| 1.3 APPL-14-000003 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.17 APPL-14-000052 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.18 APPL-14-000053 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.22 APPL-14-000070 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.62 APPL-14-002006 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.122 APPL-14-003013 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | CONFIGURATION MANAGEMENT |
| 1.141 APPL-14-005050 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-006290 - AlmaLinux OS 9 must require a boot loader password. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | ACCESS CONTROL |
| ALMA-09-006400 - AlmaLinux OS 9 must require a unique superuser's name upon booting into single-user and maintenance modes. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | ACCESS CONTROL |
| ALMA-09-007830 - AlmaLinux OS 9 must configure the use of the pam_faillock.so module in the /etc/pam.d/system-auth file. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | ACCESS CONTROL |
| ALMA-09-011570 - AlmaLinux OS 9 must disable core dump backtraces. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-011790 - AlmaLinux OS 9 cron configuration files directory must be group-owned by root. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-012120 - AlmaLinux OS 9 /etc/crontab file must have mode 0600. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-012450 - All AlmaLinux OS 9 local files and directories must have a valid group owner. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| ALMA-09-012670 - AlmaLinux OS 9 /etc/group- file must be group owned by root. | DISA CloudLinux AlmaLinux OS 9 STIG v1r3 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-000765 - OL 9 audit system must take appropriate action when the audit storage volume is full. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-000805 - OL 9 must allow only the information system security manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-001000 - OL 9 must ensure the password complexity module is enabled in the system-auth file. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-001125 - OL 9 must prevent the use of dictionary words for passwords. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002013 - OL 9 must prevent files with the setuid and setgid bit set from being executed on file systems that are imported via Network File System (NFS). | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002072 - OL 9 must prevent code from being executed on file systems that contain user home directories. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002125 - OL 9 must prevent a user from overriding the session lock-delay setting for the graphical user interface. | DISA Oracle Linux 9 STIG v1r2 | Unix | ACCESS CONTROL |
| OL09-00-002128 - OL 9 must prevent a user from overriding the disable-restart-buttons setting for the graphical user interface. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002151 - OL 9 must display the Standard Mandatory DOD Notice and Consent Banner before granting local or remote access to the system via a graphical user logon. | DISA Oracle Linux 9 STIG v1r2 | Unix | ACCESS CONTROL |
| OL09-00-002383 - OL 9 must disable core dumps for all users. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002392 - OL 9 must disable the ability of systemd to spawn an interactive boot process. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002405 - OL 9 must have mail aliases to notify the information system security officer (ISSO) and system administrator (SA) (at a minimum) in the event of an audit processing failure. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-002410 - OL 9 must restrict usage of ptrace to descendant processes. | DISA Oracle Linux 9 STIG v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL09-00-002422 - OL 9 must implement nonexecutable data to protect its memory from unauthorized code execution. | DISA Oracle Linux 9 STIG v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OL09-00-002425 - OL 9 must be configured to prevent unrestricted mail relaying. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002427 - OL 9 must be configured so that local initialization files do not execute world-writable programs. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002429 - OL 9 must prevent system daemons from using Kerberos for authentication. | DISA Oracle Linux 9 STIG v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-002430 - OL 9 must enable hardening for the Berkeley Packet Filter (BPF) just-in-time compiler. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002501 - OL 9 must not have unauthorized accounts. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002503 - OL 9 SSH public host key files must have mode 0644 or less permissive. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002509 - OL 9 SSH server configuration file must have mode 0600 or less permissive. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002511 - OL 9 local files and directories must have a valid group owner. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002530 - OL 9 /boot/grub2/grub.cfg file must be group-owned by root. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002535 - OL 9 /etc/group- file must be owned by root. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002539 - OL 9 /etc/gshadow- file must be group-owned by root. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002555 - OL 9 /etc/shadow file must have mode 0000 to prevent unauthorized access. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002560 - OL 9 /var/log directory must be group-owned by root. | DISA Oracle Linux 9 STIG v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OL09-00-002570 - OL 9 audit tools must be group-owned by root. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| OL09-00-002582 - OL 9 cron configuration files directory must be owned by root. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-003012 - OL 9 must configure the use of the pam_faillock.so module in the /etc/pam.d/password-auth file. | DISA Oracle Linux 9 STIG v1r2 | Unix | ACCESS CONTROL |
| OL09-00-003070 - OL 9 must enforce a delay of at least four seconds between logon prompts following a failed logon attempt. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-006026 - OL 9 must not forward IPv4 source-routed packets by default. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-006028 - OL 9 must not enable IPv4 packet forwarding unless the system is a router. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-006033 - OL 9 must not allow interfaces to perform Internet Control Message Protocol (ICMP) redirects by default. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-006044 - OL 9 must not accept router advertisements on all IPv6 interfaces by default. | DISA Oracle Linux 9 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
