| 1.1.4 - AirWatch - Set Auto-lock - 'Inactivity Timeout <= 2' | AirWatch - CIS Apple iOS 9 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 1.1.4 - MobileIron - Set Auto-lock - 'Inactivity Timeout <= 2' | MobileIron - CIS Apple iOS 9 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 2.2.11 Ensure IMAP and POP3 server is not enabled | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 2.2.11 Ensure IMAP and POP3 server is not enabled | CIS SUSE Linux Enterprise Server 11 L1 v2.1.1 | Unix | CONFIGURATION MANAGEMENT |
| 4.1.8 Ensure login and logout events are collected - /var/log/faillog | CIS Aliyun Linux 2 L2 v1.0.0 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 5.2.2 Ensure SSH Protocol is set to 2 | CIS Aliyun Linux 2 L1 v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.2.2 Ensure SSH Protocol is set to 2 | CIS Ubuntu Linux 14.04 LTS Workstation L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 5.2.4 Ensure SSH Protocol is set to 2 | CIS Distribution Independent Linux Workstation L1 v2.0.0 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.3.4 Ensure SSH Protocol is set to 2 | CIS Ubuntu Linux 16.04 LTS Workstation L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 6.11 Ensure IMAP and POP server is not enabled | CIS Ubuntu 12.04 LTS Benchmark L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.1.1 Enable cron Daemon - cron run level 2 | CIS Debian Linux 7 L1 v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| AS24-W1-000250 - The Apache web server must only contain services and functions necessary for operation - httpd-manual package | DISA STIG Apache Server 2.4 Windows Server v3r3 | Windows | CONFIGURATION MANAGEMENT |
| AS24-W1-000250 - The Apache web server must only contain services and functions necessary for operation - SetHandler server-status | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | CONFIGURATION MANAGEMENT |
| Brocade - sequential characters must be set to 2 | Tenable Best Practices Brocade FabricOS | Brocade | IDENTIFICATION AND AUTHENTICATION |
| DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - SMTP recipients | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTAVSEL-205 - A notification mechanism or process must be in place to notify Administrators of out of date DAT, detected malware and error codes - trojansAlert | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-10-000550 - RHEL 10 must use a separate file system for "/var". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-000560 - RHEL 10 must use a separate file system for "/var/log". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-200020 - RHEL 10 must not have the "telnet-server" package installed. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-200540 - RHEL 10 must have the "chrony" package installed. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-10-200542 - RHEL 10 must disable the chrony daemon from acting as a server. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-200602 - RHEL 10 must be configured to employ a deny-all, permit-by-exception policy to allow the execution of authorized software programs. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-200642 - RHEL 10 must be configured to forward audit records via Transmission Control Protocol (TCP) to a different system or media from the system being audited via rsyslog. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-10-200644 - RHEL 10 must authenticate the remote logging server for off-loading audit logs via "rsyslog". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-10-200648 - RHEL 10 must use cron logging. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-10-200692 - RHEL 10 must be configured to prevent unrestricted mail relaying. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-200700 - RHEL 10 must have the "cronie" package installed. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-10-300030 - RHEL 10 must be configured so that Secure Shell (SSH) clients use only DOD-approved encryption ciphers employing FIPS 140-3-validated cryptographic hash algorithms to protect the confidentiality of SSH client connections. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-300040 - RHEL 10 must be configured so that Secure Shell (SSH) servers use only DOD-approved encryption ciphers employing FIPS 140-3-validated cryptographic hash algorithms to protect the confidentiality of SSH server connections. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL, MAINTENANCE |
| RHEL-10-400005 - RHEL 10 must be configured so that the "/etc/group" file is group-owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400015 - RHEL 10 must be configured so that the "/etc/group-" file is group-owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400020 - RHEL 10 must be configured so that the "/etc/gshadow" file is owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400030 - RHEL 10 must be configured so that the "/etc/gshadow-" file is owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400065 - RHEL 10 must be configured so that the "/etc/shadow" file is group-owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400080 - RHEL 10 must be configured so that the "/var/log" directory is owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-10-400140 - RHEL 10 must be configured so that world-writable directories are owned by root, sys, bin, or an application user. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-10-400155 - RHEL 10 must be configured so that the Secure Shell (SSH) server configuration file is owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400165 - RHEL 10 must enforce group ownership of audit logs by "root" or by a restricted logging group to prevent unauthorized read access. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-10-400170 - RHEL 10 must enforce "root" ownership of the audit log directory to prevent unauthorized read access. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-10-400190 - RHEL 10 must enforce the audit log directory to have a mode of "0750" or less permissive to prevent unauthorized read access. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-10-400240 - RHEL 10 must enforce mode "0750" or less permissive for local interactive user home directories. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400260 - RHEL 10 must enforce mode "0000" or less permissive for the "/etc/gshadow-" file to prevent unauthorized access. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400265 - RHEL 10 must enforce mode "0644" or less permissive for the "/etc/passwd" file to prevent unauthorized access. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400275 - RHEL 10 must enforce mode "0000" or less permissive for "/etc/shadow-" file to prevent unauthorized access. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400305 - RHEL 10 must be configured so that audit tools are group-owned by "root". | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-10-400315 - RHEL 10 must define default permissions for the bash shell. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400330 - RHEL 10 must define default permissions for the system default profile. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-400340 - RHEL 10 must enforce mode "0600" or less permissive for Secure Shell (SSH) private host key files. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| RHEL-10-500015 - RHEL 10 must write audit records to disk. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| Word 2 and earlier binary documents and templates | MSCT Microsoft 365 Apps for Enterprise 2206 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
