| 5.5.1.2 Ensure minimum days between password changes is configured - /etc/login.defs | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.5.1.2 Ensure minimum days between password changes is configured - /etc/login.defs | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Workstation | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 5.5.1.2 Ensure minimum days between password changes is configured - /etc/shadow | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 L1 Server | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 18.10.16.1 Ensure 'Download Mode' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | RISK ASSESSMENT, SYSTEM AND INFORMATION INTEGRITY |
| 20.57 Ensure 'Server Message Block (SMB) v1 protocol must not be installed' | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | CONFIGURATION MANAGEMENT |
| ESXI-06-000011 - The SSH daemon must be configured to use only the SSHv2 protocol. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | ACCESS CONTROL |
| ESXI-06-000012 - The SSH daemon must ignore .rhosts files. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ESXI-06-000013 - The SSH daemon must not allow host-based authentication. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-06-000014 - The SSH daemon must not permit root logins. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-06-000016 - The SSH daemon must not permit user environment settings. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-06-000018 - The SSH daemon must not permit GSSAPI authentication. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-06-000019 - The SSH daemon must not permit Kerberos authentication. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-06-000020 - The SSH daemon must perform strict mode checking of home directory configuration files. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-06-000022 - The SSH daemon must be configured to not allow gateway ports. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-06-000023 - The SSH daemon must be configured to not allow X11 forwarding. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-06-000024 - The SSH daemon must not accept environment variables from the client. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-06-000026 - The SSH daemon must set a timeout count on idle sessions. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-06-000027 - The SSH daemon must set a timeout interval on idle sessions. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-06-000028 - The SSH daemon must limit connections to a single session. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-06-000044 - The system must enable kernel core dumps. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-06-000047 - The Image Profile and VIB Acceptance Levels must be verified. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-06-000056 - The system must configure the firewall to restrict access to services running on the host. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-06-100010 - The SSH daemon must be configured to only use FIPS 140-2 approved ciphers. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-06-200047 - The VMM must implement cryptographic mechanisms to prevent unauthorized modification of all information at rest on all VMM components by verifying Image Profile and VIP Acceptance Levels. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Limits print driver installation to Administrators | MSCT Windows Server 2022 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| SHPT-00-000760 - SharePoint must implement security functions as largely independent modules to avoid unnecessary interactions between modules - Central Administration is a separate App Pool | DISA STIG SharePoint 2010 v1r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| SHPT-00-000760 - SharePoint must implement security functions as largely independent modules to avoid unnecessary interactions between modules - Internet & Extranet assigned to diff App Pools | DISA STIG SharePoint 2010 v1r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCFL-67-000014 - vSphere Client must have mappings set for Java servlet pages. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VMCH-06-000002 - The system must explicitly disable drag and drop operations. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000004 - The system must explicitly disable paste operations. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000009 - The unexposed feature keyword isolation.tools.ghi.autologon.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000013 - The unexposed feature keyword isolation.tools.memSchedFakeSampleStats.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000016 - The unexposed feature keyword isolation.tools.dispTopoRequest.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000018 - The unexposed feature keyword isolation.tools.ghi.trayicon.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000019 - The unexposed feature keyword isolation.tools.unity.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000020 - The unexposed feature keyword isolation.tools.unityInterlockOperation.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000022 - The unexposed feature keyword isolation.tools.unity.taskbar.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000023 - The unexposed feature keyword isolation.tools.unityActive.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000024 - The unexposed feature keyword isolation.tools.unity.windowContents.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000025 - The unexposed feature keyword isolation.tools.vmxDnDVersionGet.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000026 - The unexposed feature keyword isolation.tools.guestDnDVersionSet.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000029 - The system must disconnect unauthorized CD/DVD devices. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000031 - The system must disconnect unauthorized serial devices. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000034 - The system must disable console access through the VNC protocol. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000037 - The system must prevent unauthorized removal, connection and modification of devices. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000038 - The system must prevent unauthorized removal, connection and modification of devices. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| WA000-WI6040 IIS6 - A unique non-privileged account must be used to run Worker Process Identities. - 'AppPoolIdentityType = 3 - WAMUserName' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | ACCESS CONTROL |
| WG610 W22 - Web sites must utilize ports, protocols, and services according to PPSM guidelines. | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | |
| WNDF-AV-000040 - Microsoft Defender AV must be configured for automatic remediation action to be taken for threat alert level High - Enabled | DISA STIG Microsoft Defender Antivirus v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WNDF-AV-000041 - Microsoft Defender AV must be configured for automatic remediation action to be taken for threat alert level Medium - 2>2 | DISA STIG Microsoft Defender Antivirus v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
