| AIOS-12-010500 - Apple iOS must require a valid password be successfully entered before the mobile device data is unencrypted. | AirWatch - DISA Apple iOS 12 v2r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-12-010500 - Apple iOS must require a valid password be successfully entered before the mobile device data is unencrypted. | MobileIron - DISA Apple iOS 12 v2r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-13-010500 - Apple iOS/iPadOS must require a valid password be successfully entered before the mobile device data is unencrypted. | AirWatch - DISA Apple iOS/iPadOS 13 v2r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-13-010500 - Apple iOS/iPadOS must require a valid password be successfully entered before the mobile device data is unencrypted. | MobileIron - DISA Apple iOS/iPadOS 13 v2r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIX7-00-001048 - AIX must protect the confidentiality and integrity of all information at rest. | DISA STIG AIX 7.x v2r9 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| BIND-9X-001130 - The DNSSEC keys used with the BIND 9.x implementation must be owned by a privileged account. | DISA BIND 9.x STIG v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| BIND-9X-001131 - The DNSSEC keys used with the BIND 9.x implementation must be group owned by a privileged account. | DISA BIND 9.x STIG v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| BIND-9X-001132 - Permissions assigned to the DNSSEC keys used with the BIND 9.x implementation must enforce read-only access to the key owner and deny access to all other users. | DISA BIND 9.x STIG v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Enforce FileVault | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DB2X-00-005400 - DB2 must protect the confidentiality and integrity of all information at rest. | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | SYSTEM AND COMMUNICATIONS PROTECTION |
| DKER-EE-002660 - Docker Secrets must be used to store configuration files and small amounts of user-generated data (up to 500 kb in size) in Docker Enterprise. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBC-0039 - Browser history must be saved. | DISA STIG Google Chrome v2r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI042-IE11 - Userdata persistence must be disallowed (Internet zone). | DISA STIG IE 11 v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI132-IE11 - Userdata persistence must be disallowed (Restricted Sites zone). | DISA STIG IE 11 v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO188 - Document metadata for password protected files must be protected. | DISA STIG Microsoft Office System 2013 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO188 - Document metadata for password protected files must be protected. | DISA STIG Microsoft Office System 2016 v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO189 - The encryption type for password protected Open XML files must be set. | DISA STIG Microsoft Office System 2013 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO189 - The encryption type for password protected Open XML files must be set. | DISA STIG Microsoft Office System 2016 v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO190 - The encryption type for password protected Office 97 thru Office 2003 must be set. | DISA STIG Microsoft Office System 2013 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO190 - The encryption type for password protected Office 97 thru Office 2003 must be set. | DISA STIG Microsoft Office System 2016 v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO195 - Passwords for secured documents must be enforced. | DISA STIG Microsoft Office System 2013 v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EP11-00-005700 - The EDB Postgres Advanced Server must protect the confidentiality and integrity of all information at rest. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-MB-000125 - Exchange Public Folder stores must be retained until backups are complete. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-MB-000130 - The Exchange Public Folder database must not be overwritten by a restore. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-MB-000135 - Exchange Mailboxes must be retained until backups are complete. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-MB-000140 - The Exchange Mailbox database must not be overwritten by a restore. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-MB-000145 - Exchange email forwarding must be restricted. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-MB-000150 - Exchange email-forwarding SMTP domains must be restricted. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000300 - Exchange email-forwarding SMTP domains must be restricted. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IISW-SV-000137 - The production IIS 8.5 web server must utilize SHA2 encryption for the Machine Key. | DISA IIS 8.5 Server v2r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| JBOS-AS-000400 - JBoss file permissions must be configured to protect the confidentiality and integrity of application files. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD3X-00-000440 - MongoDB must protect the confidentiality and integrity of all information at rest. | DISA STIG MongoDB Enterprise Advanced 3.x v2r1 OS | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MSFT-11-002000 - Microsoft Android 11 must be configured to enable encryption for data at rest on removable storage media or alternately, the use of removable storage media must be disabled. | AirWatch - DISA Microsoft Android 11 COPE v1r1 | MDM | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| MSFT-11-002000 - Microsoft Android 11 must be configured to enable encryption for data at rest on removable storage media or alternately, the use of removable storage media must be disabled. | MobileIron - DISA Microsoft Android 11 COBO v1r1 | MDM | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| MSFT-11-002000 - Microsoft Android 11 must be configured to enable encryption for data at rest on removable storage media or alternately, the use of removable storage media must be disabled. | AirWatch - DISA Microsoft Android 11 COBO v1r1 | MDM | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| MSFT-11-002000 - Microsoft Android 11 must be configured to enable encryption for data at rest on removable storage media or alternately, the use of removable storage media must be disabled. | MobileIron - DISA Microsoft Android 11 COPE v1r1 | MDM | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| O112-C2-018300 - The DBMS must take needed steps to protect data at rest and ensure confidentiality and integrity of application data - encrypted columns | DISA STIG Oracle 11.2g v2r3 Database | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| O112-C2-018300 - The DBMS must take needed steps to protect data at rest and ensure confidentiality and integrity of application data - tablespace encryption algorithm | DISA STIG Oracle 11.2g v2r3 Database | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| O121-C2-018300 - The DBMS must take needed steps to protect data at rest and ensure confidentiality and integrity of application data. | DISA STIG Oracle 12c v2r8 Database | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000008 - Office applications must be configured to specify encryption type in password-protected Office 97-2003 files. | DISA STIG Microsoft Office 365 ProPlus v2r11 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL6-00-000276 - The operating system must protect the confidentiality and integrity of data at rest. | DISA STIG Oracle Linux 6 v2r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-008300 - PostgreSQL must protect the confidentiality and integrity of all information at rest. | DISA STIG PostgreSQL 9.x on RHEL DB v2r3 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| PPS9-00-005700 - The EDB Postgres Advanced Server must protect the confidentiality and integrity of all information at rest. | EDB PostgreSQL Advanced Server OS Linux Audit v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-060160 - The operating system must protect the confidentiality and integrity of information at rest. | DISA STIG Solaris 11 X86 v2r9 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-060160 - The operating system must protect the confidentiality and integrity of information at rest. | DISA STIG Solaris 11 SPARC v2r9 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL4-00-024500 - The Service Master Key must be backed up, stored offline and off-site. | DISA STIG SQL Server 2014 Instance DB Audit v2r3 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL6-D0-001600 - The Database Master Key encryption password must meet DOD password complexity requirements. | DISA STIG SQL Server 2016 Database Audit v2r8 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL6-D0-001700 - The Database Master Key must be encrypted by the Service Master Key, where a Database Master Key is required and another encryption method has not been specified. | DISA STIG SQL Server 2016 Database Audit v2r8 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL6-D0-001800 - The Certificate used for encryption must be backed up, stored offline and off-site. | DISA STIG SQL Server 2016 Database Audit v2r8 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| WDNS-SC-000024 - The Windows 2012 DNS Server must protect secret/private cryptographic keys while at rest. | DISA Microsoft Windows 2012 Server DNS STIG v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
