| 6.2.2.14 Ensure the operating system encrypts audit records off-loaded onto a different system or media from the system being audited | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY |
| 6.3.2.3 Ensure system is disabled when audit logs are full | CIS Red Hat Enterprise Linux 8 STIG v2.0.0 L2 Server | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-15-000003 - The macOS system must enforce session lock no more than five seconds after screen saver is started. | DISA Apple macOS 15 Sequoia STIG v1r7 | Unix | ACCESS CONTROL |
| APPL-15-000051 - The macOS system must configure SSHD ClientAliveInterval to 900. | DISA Apple macOS 15 Sequoia STIG v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-000052 - The macOS system must configure SSHD ClientAliveCountMax to 1. | DISA Apple macOS 15 Sequoia STIG v1r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-002004 - The macOS system must disable Location Services. | DISA Apple macOS 15 Sequoia STIG v1r7 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002012 - The macOS system must disable the iCloud Calendar services. | DISA Apple macOS 15 Sequoia STIG v1r7 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002037 - The macOS system must disable iCloud storage setup during Setup Assistant. | DISA Apple macOS 15 Sequoia STIG v1r7 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002041 - The macOS system must disable iCloud Document Sync. | DISA Apple macOS 15 Sequoia STIG v1r7 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002053 - The macOS system must disable the system settings pane for Siri. | DISA Apple macOS 15 Sequoia STIG v1r7 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002090 - The macOS system must disable TouchID for unlocking the device. | DISA Apple macOS 15 Sequoia STIG v1r7 | Unix | ACCESS CONTROL |
| APPL-15-002100 - The macOS system must disable Media Sharing. | DISA Apple macOS 15 Sequoia STIG v1r7 | Unix | ACCESS CONTROL |
| APPL-15-002260 - The macOS system must disable the Bluetooth System Settings pane. | DISA Apple macOS 15 Sequoia STIG v1r7 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-002270 - The macOS system must disable the iCloud Freeform services. | DISA Apple macOS 15 Sequoia STIG v1r7 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-005120 - The macOS system must enable Recovery Lock. | DISA Apple macOS 15 Sequoia STIG v1r7 | Unix | CONFIGURATION MANAGEMENT |
| APPL-26-000003 - The macOS system must enforce session lock no more than five seconds after screen saver is started. | DISA Apple macOS 26 Tahoe STIG v1r2 | Unix | ACCESS CONTROL |
| APPL-26-002003 - The macOS system must disable Network File System (NFS) service. | DISA Apple macOS 26 Tahoe STIG v1r2 | Unix | ACCESS CONTROL |
| APPL-26-002017 - The macOS system must disable the camera. | DISA Apple macOS 26 Tahoe STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| APPL-26-002036 - The macOS system must disable Privacy Setup services during Setup Assistant. | DISA Apple macOS 26 Tahoe STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| APPL-26-002160 - The macOS system must disable iCloud Game Center. | DISA Apple macOS 26 Tahoe STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| APPL-26-005050 - The macOS system must enable macOS Application Firewall. | DISA Apple macOS 26 Tahoe STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| APPL-26-005054 - The macOS system must disable the TouchID prompt during Setup Assistant. | DISA Apple macOS 26 Tahoe STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| Configuring an automatic logout for idle sessions - Console Sessions | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Overview of Appliance mode | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| PHTN-40-000004 - The Photon operating system must enforce the limit of three consecutive invalid logon attempts by a user during a 15-minute time period. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL |
| PHTN-40-000186 - The Photon operating system must ensure audit events are flushed to disk at proper intervals. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000194 - The Photon operating system must audit logon attempts for unknown users. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL |
| PHTN-40-000195 - The Photon operating system must include root when automatically locking an account until the locked account is released by an administrator when three unsuccessful logon attempts occur during a 15-minute time period. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL |
| PHTN-40-000203 - The Photon operating system must terminate idle Secure Shell (SSH) sessions. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-40-000206 - The Photon operating system must enforce a delay of at least four seconds between logon prompts following a failed logon attempt. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000212 - The Photon operating system must configure Secure Shell (SSH) to disable X11 forwarding. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000219 - The Photon operating system must configure Secure Shell (SSH) to limit the number of allowed login attempts per connection. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000221 - The Photon operating system must configure Secure Shell (SSH) to restrict LoginGraceTime. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000226 - The Photon operating system must prevent IPv4 Internet Control Message Protocol (ICMP) secure redirect messages from being accepted. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000227 - The Photon operating system must not send IPv4 Internet Control Message Protocol (ICMP) redirects. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000229 - The Photon operating system must use a reverse-path filter for IPv4 network traffic. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000231 - The Photon operating system must not perform IPv4 packet forwarding. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000233 - The Photon operating system must be configured to protect the Secure Shell (SSH) public host key from unauthorized modification. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-40-000246 - The Photon operating system must restrict core dumps. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| Unable to limit Configuration utility access to clients using only TLSv1.1 or TLSv1.2 | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| VCST-80-000005 The vCenter STS service cookies must have secure flag set. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | ACCESS CONTROL |
| VCST-80-000036 The vCenter STS service must disable stack tracing. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCST-80-000037 The vCenter STS service must be configured to use a specified IP address and port. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCST-80-000062 The vCenter STS service must be configured to fail to a known safe state if system initialization fails. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCST-80-000065 The vCenter STS service must set URIEncoding to UTF-8. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCUI-80-000125 The vCenter UI service must limit the amount of time that each Transmission Control Protocol (TCP) connection is kept alive. | DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1 | Unix | ACCESS CONTROL |
| VCUI-80-000127 The vCenter UI service must configure the 'setCharacterEncodingFilter' filter. | DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCUI-80-000139 The vCenter UI service must have Autodeploy disabled. | DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCUI-80-000140 The vCenter UI service xpoweredBy attribute must be disabled. | DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCUI-80-000155 The vCenter UI service host-manager webapp must be removed. | DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
