usr/share/infopage/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN001290 - All manual page files must not have extended ACLs - '/usr/share/info' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN001290 - All manual page files must not have extended ACLs - '/usr/share/infopage' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN001375 - For systems using DNS resolution, at least two name servers must be configured - first name server | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN001375 - For systems using DNS resolution, at least two name servers must be configured - second name server | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN001460 - All interactive user home directories defined in the /etc/passwd file must exist. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN001490 - User home directories must not have extended ACLs. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN001540 - All files and directories contained in interactive user home directories must be owned by the home directorys owner. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN001560 - All files and directories contained in user home directories must have mode 0750 or less permissive. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN002870 - The system must be configured to send audit/system records to a remote audit server - 'contains *.* @<server>' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN003220 - Cron programs must not set the umask to a value less restrictive than 077 - '/etc/cron.d/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003220 - Cron programs must not set the umask to a value less restrictive than 077 - '/etc/cron.daily/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003220 - Cron programs must not set the umask to a value less restrictive than 077 - '/etc/cron.monthly/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003220 - Cron programs must not set the umask to a value less restrictive than 077 - '/etc/cron.weekly/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003220 - Cron programs must not set the umask to a value less restrictive than 077 - '/var/spool/cron/*' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003521 - The kernel core dump data directory must be group-owned by root, bin, sys, or system. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003522 - The kernel core dump data directory must have mode 0700 or less permissive. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003523 - The kernel core dump data directory must not have an extended ACL. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003611 - The system must log martian packets - 'net.ipv4.conf.all.log_martians' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| GEN003611 - The system must log martian packets - 'net.ipv4.conf.default.log_martians' | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT |
| GEN003620 - A separate file system must be used for user home directories (such as /home or an equivalent) - such as /home or equivalent. | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN003621 - The system must use a separate file system for /var. | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN003624 - The system must use a separate file system for /tmp (or equivalent). | DISA STIG for Oracle Linux 5 v2r1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN003860 - The system must not have the finger service active. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN005760 - The Network File System (NFS) export configuration file must have mode 0644 or less permissive. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN006570 - The file integrity tool must be configured to verify ACLs. | DISA STIG for Oracle Linux 5 v2r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN006571 - The file integrity tool must be configured to verify extended attributes. | DISA STIG for Oracle Linux 5 v2r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN006575 - The file integrity tool must use FIPS 140-2 approved cryptographic hashes for validating file contents. | DISA STIG for Oracle Linux 5 v2r1 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| GEN006660 - Accounts must be locked upon 35 days of inactivity. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| MOTS-11-005200 - Motorola Solutions Android 11 must allow only the Administrator (EMM) to perform the following management function: Enable/disable location services. | AirWatch - DISA Motorola Solutions Android 11 COBO v1r3 | MDM | CONFIGURATION MANAGEMENT |
| MOTS-11-005200 - Motorola Solutions Android 11 must allow only the Administrator (EMM) to perform the following management function: Enable/disable location services. | MobileIron - DISA Motorola Solutions Android 11 COBO v1r3 | MDM | CONFIGURATION MANAGEMENT |
| SOL-11.1-050410 - The GNOME service must display the DoD approved system use notification message or banner before granting access to the system. | DISA STIG Solaris 11 X86 v3r1 | Unix | ACCESS CONTROL |
| SRG-OS-99999-ESXI5-000143 - The system must enable SSL for NFC. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| SRG-OS-99999-ESXI5-000147 - The system must ensure uniqueness of CHAP authentication secrets. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| SRG-OS-99999-ESXI5-000150 - SAN resources must be masked and zoned appropriately. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| SRG-OS-99999-ESXI5-000151 - The system must prevent unintended use of dvfilter network APIs. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| SRG-OS-99999-ESXI5-000154 - The system must use Active Directory for local user authentication for accounts other than root and the vpxuser. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| SRG-OS-99999-ESXI5-000155 - Active Directory ESX Admin group membership must be verified unused. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| WN19-00-000440 - The Windows Server 2019 time service must synchronize with an appropriate DOD time source. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | AUDIT AND ACCOUNTABILITY |
