| 1.3.4 Ensure 'Maximum lifetime for user ticket renewal' is set to '7 or fewer days' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | IDENTIFICATION AND AUTHENTICATION |
| 2.4.2 Ensure 'Require alphanumeric value' is set to 'Enabled' | MobileIron - CIS Apple iOS 17 v1.1.0 End User Owned L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 3.4.2 Ensure 'Require alphanumeric value' is set to 'Enabled' | MobileIron - CIS Apple iPadOS 17 Institutionally Owned L2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| 4.4 Ensure 'Find My iPhone/iPad' is set to 'Enabled' on end-user owned devices | MobileIron - CIS Apple iOS 14 and iPadOS 14 v1.0.0 End User Owned L1 | MDM | ACCESS CONTROL |
| 4.8 Ensure 'Find My iPhone/iPad' is set to 'Enabled' on end user-owned devices | AirWatch - CIS Apple iPadOS 17 v1.1.0 End User Owned L1 | MDM | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.4.7 Ensure minimum and maximum requirements are set for password changes - maxrepeat | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 20.68 Ensure 'Unified Extensible Firmware Interface (UEFI) firmware must be configured and run in UEFI mode, not Legacy BIOS' | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 20.68 Ensure 'Unified Extensible Firmware Interface (UEFI) firmware must be configured and run in UEFI mode, not Legacy BIOS' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | SYSTEM AND INFORMATION INTEGRITY |
| AIOS-02-080017 - Apple iOS must implement the management setting: Encrypt iTunes backups. | AirWatch - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-12-010800 - Apple iOS must implement the management setting: Encrypt iTunes backups. | AirWatch - DISA Apple iOS 12 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-12-010800 - Apple iOS must implement the management setting: Encrypt iTunes backups. | MobileIron - DISA Apple iOS 12 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| Big Sur - Disable Handoff | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Big Sur - Disable Handoff | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Big Sur - Disable Handoff | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Big Sur - Enforce Apple Mobile File Integrity | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Enforce Apple Mobile File Integrity | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Enforce Apple Mobile File Integrity | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | SYSTEM AND INFORMATION INTEGRITY |
| CISC-L2-000120 - The Cisco switch must have Unknown Unicast Flood Blocking (UUFB) enabled. | DISA STIG Cisco IOS XE Switch L2S v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-EG-000025 - Exchange external Receive connectors must be domain secure-enabled. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | ACCESS CONTROL |
| EX13-EG-000030 - The Exchange email Diagnostic log level must be set to the lowest level. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | AUDIT AND ACCOUNTABILITY |
| EX13-EG-000040 - Exchange Queue monitoring must be configured with threshold and action. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | AUDIT AND ACCOUNTABILITY |
| EX13-EG-000045 - Exchange must not send Customer Experience reports to Microsoft. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | CONFIGURATION MANAGEMENT |
| EX13-EG-000050 - Exchange Audit data must be protected against unauthorized access (read access). | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | AUDIT AND ACCOUNTABILITY |
| EX13-EG-000055 - Exchange Send Fatal Errors to Microsoft must be disabled. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | CONFIGURATION MANAGEMENT |
| EX13-EG-000060 - Exchange audit data must be protected against unauthorized access for modification. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | AUDIT AND ACCOUNTABILITY |
| EX13-EG-000070 - Exchange audit data must be on separate partitions. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | AUDIT AND ACCOUNTABILITY |
| EX13-EG-000095 - Exchange Outbound Connection Timeout must be 10 minutes or less. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-EG-000125 - Exchange Send connectors delivery retries must be controlled. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-EG-000160 - Exchange Message size restrictions must be controlled on Receive connectors. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-EG-000170 - Exchange messages with a blank sender field must be filtered. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX13-EG-000185 - Exchange nonexistent recipients must not be blocked. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX13-EG-000190 - The Exchange Sender Reputation filter must be enabled. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX13-EG-000195 - The Exchange Sender Reputation filter must identify the spam block level. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX13-EG-000200 - Exchange Attachment filtering must remove undesirable attachments by file type. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX13-EG-000205 - The Exchange Spam Evaluation filter must be enabled. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX13-EG-000235 - The Exchange Recipient filter must be enabled. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX13-EG-000245 - Exchange internal Receive connectors must not allow anonymous connections. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX13-EG-000270 - Exchange must have antispam filtering enabled - ContentFilterConfig | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX13-EG-000270 - Exchange must have antispam filtering enabled - SenderReputationConfig | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX13-EG-000290 - The Exchange application directory must be protected from unauthorized access. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | CONFIGURATION MANAGEMENT |
| EX13-EG-000300 - Exchange software must be monitored for unauthorized changes. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | CONFIGURATION MANAGEMENT |
| EX13-EG-000310 - Exchange software must be installed on a separate partition from the OS. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-EG-000315 - The Exchange SMTP automated banner response must not reveal server details. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-EG-000335 - Exchange internal Send connectors must use an authentication level. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-EG-000340 - Exchange internal Receive connectors must require encryption. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-EG-000350 - The version of Exchange running on the system must be a supported version. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX13-EG-003010 - The applications built-in Malware Agent must be disabled. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX13-EG-003016 - A DoD-approved third party Exchange-aware malicious code protection application must be implemented. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Disable Handoff | NIST macOS Monterey v1.0.0 - 800-171 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Handoff | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
