| 1.3.1 Ensure 'Enforce user logon restrictions' is set to 'Enabled' (STIG DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 2.4.3 Ensure 'Minimum passcode length' is set to a value of '6' or greater | MobileIron - CIS Apple iPadOS 18 v1.0.0 L1 End User Owned | MDM | IDENTIFICATION AND AUTHENTICATION |
| 2.4.3 Ensure 'Minimum passcode length' is set to a value of '6' or greater | AirWatch - CIS Apple iOS 18 Benchmark v1.0.0 L1 End User Owned | MDM | IDENTIFICATION AND AUTHENTICATION |
| 3.4.3 Ensure 'Minimum passcode length' is set to a value of '6' or greater | AirWatch - CIS Apple iPadOS 18 v1.0.0 L1 Institutionally Owned | MDM | IDENTIFICATION AND AUTHENTICATION |
| 3.4.3 Ensure 'Minimum passcode length' is set to a value of '6' or greater | AirWatch - CIS Apple iOS 18 v1.0.0 L1 Institution Owned | MDM | IDENTIFICATION AND AUTHENTICATION |
| 5.5.1.2 Ensure minimum days between password changes is configured - /etc/login.defs | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 18.10.16.1 Ensure 'Download Mode' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 20.58 Ensure 'Shared user accounts do not exist' (STIG only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| AIOS-15-001000 - Apple iOS/iPadOS 15 must provide the capability for the Administrator (MDM) to perform the following management function: enable/disable VPN protection across the device and [selection: other methods]. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-003600 - Apple iOS/iPadOS 15 must not allow backup to remote systems (managed applications data stored in iCloud). | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-15-004900 - Apple iOS/iPadOS 15 must [selection: wipe protected data, wipe sensitive data] upon unenrollment from MDM. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT, MEDIA PROTECTION |
| AIOS-15-006700 - Apple iOS/iPadOS 15 must be configured to enable a screen-lock policy that will lock the display after a period of inactivity. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | ACCESS CONTROL |
| AIOS-15-006800 - Apple iOS/iPadOS 15 must be configured to lock the display after 15 minutes (or less) of inactivity. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | ACCESS CONTROL |
| AIOS-15-007000 - Apple iOS/iPadOS 15 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DoD-approved commercial app repository, MDM server, mobile application store]. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-007000 - Apple iOS/iPadOS 15 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DoD-approved commercial app repository, MDM server, mobile application store]. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-007200 - Apple iOS/iPadOS 15 must not include applications with the following characteristics: access to Siri when the device is locked. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-007400 - Apple iOS/iPadOS 15 allowlist must be configured to not include applications with the following characteristics: - back up MD data to non-DoD cloud servers (including user and application access to cloud backup services);- transmit MD diagnostic data to non-DoD servers; - allows synchronization of data or applications between devices associated with user; and - allows unencrypted (or encrypted but not FIPS 140-2 validated) data sharing with other MDs or printers. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-007500 - Apple iOS/iPadOS 15 must be configured to not display notifications when the device is locked. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | ACCESS CONTROL |
| AIOS-15-009200 - Apple iOS/iPadOS 15 must be configured to not allow backup of [all applications, configuration data] to locally connected systems. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-15-009800 - Apple iOS/iPadOS 15 must be configured to disable multiuser modes. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-15-009800 - Apple iOS/iPadOS 15 must be configured to disable multiuser modes. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AIOS-15-010200 - Apple iOS/iPadOS 15 must be configured to disable ad hoc wireless client-to-client connection capability. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-15-010200 - Apple iOS/iPadOS 15 must be configured to disable ad hoc wireless client-to-client connection capability. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-15-010700 - Apple iOS/iPadOS 15 must implement the management setting: Encrypt iTunes backups/Encrypt local backup. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-010800 - Apple iOS/iPadOS 15 must implement the management setting: not allow use of Handoff. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-011000 - Apple iOS/iPadOS 15 must implement the management setting: Disable Allow MailDrop. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-011000 - Apple iOS/iPadOS 15 must implement the management setting: Disable Allow MailDrop. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-011100 - Apple iOS/iPadOS 15 must implement the management setting: Disable Allow Shared Albums. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-011100 - Apple iOS/iPadOS 15 must implement the management setting: Disable Allow Shared Albums. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-012200 - Apple iOS/iPadOS 15 must implement the management setting: enable USB Restricted Mode. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-012300 - Apple iOS/iPadOS 15 must not allow managed apps to write contacts to unmanaged contacts accounts. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-012500 - Apple iOS/iPadOS 15 must implement the management setting: disable AirDrop. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-012700 - Apple iOS/iPadOS 15 must disable Password AutoFill in browsers and applications. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-012900 - Apple iOS/iPadOS 15 must disable password proximity requests. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-013000 - Apple iOS/iPadOS 15 must disable password sharing. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-013000 - Apple iOS/iPadOS 15 must disable password sharing. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-013100 - Apple iOS/iPadOS 15 must disable Find My Friends in the Find My app. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-013300 - Apple iOS/iPadOS 15 must disable 'Allow USB drive access in Files app' if the Authorizing Official (AO) has not approved the use of DoD-approved USB storage drives with iOS/iPadOS devices - Allow USB drive access in Files app if the Authorizing Official (AO) has not approved the use of DoD-approved USB storage drives with iOS/iPadOS | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-013300 - Apple iOS/iPadOS 15 must disable 'Allow USB drive access in Files app' if the Authorizing Official (AO) has not approved the use of DoD-approved USB storage drives with iOS/iPadOS devices - Allow USB drive access in Files app if the Authorizing Official (AO) has not approved the use of DoD-approved USB storage drives with iOS/iPadOS devices. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-014300 - Apple iOS/iPadOS 15 must disable 'Allow network drive access in Files access' - Allow network drive access in Files access. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-014500 - Apple iOS/iPadOS 15 must disable connections to Siri servers for the purpose of translation. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| CIS_CentOS_6_v3.0.0_Server_L1.audit from CIS CentOS Linux 6 Benchmark v3.0.0 | CIS CentOS 6 Server L1 v3.0.0 | Unix | |
| SHPT-00-000600 - SharePoint managed service accounts must be set to enable automatic password change. | DISA STIG SharePoint 2010 v1r9 | Windows | IDENTIFICATION AND AUTHENTICATION |
| VMCH-06-000009 - The unexposed feature keyword isolation.tools.ghi.autologon.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000013 - The unexposed feature keyword isolation.tools.memSchedFakeSampleStats.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000016 - The unexposed feature keyword isolation.tools.dispTopoRequest.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000020 - The unexposed feature keyword isolation.tools.unityInterlockOperation.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000024 - The unexposed feature keyword isolation.tools.unity.windowContents.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000029 - The system must disconnect unauthorized CD/DVD devices. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000031 - The system must disconnect unauthorized serial devices. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
