| 1.1.2 Ensure /tmp is configured - or equivalent. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.1.24 Ensure nosuid option is set for NFS - NFS. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.3.3 Ensure AIDE is configured to verify ACLs - installed | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.5.6 Ensure the Ctrl-Alt-Delete key sequence is disabled - inactive | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 2.2.2 Ensure X11 Server components are not installed - systemctl | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 5.3.4 Ensure permissions on SSH private host key files are configured | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 5.3.33 Ensure SSH uses privilege separation | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 5.241 - Windows Installer - IE Security Prompt | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 6.2.24 Ensure local interactive users' dot files are group-owned by the users group or root. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| Big Sur - Disable Password Hints | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| DTOO178 - Office System - Upload of document templates to Office Online must be prevented. | DISA STIG Office System 2010 v1r13 | Windows | CONFIGURATION MANAGEMENT |
| DTOO196 - Office System - A mix of policy and user locations for Office Products must be disallowed. | DISA STIG Office System 2010 v1r13 | Windows | CONFIGURATION MANAGEMENT |
| DTOO215 - Outlook - Read signed email as plain text must be enforced. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO256 - Outlook - Trusted add-ins behavior for eMail must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO264 - Outlook - All signed messages as clear signed messages must be configured. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO266 - Outlook - Automatic sending s/Mime receipt requests must be disallowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO274 - Outlook - Internet with Safe Zones for Picture Download must be disabled. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO303 - Word - A warning before printing that the document contains tracking changes must be provided. | DISA STIG Office 2010 Word v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO320 - Outlook - Check e-mail addresses against addresses of certificates being used must be disallowed. | DISA STIG Office 2010 Outlook v1r14 | Windows | CONFIGURATION MANAGEMENT |
| DTOO420 - The ability to store user passwords in Skype must be disabled. | DISA STIG Microsoft Skype for Business 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
| GEN000680 - The system must require passwords to contain no more than three consecutive repeating characters. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN000900 - The root user's home directory must not be the root directory (/). | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001170 - All files and directories must have a valid group owner. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001780 - Global initialization files must contain the mesg -n or mesg n commands. - '/etc/.login' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001840 - All global initialization files' executable search paths must contain only absolute paths - '/etc/security/environ' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001845 - Global initialization files' library search paths must contain only absolute paths - '/etc/environment' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001845 - Global initialization files' library search paths must contain only absolute paths - '/etc/profile' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001845 - Global initialization files' library search paths must contain only absolute paths - '/etc/security/.login' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files' lists of preloaded libraries must contain only absolute paths - '/etc/bashrc' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files' lists of preloaded libraries must contain only absolute paths - '/etc/environment' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files' lists of preloaded libraries must contain only absolute paths - '/etc/profile' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001850 - Global initialization files' lists of preloaded libraries must contain only absolute paths - '/etc/security/.login' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN001901 - Local initialization files' library search paths must contain only absolute paths - 'LD_LIBRARY_PATH' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002020 - All .rhosts, .shosts, or host.equiv files must only contain trusted host-user pairs. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - '.shosts' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - 'hosts.equiv' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002480 - Public directories must be the only world-writable directories and world-writable files must be located only in public dirs | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN003900 - The hosts.lpd file (or equivalent) must not contain a '+' character. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN004540 - The SMTP service HELP command must not be enabled. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN004620 - The Sendmail server must have the debug feature disabled. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN004800 - Unencrypted FTP must not be used on the system - 'telnet is disabled' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005080 - The TFTP daemon must operate in 'secure mode' which provides access only to a single directory on the host file system. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005201 - X11 forwarding for SSH must be disabled. | DISA STIG Solaris 10 X86 v2r4 | Unix | CONFIGURATION MANAGEMENT |
| GEN005440 - The system must not be used as a syslog server (loghost) for systems external to the enclave. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005538 - The SSH daemon must not allow rhosts RSA authentication. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN006225 - Samba must be configured to use an authentication mechanism other than share. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN006235 - Samba must be configured to not allow guest access to shares. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN006580 - The system must use an access control program. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN006620 - The system's access control program must be configured to grant or deny system access to specific hosts - '/etc/hosts.deny' | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN008480 - The system must have USB Mass Storage disabled unless needed. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
