| 2.2.2 Ensure X Window System is not installed | CIS Distribution Independent Linux Server L1 v2.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 8.3.1 Set 'Java permissions' to 'Enabled:Disable Java' | CIS IE 11 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 8.9.1 Set 'Java permissions' to 'Enabled:Disable Java' | CIS IE 11 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 20.69 Ensure 'US DoD CCEB Interoperability Root CA cross-certificates' are installed in the 'Untrusted Certificates Store' on unclassified systems | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DISA_Microsoft_Exchange_2019_Edge_Server_STIG_v2r2.audit from DISA Microsoft Exchange 2019 Edge Server v2r2 STIG | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | |
| DISA_Red_Hat_Enterprise_Linux_9_STIG_v2r4.audit from DISA Red Hat Enterprise Linux 9 STIG v2r4 | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | |
| DISA_STIG_Apache_Server-2.4_Unix_v3r1_Middleware.audit from DISA Apache Server 2.4 UNIX Server v3r1 STIG | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | |
| DISA_STIG_Apache_Site-2.4_Unix_v2r4_Middleware.audit from DISA Apache Server 2.4 UNIX Site v2r4 STIG | DISA STIG Apache Server 2.4 Unix Site v2r4 Middleware | Unix | |
| DISA_STIG_Apple_macOS_11_v1r5.audit from DISA Apple macOS 11 (Big Sur) v1r5 STIG | DISA STIG Apple macOS 11 v1r5 | Unix | |
| DISA_STIG_Apple_macOS_11_v1r8.audit from DISA Apple macOS 11 (Big Sur) v1r8 STIG | DISA STIG Apple macOS 11 v1r8 | Unix | |
| DISA_STIG_Apple_OS_X_10.15_v1r10.audit from DISA Apple OS X 10.15 (Catalina) v1r10 STIG | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | |
| DISA_STIG_Cisco_IOS_XE_Router_NDM_v3r2.audit from DISA Cisco IOS XE Router NDM v3r2 STIG | DISA STIG Cisco IOS XE Router NDM v3r2 | Cisco | |
| DISA_STIG_Cisco_IOS_XE_Switch_NDM_v3r2.audit from DISA Cisco IOS XE Switch NDM v3r2 STIG | DISA STIG Cisco IOS XE Switch NDM v3r2 | Cisco | |
| DISA_STIG_McAfee_VirusScan_8.8_Local_Client_v6r1.audit from DISA McAfee VirusScan 8.8 Local Client v6r1 STIG | DISA McAfee VirusScan 8.8 Local Client STIG v6r1 | Windows | |
| DISA_STIG_Microsoft_Exchange_2013_Mailbox_Server_v2r3.audit from DISA Microsoft Exchange 2013 Mailbox Server v2r3 STIG | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DISA_STIG_Microsoft_Exchange_2016_Mailbox_Server_v2r6.audit from DISA Microsoft Exchange 2016 Mailbox Server v2r6 STIG | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DISA_STIG_Microsoft_Skype_Business_2016_v1r1.audit from DISA STIG Microsoft Skype for Business 2016 v1r1 | DISA STIG Microsoft Skype for Business 2016 v1r1 | Windows | |
| DISA_STIG_RHEL_5_v1r18.audit from DISA Red Hat Enterprise Linux 5 STIG v1r18 | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | |
| DISA_STIG_VMware_vSphere_6.7_UI_Tomcat_v1r3.audit from DISA VMware vSphere 6.7 UI Tomcat v1r3 STIG | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | |
| JRE8-WN-000080 - Oracle JRE 8 must disable the dialog enabling users to grant permissions to execute signed content from an untrusted authority - deployment.security.askgrantdialog.notinca | DISA STIG Oracle JRE 8 Windows v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-WN-000090 - Oracle JRE 8 must lock the dialog enabling users to grant permissions to execute signed content from an untrusted authority - deployment.security.askgrantdialog.show | DISA STIG Oracle JRE 8 Windows v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-WN-000100 - Oracle JRE 8 must set the option to enable online certificate validation - deployment.security.validation.ocsp.locked | DISA STIG Oracle JRE 8 Windows v2r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| JRE8-WN-000110 - Oracle JRE 8 must prevent the download of prohibited mobile code - deployment.security.blacklist.check | DISA STIG Oracle JRE 8 Windows v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-WN-000110 - Oracle JRE 8 must prevent the download of prohibited mobile code - deployment.security.blacklist.check.locked | DISA STIG Oracle JRE 8 Windows v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-WN-000170 - Oracle JRE 8 must prompt the user for action prior to executing mobile code - deployment.insecure.jres | DISA STIG Oracle JRE 8 Windows v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-WN-000170 - Oracle JRE 8 must prompt the user for action prior to executing mobile code - deployment.insecure.jres.locked | DISA STIG Oracle JRE 8 Windows v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| KNOX-07-000100 - The Samsung Android 7 with Knox must be configured to enforce a minimum password length of six characters. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| KNOX-07-000100 - The Samsung Android 7 with Knox must be configured to enforce a minimum password length of six characters. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| WBLC-01-000009 - Oracle WebLogic must utilize cryptography to protect the confidentiality of remote access management sessions - SSL Listen Port | Oracle WebLogic Server 12c Windows v2r2 | Windows | ACCESS CONTROL |
