| 1.1.2 Ensure /tmp is configured - or equivalent. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.1.24 Ensure nosuid option is set for NFS - NFS. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.3.3 Ensure AIDE is configured to verify ACLs - installed | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.5.6 Ensure the Ctrl-Alt-Delete key sequence is disabled - inactive | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 2.2.2 Ensure X11 Server components are not installed - systemctl | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 5.3.4 Ensure permissions on SSH private host key files are configured | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 5.3.33 Ensure SSH uses privilege separation | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 5.107 - A Windows system has an incorrect default DCOM authorization level. - Call | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.108 - A Windows system has a writable DCOM configuration. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.112 - DCOM calls are not executed under the security context of the calling user. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.134 - Preserve Zone information when saving attachments. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.140 - The HBSS McAfee Agent is not installed. - masvc | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.228 - Game Explorer Information Downloads | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 5.244 - Users must be notified if the logon server was inaccessible and cached credentials were used. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 6.2.24 Ensure local interactive users' dot files are group-owned by the users group or root. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| Big Sur - Disable Password Hints | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| DTOO118 - Excel - Corrupt workbook options must be disallowed. | DISA STIG Office 2010 Excel v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO178 - Office System - Upload of document templates to Office Online must be prevented. | DISA STIG Office System 2010 v1r13 | Windows | CONFIGURATION MANAGEMENT |
| DTOO196 - Office System - A mix of policy and user locations for Office Products must be disallowed. | DISA STIG Office System 2010 v1r13 | Windows | CONFIGURATION MANAGEMENT |
| DTOO303 - Word - A warning before printing that the document contains tracking changes must be provided. | DISA STIG Office 2010 Word v1r12 | Windows | CONFIGURATION MANAGEMENT |
| GEN000680 - The system must require passwords to contain no more than three consecutive repeating characters. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN000900 - The root user's home directory must not be the root directory (/). | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001170 - All files and directories must have a valid group owner. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001780 - Global initialization files must contain the mesg -n or mesg n commands. - '/etc/.login' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001840 - All global initialization files' executable search paths must contain only absolute paths - '/etc/security/environ' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001845 - Global initialization files' library search paths must contain only absolute paths - '/etc/environment' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001845 - Global initialization files' library search paths must contain only absolute paths - '/etc/profile' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001845 - Global initialization files' library search paths must contain only absolute paths - '/etc/security/.login' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files' lists of preloaded libraries must contain only absolute paths - '/etc/bashrc' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files' lists of preloaded libraries must contain only absolute paths - '/etc/environment' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files' lists of preloaded libraries must contain only absolute paths - '/etc/profile' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files' lists of preloaded libraries must contain only absolute paths - '/etc/security/.login' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001901 - Local initialization files' library search paths must contain only absolute paths - 'LD_LIBRARY_PATH' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002020 - All .rhosts, .shosts, or host.equiv files must only contain trusted host-user pairs. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - '.shosts' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - 'hosts.equiv' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002480 - Public directories must be the only world-writable directories and world-writable files must be located only in public dirs | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN003900 - The hosts.lpd file (or equivalent) must not contain a '+' character. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN004540 - The SMTP service HELP command must not be enabled. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN004620 - The Sendmail server must have the debug feature disabled. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN004800 - Unencrypted FTP must not be used on the system - 'telnet is disabled' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005080 - The TFTP daemon must operate in 'secure mode' which provides access only to a single directory on the host file system. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005201 - X11 forwarding for SSH must be disabled. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN005440 - The system must not be used as a syslog server (loghost) for systems external to the enclave. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005538 - The SSH daemon must not allow rhosts RSA authentication. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN006225 - Samba must be configured to use an authentication mechanism other than share. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN006235 - Samba must be configured to not allow guest access to shares. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN006580 - The system must use an access control program. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN006620 - The system's access control program must be configured to grant or deny system access to specific hosts - '/etc/hosts.deny' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN008480 - The system must have USB Mass Storage disabled unless needed. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
