| 3.10 Ensure global .NET trust level is configured | CIS IIS 8.0 v1.5.1 Level 1 | Windows | ACCESS CONTROL |
| 3.10 Ensure global .NET trust level is configured - Applications | CIS IIS 7 L1 v1.8.0 | Windows | ACCESS CONTROL |
| 3.10 Ensure global .NET trust level is configured - Default | CIS IIS 7 L1 v1.8.0 | Windows | ACCESS CONTROL |
| 7.2 Ensure a Valid Trusted Certificate Is Installed | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure a Valid Trusted Certificate Is Installed | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure a Valid Trusted Certificate Is Installed | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7.2 Ensure a Valid Trusted Certificate Is Installed | CIS Apache HTTP Server 2.4 v2.2.0 L1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-W1-000720 - The Apache web server must not impede the ability to write specified log record content to an audit log server. | DISA STIG Apache Server 2.4 Windows Server v3r3 | Windows | AUDIT AND ACCOUNTABILITY |
| DISA_STIG_Microsoft_OneDrive_v2r3.audit from DISA Microsoft OneDrive v2r3 STIG | DISA STIG Microsoft OneDrive v2r3 | Windows | |
| DISA_STIG_Oracle_Database_11.2g_v2r5_OS_Windows.audit from DISA Oracle Database 11.2g v2r5 STIG | DISA STIG Oracle 11.2g v2r5 Windows | Windows | |
| DISA_STIG_SLES_12_v3r2.audit from DISA SLES 12 v3r2 STIG | DISA SLES 12 STIG v3r2 | Unix | |
| EX13-CA-000150 - Exchange OWA must use https - External | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-30-000014 - The Photon operating system audit log must log space limit problems to syslog. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000021 - The Photon operating system must enforce password complexity by requiring that at least one uppercase character be used. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000023 - The Photon operating system must enforce password complexity by requiring that at least one numeric character be used. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000025 - The Photon operating system must store only encrypted representations of passwords. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000031 - The Photon operating system must require authentication upon booting into single-user and maintenance modes. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | ACCESS CONTROL |
| PHTN-30-000033 - The Photon operating system must not have duplicate User IDs (UIDs). | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-30-000036 - The Photon operating system must use Transmission Control Protocol (TCP) syncookies. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-30-000037 - The Photon operating system must configure sshd to disconnect idle Secure Shell (SSH) sessions. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-30-000042 - The Photon operating system must audit all account modifications. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | ACCESS CONTROL |
| PHTN-30-000043 - The Photon operating system must audit all account modifications. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | ACCESS CONTROL |
| PHTN-30-000045 - The Photon operating system must audit all account removal actions. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | ACCESS CONTROL |
| PHTN-30-000048 - The Photon operating system must protect audit tools from unauthorized modification and deletion. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000055 - The Photon operating system must configure auditd to keep five rotated log files. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000061 - The Photon operating system YUM repository must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000067 - The Photon operating system must generate audit records when the sudo command is used. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-30-000074 - The Photon operating system must ensure audit events are flushed to disk at proper intervals. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000079 - The Photon operating system must configure sshd to disable environment processing. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000085 - The Photon operating system must configure sshd to display the last login immediately after authentication. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000086 - The Photon operating system must configure sshd to ignore user-specific trusted hosts lists. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000090 - The Photon operating system must be configured so the '/etc/skel' default scripts are protected from unauthorized modification. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000091 - The Photon operating system must be configured so the '/root' path is protected from unauthorized access. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000098 - The Photon operating system must not forward IPv4 or IPv6 source-routed packets. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000113 - The Photon operating system must protect all 'sysctl' configuration files from unauthorized access. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000240 - The Photon operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, generate cryptographic hashes, and protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-30-000245 - The Photon operating system must disable systemd fallback Domain Name System (DNS). | DISA STIG VMware vSphere 7.0 Photon OS v1r4 | Unix | CONFIGURATION MANAGEMENT |
| SHPT-00-000760 - SharePoint must implement security functions as largely independent modules to avoid unnecessary interactions between modules - No Applications assigned to Default App Pool | DISA STIG SharePoint 2010 v1r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SYMP-AG-000140 - Symantec ProxySG providing user access control intermediary services must generate audit records when successful/unsuccessful attempts to access web resources occur. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | AUDIT AND ACCOUNTABILITY |
| VMCH-65-000029 - Unauthorized CD/DVD devices must be disconnected on the virtual machine. | DISA STIG VMware vSphere Virtual Machine 6.5 v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000008 - Unauthorized floppy devices must be disconnected on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000009 - Unauthorized CD/DVD devices must be disconnected on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000010 - Unauthorized parallel devices must be disconnected on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000019 - Access to virtual machines (VMs) through the 'dvfilter' network Application Programming Interface (API) must be controlled. | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000023 - All 3D features on the virtual machine (VM) must be disabled when not required. | DISA STIG VMware vSphere 7.0 Virtual Machine v1r4 | VMware | CONFIGURATION MANAGEMENT |
| WBLC-02-000099 - Oracle WebLogic must protect audit tools from unauthorized modification. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000099 - Oracle WebLogic must protect audit tools from unauthorized modification. | Oracle WebLogic Server 12c Windows v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000099 - Oracle WebLogic must protect audit tools from unauthorized modification. | Oracle WebLogic Server 12c Linux v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| WG355 A22 - A private web server's list of CAs in a trust hierarchy must lead to an authorized DoD PKI Root CA. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | |
| WG355 A22 - A private web server's list of CAs in a trust hierarchy must lead to an authorized DoD PKI Root CA. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | |
