| AIOS-18-003300 - Apple iOS/iPadOS 18 must not allow backup to remote systems (iCloud Keychain) - iCloud Keychain. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-18-011300 - Apple iOS/iPadOS 18 must implement the management setting: use SSL for Exchange ActiveSync. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | IDENTIFICATION AND AUTHENTICATION |
| AIOS-18-011400 - Apple iOS/iPadOS 18 must implement the management setting: not allow messages in an ActiveSync Exchange account to be forwarded or moved to other accounts in the Apple iOS/iPadOS 18 Mail app. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | IDENTIFICATION AND AUTHENTICATION |
| AIOS-18-012700 - Apple iOS/iPadOS 18 must disable 'Password AutoFill' in browsers and applications - Password AutoFill in browsers and applications. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-013500 - Apple iOS must implement the management setting: not allow a user to remove Apple iOS configuration profiles that enforce DOD security requirements. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-015000 - Apple iOS/iPadOS 18 must disable app installation from a website. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-015400 - Apple iOS/iPadOS 18 must disable ChatGPT and other external AI app connections in Apple Intelligence. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-015500 - Apple iOS/iPadOS 18 must disable the download of iOS/iPadOS beta updates. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-016000 - Apple iOS/iPadOS 18 must disable the ability of the user to wipe the device. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-017800 - DOD Apple iOS/iPadOS 18 devices must disable FaceTime. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-017900 - DOD Apple iOS/iPadOS 18 devices must disable eSIM transfers. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| OL09-00-000030 - OL 9 must require authentication to access single-user mode. | DISA Oracle Linux 9 STIG v1r2 | Unix | ACCESS CONTROL |
| OL09-00-000041 - OL 9 must be configured to disable the Controller Area Network (CAN) kernel module. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000043 - OL 9 must disable the Stream Control Transmission Protocol (SCTP) kernel module. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000140 - OL 9 must not have the quagga package installed. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000231 - OL 9 must use the invoking user's password for privilege escalation when using sudo. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000320 - OL 9 must have the USBGuard package installed. | DISA Oracle Linux 9 STIG v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-000430 - OL 9 must have the gnutls-utils package installed. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000730 - OL 9 must be configured so that successful/unsuccessful uses of the init command generate an audit record. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000765 - OL 9 audit system must take appropriate action when the audit storage volume is full. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000805 - OL 9 must allow only the information system security manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-001000 - OL 9 must ensure the password complexity module is enabled in the system-auth file. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-001125 - OL 9 must prevent the use of dictionary words for passwords. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002013 - OL 9 must prevent files with the setuid and setgid bit set from being executed on file systems that are imported via Network File System (NFS). | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002072 - OL 9 must prevent code from being executed on file systems that contain user home directories. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002125 - OL 9 must prevent a user from overriding the session lock-delay setting for the graphical user interface. | DISA Oracle Linux 9 STIG v1r2 | Unix | ACCESS CONTROL |
| OL09-00-002128 - OL 9 must prevent a user from overriding the disable-restart-buttons setting for the graphical user interface. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002151 - OL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a graphical user logon. | DISA Oracle Linux 9 STIG v1r2 | Unix | ACCESS CONTROL |
| UBTU-22-232010 - Ubuntu 22.04 LTS must have directories that contain system commands set to a mode of "755" or less permissive. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-232026 - Ubuntu 22.04 LTS must generate error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-22-232027 - Ubuntu 22.04 LTS must generate system journal entries without revealing information that could be exploited by adversaries. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-22-232085 - Ubuntu 22.04 LTS must configure the directories used by the system journal to be group-owned by "systemd-journal". | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-22-232105 - Ubuntu 22.04 LTS must be configured so that the "journalctl" command is group-owned by "root". | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-22-232130 - Ubuntu 22.04 LTS must configure "/var/log/syslog" file to be owned by "syslog". | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-22-251025 - Ubuntu 22.04 LTS must configure the Uncomplicated Firewall (ufw) to rate-limit impacted network interfaces. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-22-251030 - Ubuntu 22.04 LTS must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-255035 - Ubuntu 22.04 LTS must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-22-271010 - Ubuntu 22.04 LTS must enable the graphical user logon banner to display the Standard Mandatory DOD Notice and Consent Banner before granting local access to the system via a graphical user logon. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | ACCESS CONTROL |
| UBTU-22-271015 - Ubuntu 22.04 LTS must display the Standard Mandatory DOD Notice and Consent Banner before granting local access to the system via a graphical user logon. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | ACCESS CONTROL |
| UBTU-22-653075 - Ubuntu 22.04 LTS must permit only authorized groups to own the audit configuration files. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654055 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful attempts to use the kmod command. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654060 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful attempts to use modprobe command. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654065 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the mount command. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654070 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the newgrp command. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654090 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the ssh-agent command. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654105 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the sudo command. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654120 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the unix_update command. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654190 - Ubuntu 22.04 LTS must generate audit records for all events that affect the systemd journal files. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-654200 - Ubuntu 22.04 LTS must generate audit records for the /var/log/wtmp file. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654225 - Ubuntu 22.04 LTS must generate audit records when successful/unsuccessful attempts to modify the /etc/sudoers.d directory occur. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
