| 1.001 - Physical security of the Automated Information System (AIS) does not meet DISA requirements. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 1.013 - System information backups are not created, updated, and protected according to DISA requirements. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 2.1 (L1) Ensure NTP time synchronization is configured properly | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | AUDIT AND ACCOUNTABILITY |
| 2.1.6 Ensure the latest firmware is installed | CIS Fortigate 7.0.x v1.3.0 L2 | FortiGate | SECURITY ASSESSMENT AND AUTHORIZATION, RISK ASSESSMENT |
| 2.1.11 Ensure CDN is enabled for improved GUI performance | CIS Fortigate 7.0.x v1.3.0 L2 | FortiGate | CONFIGURATION MANAGEMENT |
| 2.2.28 Ensure 'Log on as a batch job' is set to 'Administrators' | CIS Windows 7 Workstation Level 2 v3.2.0 | Windows | ACCESS CONTROL |
| 2.2.28 Ensure 'Log on as a batch job' is set to 'Administrators' | CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0 | Windows | ACCESS CONTROL |
| 2.5.1 Ensure High Availability configuration is enabled | CIS Fortigate 7.0.x v1.3.0 L2 | FortiGate | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| 3.3 (L1) Ensure remote logging is configured for ESXi hosts | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | AUDIT AND ACCOUNTABILITY |
| 4.1.1 Detect Botnet connections | CIS Fortigate 7.0.x v1.3.0 L2 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| 4.2.1 Ensure Antivirus Definition Push Updates are Configured | CIS Fortigate 7.0.x v1.3.0 L2 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| 4.7 (L1) Ensure only authorized users and groups belong to the esxAdminsGroup group | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | ACCESS CONTROL |
| 5.2.1.1 Ensure Security Fabric is Configured | CIS Fortigate 7.0.x v1.3.0 L2 | FortiGate | CONFIGURATION MANAGEMENT |
| 5.4 (L1) Ensure CIM access is limited | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 5.5 (L1) Ensure Normal Lockdown mode is enabled | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | ACCESS CONTROL |
| 7.2.1 Encrypt Log Transmission to FortiAnalyzer / FortiManager | CIS Fortigate 7.0.x v1.3.0 L1 | FortiGate | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 8.2.2 (L2) Ensure unnecessary CD/DVD devices are disconnected | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.2.8 (L1) Ensure PCI and PCIe device passthrough is disabled | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 8.3 Block Reported Web Forgeries | CIS Mozilla Firefox 38 ESR Linux L1 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 8.4.1 (L1) Ensure access to VMs through the dvfilter network APIs is configured correctly | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| 8.4.4 (L2) Ensure Guest Host Interaction Protocol Handler is set to disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.5 (L2) Ensure Unity Taskbar is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.6 (L2) Ensure Unity Active is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.11 (L2) Ensure Shell Action is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.13 (L2) Ensure Trash Folder State is disabled | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.24 (L1) Ensure VM Console Paste operations are disabled | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | CONFIGURATION MANAGEMENT |
| 8.7.2 (L2) Ensure host information is not sent to guests | CIS VMware ESXi 7.0 v1.5.0 L2 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND SERVICES ACQUISITION |
| AS24-W1-000065 - System logging must be enabled. | DISA STIG Apache Server 2.4 Windows Server v3r3 | Windows | CONFIGURATION MANAGEMENT |
| AS24-W1-000065 - System logging must be enabled. | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | CONFIGURATION MANAGEMENT |
| EX16-ED-000620 - Exchange software must be installed on a separate partition from the OS. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX19-ED-000230 - Exchange software must be installed on a separate partition from the OS. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_MIME_HANDLING - (Reserved) | MSCT Windows 10 v2004 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_MIME_HANDLING - (Reserved) | MSCT Windows Server 2025 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_MIME_HANDLING - (Reserved) | MSCT Windows Server v20H2 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_MIME_HANDLING - (Reserved) | MSCT Windows Server v2004 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_MIME_HANDLING - explorer.exe | MSCT Windows Server v20H2 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_MIME_HANDLING - explorer.exe | MSCT Windows Server v20H2 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_MIME_HANDLING - explorer.exe | MSCT Windows Server 1903 DC v1.19.9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_MIME_HANDLING - explorer.exe | MSCT Windows Server v1909 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_MIME_HANDLING - iexplore.exe | MSCT Windows Server 2025 MS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_MIME_HANDLING - iexplore.exe | MSCT Windows 10 v1507 v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_MIME_HANDLING - iexplore.exe | MSCT Windows Server 1903 DC v1.19.9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Internet Explorer Processes - FEATURE_MIME_HANDLING - iexplore.exe | MSCT Windows Server 2016 DC v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCLU-80-000070 The vCenter Lookup service must set an inactive timeout for sessions. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | ACCESS CONTROL |
| VCPF-80-000070 The vCenter Perfcharts service must set an inactive timeout for sessions. | DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1 | Unix | ACCESS CONTROL |
| VCST-80-000070 The vCenter STS service must set an inactive timeout for sessions. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | ACCESS CONTROL |
| WA00612 A22 - The sites error logs must log the correct format. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WA00615 A22 - System logging must be enabled. | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000090 - The WebSphere Application Server users WebSphere auditor role must be configured in accordance with System Security Plan. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WDNS-CM-000016 - For zones split between the external and internal sides of a network, the RRs for the external hosts must be separate from the RRs for the internal hosts. | DISA Microsoft Windows 2012 Server DNS STIG v2r7 | Windows | CONFIGURATION MANAGEMENT |
