| 1.43 WN10-00-000250 | CIS Microsoft Windows 10 STIG v1.0.0 CAT II | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-14-008800 - Apple iOS/iPadOS must require a valid password be successfully entered before the mobile device data is unencrypted. | MobileIron - DISA Apple iOS/iPadOS 14 v1r3 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-14-011800 - Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | AirWatch - DISA Apple iOS/iPadOS 14 v1r3 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-16-010400 - Apple iOS/iPadOS 16 must require a valid password be successfully entered before the mobile device data is unencrypted. | AirWatch - DISA Apple iOS-iPadOS 16 STIG v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-16-010400 - Apple iOS/iPadOS 16 must require a valid password be successfully entered before the mobile device data is unencrypted. | MobileIron - DISA Apple iOS-iPadOS 16 STIG v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-16-013400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | AirWatch - DISA Apple iOS-iPadOS 16 STIG v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-16-013400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | MobileIron - DISA Apple iOS-iPadOS 16 STIG v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-16-710400 - Apple iOS/iPadOS 16 must require a valid password be successfully entered before the mobile device data is unencrypted. | AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-010400 - Apple iOS/iPadOS 17 must require a valid password be successfully entered before the mobile device data is unencrypted. | MobileIron - DISA Apple iOS/iPadOS 17 v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-010400 - Apple iOS/iPadOS 17 must require a valid password be successfully entered before the mobile device data is unencrypted. | AirWatch - DISA Apple iOS/iPadOS 17 v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-013400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | AirWatch - DISA Apple iOS/iPadOS 17 v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-013400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | MobileIron - DISA Apple iOS/iPadOS 17 v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-713400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-18-010400 - Apple iOS/iPadOS 18 must require a valid password be successfully entered before the mobile device data is unencrypted. | AirWatch - DISA Apple iOS/iPadOS 18 v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-18-010400 - Apple iOS/iPadOS 18 must require a valid password be successfully entered before the mobile device data is unencrypted. | MobileIron - DISA Apple iOS/iPadOS 18 v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-18-010500 - Apple iOS/iPadOS 18 must implement the management setting: limit Ad Tracking. | MobileIron - DISA Apple iOS/iPadOS 18 v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-18-010500 - Apple iOS/iPadOS 18 must implement the management setting: limit Ad Tracking. | AirWatch - DISA Apple iOS/iPadOS 18 v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-18-013400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | AirWatch - DISA Apple iOS/iPadOS 18 v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-18-013400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | MobileIron - DISA Apple iOS/iPadOS 18 v2r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-26-010400 - Apple iOS/iPadOS 26 must require a valid password be successfully entered before the mobile device data is unencrypted. | AirWatch - DISA Apple iOS/iPadOS 26 v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-26-010500 - Apple iOS/iPadOS 26 must implement the management setting: limit Ad Tracking. | AirWatch - DISA Apple iOS/iPadOS 26 v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-26-010500 - Apple iOS/iPadOS 26 must implement the management setting: limit Ad Tracking. | MobileIron - DISA Apple iOS/iPadOS 26 v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-26-013400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | AirWatch - DISA Apple iOS/iPadOS 26 v1r2 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| BIND-9X-001830 - Permissions assigned to the DNSSEC keys used with the BIND 9.x implementation must enforce read-only access to the key owner and deny access to all other users. | DISA BIND 9.x STIG v3r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| BIND-9X-001850 - The DNSSEC keys used with the BIND 9.x implementation must be group owned by a privileged account. | DISA BIND 9.x STIG v3r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO188 - Office System - Document metadata for password protected files must be protected. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO189 - Office System - The encryption type for password protected Open XML files must be set. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO190 - Office System - The encryption type for password protected Office 97 thru Office 2003 must be set. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO195 - Office System - Passwords for secured documents must be enforced. | DISA STIG Office System 2010 v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EPAS-00-005700 - The EDB Postgres Advanced Server must protect the confidentiality and integrity of all information at rest. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX19-MB-000115 - Exchange mailboxes must be retained until backups are complete. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX19-MB-000116 - Exchange email forwarding must be restricted. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX19-MB-000117 - Exchange email-forwarding SMTP domains must be restricted. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| FGFW-ND-000285 - The FortiGate device must only allow authorized administrators to view or change the device configuration, system files, and other files stored either in the device or on removable media (such as a flash drive). | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN008380 - A root kit check tool must be run on the system at least weekly. | DISA AIX 5.3 STIG v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-NM-000370 - The Juniper device must be configured to only allow authorized administrators to view or change the device configuration, system files, and other files stored either in the device or on removable media (such as a flash drive). | DISA Juniper EX Series Network Device Management v2r4 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| KNOX-07-002600 - The Samsung must be configured to not display the following notifications when the device is locked: All notifications. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD4X-00-003800 - MongoDB must protect the confidentiality and integrity of all information at rest. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Enforce FileVault | NIST macOS Monterey v1.0.0 - All Profiles | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Enforce FileVault | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Enforce FileVault | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MYS8-00-007200 - The MySQL Database Server 8.0 must protect the confidentiality and integrity of all information at rest. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010030 - All RHEL 8 local disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at rest protection. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-024100 - The Database Master Key must be encrypted by the Service Master Key where required. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-024200 - Database Master Key passwords must not be stored in credentials within the database. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-024300 - Symmetric keys (other than the database master key) must use a DoD certificate to encrypt the key. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-024500 - The Service Master Key must be backed up, stored offline and off-site. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQLD-22-001600 - The Database Master Key encryption password must meet DOD password complexity requirements. | DISA Microsoft SQL Server 2022 Database STIG v1r3 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQLD-22-001800 - The certificate used for encryption must be backed up and stored in a secure location that is not on the SQL Server. | DISA Microsoft SQL Server 2022 Database STIG v1r3 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQLI-22-009700 - The Master Key must be backed up and stored in a secure location that is not on the SQL Server. | DISA Microsoft SQL Server 2022 Instance STIG v1r4 MS_SQLDB | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
