| 1.1 APPL-14-000001 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.15 APPL-14-000033 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.22 APPL-14-000070 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.62 APPL-14-002006 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.64 APPL-14-002008 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 1.97 APPL-14-002090 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | ACCESS CONTROL |
| 5.3.26 Ensure RSA rhosts authentication is not allowed | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 5.5.1.7 Ensure password expiration is 60 Day maximum for new users | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.5.1.9 Ensure inactive password lock is 0 days | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| CASA-FW-000090 - The Cisco ASA must be configured to queue log records locally in the event that the central audit server is down or not reachable - Buffer Enabled | DISA STIG Cisco ASA FW v2r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CASA-FW-000100 - The Cisco ASA must be configured to use TCP when sending log records to the central audit server - Logging Permit-hostdown | DISA STIG Cisco ASA FW v2r1 | Cisco | CONFIGURATION MANAGEMENT |
| CASA-FW-000130 - The Cisco ASA must be configured to disable or remove unnecessary network services and functions that are not used as part of its role in the architecture - HTTP | DISA STIG Cisco ASA FW v2r1 | Cisco | CONFIGURATION MANAGEMENT |
| CASA-FW-000130 - The Cisco ASA must be configured to disable or remove unnecessary network services and functions that are not used as part of its role in the architecture - Telnet | DISA STIG Cisco ASA FW v2r1 | Cisco | CONFIGURATION MANAGEMENT |
| CASA-FW-000170 - The Cisco ASA perimeter firewall must be configured to filter traffic destined to the enclave in accordance with the specific traffic that is approved and registered in the Ports, Protocols, and Services Management (PPSM) Category Assurance List (CAL) and vulnerability assessments - Interface | DISA STIG Cisco ASA FW v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-VN-000190 - The Cisco ASA must be configured to use a FIPS-validated cryptographic module to generate cryptographic hashes. | DISA STIG Cisco ASA VPN v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-VN-000200 - The Cisco ASA must be configured to use a FIPS-validated cryptographic module to implement IPsec encryption services. | DISA STIG Cisco ASA VPN v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CASA-VN-000300 - The Cisco ASA VPN gateway must be configured to restrict what traffic is transported via the IPsec tunnel according to flow control policies. | DISA STIG Cisco ASA VPN v2r2 | Cisco | ACCESS CONTROL |
| CASA-VN-000410 - The Cisco ASA remote access VPN server must be configured to identify and authenticate users before granting access to the network. | DISA STIG Cisco ASA VPN v2r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-232160 - RHEL 9 /etc/shadow- file must be owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-232180 - RHEL 9 /var/log/messages file must be owned by root. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-232245 - A sticky bit must be set on all RHEL 9 public directories. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-251020 - The RHEL 9 firewall must employ a deny-all, allow-by-exception policy for allowing connections to other systems. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-251030 - RHEL 9 must protect against or limit the effects of denial-of-service (DoS) attacks by ensuring rate-limiting measures on impacted network interfaces are implemented. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-252050 - RHEL 9 must be configured to prevent unrestricted mail relaying. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-252065 - RHEL 9 libreswan package must be installed. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-253045 - RHEL 9 must not forward IPv4 source-routed packets by default. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-253075 - RHEL 9 must not enable IPv4 packet forwarding unless the system is a router. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-254015 - RHEL 9 must ignore IPv6 Internet Control Message Protocol (ICMP) redirect messages. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-255145 - RHEL 9 SSH daemon must not allow rhosts authentication. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-255155 - RHEL 9 SSH daemon must disable remote X connections for interactive users. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-255160 - RHEL 9 SSH daemon must perform strict mode checking of home directory configuration files. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-271075 - RHEL 9 must initiate a session lock for graphical user interfaces when the screensaver is activated. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | ACCESS CONTROL |
| RHEL-09-271080 - RHEL 9 must prevent a user from overriding the session lock-delay setting for the graphical user interface. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | ACCESS CONTROL |
| RHEL-09-271095 - RHEL 9 must disable the ability of a user to restart the system from the login screen. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-411070 - All RHEL 9 local interactive user home directories must be group-owned by the home directory owner's primary group. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-412045 - RHEL 9 must log username information when unsuccessful logon attempts occur. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | ACCESS CONTROL |
| RHEL-09-412055 - RHEL 9 must define default permissions for the bash shell. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-412060 - RHEL 9 must define default permissions for the c shell. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-431015 - RHEL 9 must enable the SELinux targeted policy. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-431020 - RHEL 9 must configure SELinux context type to allow the use of a nondefault faillock tally directory. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | ACCESS CONTROL |
| RHEL-09-431025 - RHEL 9 must have policycoreutils package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-431030 - RHEL 9 policycoreutils-python-utils package must be installed. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-611105 - RHEL 9 must prevent the use of dictionary words for passwords. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-611195 - RHEL 9 must require authentication to access emergency mode. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | ACCESS CONTROL |
| RHEL-09-653025 - RHEL 9 audit system must take appropriate action when the audit storage volume is full. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653055 - RHEL 9 audit system must take appropriate action when the audit files have reached maximum size. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653110 - RHEL 9 must allow only the information system security manager (ISSM) (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-653125 - RHEL 9 must have mail aliases to notify the information system security officer (ISSO) and system administrator (SA) (at a minimum) in the event of an audit processing failure. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-654185 - Successful/unsuccessful uses of the init command in RHEL 9 must generate an audit record. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | AUDIT AND ACCOUNTABILITY |
| SLES-12-010109 - The SUSE operating system must specify the default 'include' directory for the /etc/sudoers file - include directory for the /etc/sudoers file. | DISA SLES 12 STIG v3r4 | Unix | CONFIGURATION MANAGEMENT |
