| AIOS-18-006800 - Apple iOS/iPadOS 18 must be configured to lock the display after 15 minutes (or less) of inactivity - or less of inactivity. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | ACCESS CONTROL |
| AIOS-18-007400 - The Apple iOS/iPadOS 18 allow list must be configured to not include applications with the following characteristics: - Backs up MD data to non-DOD cloud servers (including user and application access to cloud backup services); - Transmits MD diagnostic data to non-DOD servers; - Allows synchronization of data or applications between devices associated with user; - Allows unencrypted (or encrypted but not FIPS 140-3 validated) data sharing with other MDs or printers; - Backs up its own data to a remote system; and - Uses artificial intelligence (AI), which processes data in the cloud (off device). Exception: Apple Intelligence Private Cloud Compute (PCC) - allows unencrypted (or encrypted but not FIPS 140-2 validated) data sharing with other MDs or printers. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | IDENTIFICATION AND AUTHENTICATION |
| AIOS-18-009200 - Apple iOS/iPadOS 18 must be configured to not allow backup of [all applications, configuration data] to locally connected systems. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-18-010700 - Apple iOS/iPadOS 18 must implement the management setting: encrypt backups/Encrypt local backup. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-012000 - A managed photo app must be used to take and store work-related photos. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-012500 - Apple iOS/iPadOS 18 must implement the management setting: disable AirDrop. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-012600 - Apple iOS/iPadOS 18 must implement the management setting: disable paired Apple Watch. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-012800 - Apple iOS/iPadOS 18 must disable 'Allow setting up new nearby devices' - Allow setting up new nearby devices. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-013200 - The Apple iOS/iPadOS 18 must be supervised by the MDM. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| CNTR-K8-000270 - The Kubernetes API Server must enable Node,RBAC as the authorization mode. | DISA STIG Kubernetes v2r3 | Unix | ACCESS CONTROL |
| CNTR-K8-000300 - The Kubernetes Scheduler must have secure binding. | DISA STIG Kubernetes v2r3 | Unix | ACCESS CONTROL |
| CNTR-K8-000450 - Kubernetes DynamicAuditing must not be enabled - manifest | DISA STIG Kubernetes v2r3 | Unix | ACCESS CONTROL |
| CNTR-K8-000460 - Kubernetes DynamicKubeletConfig must not be enabled - kubelet | DISA STIG Kubernetes v2r3 | Unix | ACCESS CONTROL |
| CNTR-K8-001300 - Kubernetes Kubelet must not disable timeouts. | DISA STIG Kubernetes v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-001360 - Kubernetes must separate user functionality. | DISA STIG Kubernetes v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-001430 - Kubernetes Controller Manager must have the SSL Certificate Authority set. | DISA STIG Kubernetes v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-001440 - Kubernetes API Server must have a certificate for communication. | DISA STIG Kubernetes v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-001470 - Kubernetes Kubelet must enable tlsCertFile for client authentication to secure service. | DISA STIG Kubernetes v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-001490 - Kubernetes etcd must have a key file for secure communication. | DISA STIG Kubernetes v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-001500 - Kubernetes etcd must have a certificate for communication. | DISA STIG Kubernetes v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-001510 - Kubernetes etcd must have the SSL Certificate Authority set. | DISA STIG Kubernetes v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-001540 - Kubernetes etcd must have peer-cert-file set for secure communication. | DISA STIG Kubernetes v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-003120 - The Kubernetes component etcd must be owned by etcd. | DISA STIG Kubernetes v2r3 | Unix | CONFIGURATION MANAGEMENT |
| CNTR-K8-003140 - The Kubernetes Kube Proxy kubeconfig must have file permissions set to 644 or more restrictive. | DISA STIG Kubernetes v2r3 | Unix | CONFIGURATION MANAGEMENT |
| CNTR-K8-003170 - The Kubernetes Kubelet certificate authority must be owned by root. | DISA STIG Kubernetes v2r3 | Unix | CONFIGURATION MANAGEMENT |
| CNTR-K8-003300 - The Kubernetes API Server must be set to audit log maximum backup. | DISA STIG Kubernetes v2r3 | Unix | CONFIGURATION MANAGEMENT |
| CNTR-K8-003330 - The Kubernetes PKI CRT must have file permissions set to 644 or more restrictive. | DISA STIG Kubernetes v2r3 | Unix | CONFIGURATION MANAGEMENT |
| JUEX-NM-000150 - The Juniper EX switch must be configured to produce audit log records containing information to establish the source of events. | DISA Juniper EX Series Network Device Management v2r3 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUEX-NM-000190 - The Juniper EX switch must be configured to protect audit information from unauthorized modification. | DISA Juniper EX Series Network Device Management v2r3 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUEX-NM-000210 - The Juniper EX switch must be configured to protect audit tools from unauthorized access. | DISA Juniper EX Series Network Device Management v2r3 | Juniper | AUDIT AND ACCOUNTABILITY |
| JUEX-NM-000440 - The Juniper EX switch must be configured to record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). | DISA Juniper EX Series Network Device Management v2r3 | Juniper | AUDIT AND ACCOUNTABILITY |
| WN22-00-000200 - Windows Server 2022 accounts must require passwords. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-00-000240 - Windows Server 2022 must have software certificate installation files removed. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000350 - Windows Server 2022 must not have Simple TCP/IP Services installed. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000460 - Windows Server 2022 systems must have Unified Extensible Firmware Interface (UEFI) firmware and be configured to run in UEFI mode, not Legacy BIOS. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-AU-000170 - Windows Server 2022 must be configured to audit Logon/Logoff - Group Membership successes. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-CC-000100 - Windows Server 2022 must be configured to enable Remote host allows delegation of nonexportable credentials. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000110 - Windows Server 2022 virtualization-based security must be enabled with the platform security level configured to Secure Boot or Secure Boot with DMA Protection. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000290 - Windows Server 2022 System event log size must be configured to 32768 KB or greater. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-CC-000330 - Windows Server 2022 File Explorer shell protocol must run in protected mode. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000350 - Windows Server 2022 Remote Desktop Services must prevent drive redirection. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-DC-000340 - Windows Server 2022 Access this computer from the network user right must only be assigned to the Administrators, Authenticated Users, and Enterprise Domain Controllers groups on domain controllers. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL |
| WN22-DC-000360 - Windows Server 2022 Allow log on through Remote Desktop Services user right must only be assigned to the Administrators group on domain controllers. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL |
| WN22-DC-000370 - Windows Server 2022 Deny access to this computer from the network user right on domain controllers must be configured to prevent unauthenticated access. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL |
| WN22-DC-000400 - Windows Server 2022 Deny log on locally user right on domain controllers must be configured to prevent unauthenticated access. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL |
| WN22-MS-000030 - Windows Server 2022 local users on domain-joined member servers must not be enumerated. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-MS-000080 - Windows Server 2022 Deny access to this computer from the network user right on domain-joined member servers must be configured to prevent access from highly privileged domain accounts and local accounts and from unauthenticated access on all systems. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL |
| WN22-SO-000010 - Windows Server 2022 must have the built-in guest account disabled. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-SO-000380 - Windows Server 2022 User Account Control (UAC) approval mode for the built-in Administrator must be enabled. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-SO-000450 - Windows Server 2022 User Account Control (UAC) must virtualize file and registry write failures to per-user locations. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