| WBLC-01-000009 - Oracle WebLogic must utilize cryptography to protect the confidentiality of remote access management sessions - Unsecure Listen Port | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | ACCESS CONTROL |
| WBLC-01-000009 - Oracle WebLogic must utilize cryptography to protect the confidentiality of remote access management sessions - Unsecure Listen Port | Oracle WebLogic Server 12c Windows v2r2 | Windows | ACCESS CONTROL |
| WBLC-01-000009 - Oracle WebLogic must utilize cryptography to protect the confidentiality of remote access management sessions - Unsecure Listen Port | Oracle WebLogic Server 12c Linux v2r2 | Unix | ACCESS CONTROL |
| WBLC-01-000010 - Oracle WebLogic must use cryptography to protect the integrity of the remote access session - SSL Listen Port | Oracle WebLogic Server 12c Linux v2r2 | Unix | ACCESS CONTROL |
| WBLC-05-000172 - Oracle WebLogic, when utilizing PKI-based authentication, must validate certificates by constructing a certification path with status information to an accepted trust anchor - Secure Listen Port | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000172 - Oracle WebLogic, when utilizing PKI-based authentication, must validate certificates by constructing a certification path with status information to an accepted trust anchor - Secure Listen Port | Oracle WebLogic Server 12c Linux v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000172 - Oracle WebLogic, when utilizing PKI-based authentication, must validate certificates by constructing a certification path with status information to an accepted trust anchor - Unsecure Listen Port | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-06-000190 - Oracle WebLogic must employ cryptographic encryption to protect the integrity and confidentiality of nonlocal maintenance and diagnostic communications - Listen Port | Oracle WebLogic Server 12c Windows v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-06-000190 - Oracle WebLogic must employ cryptographic encryption to protect the integrity and confidentiality of nonlocal maintenance and diagnostic communications - Listen Port | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-06-000190 - Oracle WebLogic must employ cryptographic encryption to protect the integrity and confidentiality of nonlocal maintenance and diagnostic communications - SSL Listen Port | Oracle WebLogic Server 12c Windows v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-06-000190 - Oracle WebLogic must employ cryptographic encryption to protect the integrity and confidentiality of nonlocal maintenance and diagnostic communications - SSL Listen Port | Oracle WebLogic Server 12c Linux v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-06-000191 - Oracle WebLogic must employ strong identification and authentication techniques when establishing nonlocal maintenance and diagnostic sessions - Listen Port | Oracle WebLogic Server 12c Linux v2r2 | Unix | MAINTENANCE |
| WBLC-06-000191 - Oracle WebLogic must employ strong identification and authentication techniques when establishing nonlocal maintenance and diagnostic sessions - Listen Port | Oracle WebLogic Server 12c Windows v2r2 | Windows | MAINTENANCE |
| WBLC-06-000191 - Oracle WebLogic must employ strong identification and authentication techniques when establishing nonlocal maintenance and diagnostic sessions - Listen Port | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | MAINTENANCE |
| WBLC-06-000191 - Oracle WebLogic must employ strong identification and authentication techniques when establishing nonlocal maintenance and diagnostic sessions - SSL Listen Port | Oracle WebLogic Server 12c Linux v2r2 | Unix | MAINTENANCE |
| WBLC-06-000191 - Oracle WebLogic must employ strong identification and authentication techniques when establishing nonlocal maintenance and diagnostic sessions - SSL Listen Port | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | MAINTENANCE |
| WBLC-08-000211 - Oracle WebLogic must establish a trusted communications path between the user and organization-defined security functions within the information system - Listen Port | Oracle WebLogic Server 12c Windows v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-08-000211 - Oracle WebLogic must establish a trusted communications path between the user and organization-defined security functions within the information system - SSL Listen Port | Oracle WebLogic Server 12c Linux v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-08-000239 - Oracle WebLogic must employ approved cryptographic mechanisms when transmitting sensitive data - Listen Port | Oracle WebLogic Server 12c Windows v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-08-000239 - Oracle WebLogic must employ approved cryptographic mechanisms when transmitting sensitive data - Listen Port | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-08-000239 - Oracle WebLogic must employ approved cryptographic mechanisms when transmitting sensitive data - Listen Port | Oracle WebLogic Server 12c Linux v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
