| 1.19 WN22-00-000190 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.19 WN22-00-000190 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II | Windows | IDENTIFICATION AND AUTHENTICATION |
| 1.40 UBTU-24-200260 | CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.78 UBTU-22-411035 | CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.131 APPL-14-003080 | CIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.186 OL08-00-020260 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.187 OL08-00-020261 | CIS Oracle Linux 8 STIG v1.0.0 CAT II | Unix | IDENTIFICATION AND AUTHENTICATION |
| 1.274 RHEL-09-411050 | CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-14-003080 - The macOS system must disable accounts after 35 days of inactivity. | DISA Apple macOS 14 Sonoma STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-15-003080 - The macOS system must disable accounts after 35 days of inactivity. | DISA Apple macOS 15 Sequoia STIG v1r7 | Unix | ACCESS CONTROL |
| APPL-26-003080 - The macOS system must disable accounts after 35 days of inactivity. | DISA Apple macOS 26 Tahoe STIG v1r2 | Unix | ACCESS CONTROL |
| AZLX-23-002430 - Amazon Linux 2023 must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity. | DISA Amazon Linux 2023 STIG v1r2 | Unix | ACCESS CONTROL |
| JUEX-NM-000640 - The Juniper EX switch must be configured to use an authentication server for the purpose of authenticating users prior to granting administrative access. | DISA Juniper EX Series Network Device Management v2r4 | Juniper | CONFIGURATION MANAGEMENT |
| JUSX-DM-000095 - The Juniper SRX Services Gateway must be configured to use an authentication server to centrally manage authentication and logon settings for remote and nonlocal access. | DISA Juniper SRX Services Gateway NDM v3r3 | Juniper | CONFIGURATION MANAGEMENT |
| O19C-00-012500 - Oracle Database must disable user accounts after 35 days of inactivity. | DISA Oracle Database 19c STIG v1r5 OracleDB | OracleDB | ACCESS CONTROL |
| O19C-00-012500 - Oracle Database must disable user accounts after 35 days of inactivity. | DISA Oracle Database 19c STIG v1r3 OracleDB | OracleDB | ACCESS CONTROL |
| OL07-00-010310 - The Oracle Linux operating system must disable account identifiers (individuals, groups, roles, and devices) if the password expires - individuals, groups, roles, and devices if the password expires. | DISA Oracle Linux 7 STIG v3r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL08-00-020260 - The OL 8 system-auth file must disable access to the system for account identifiers (individuals, groups, roles, and devices) with 35 days of inactivity. | DISA Oracle Linux 8 STIG v2r8 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL08-00-020261 - The OL 8 password-auth file must disable access to the system for account identifiers (individuals, groups, roles, and devices) with 35 days of inactivity. | DISA Oracle Linux 8 STIG v2r8 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL09-00-003065 - OL 9 must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity. | DISA Oracle Linux 9 STIG v1r5 | Unix | ACCESS CONTROL |
| RHEL-08-020260 - RHEL 8 account identifiers (individuals, groups, roles, and devices) must be disabled after 35 days of inactivity. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-09-411050 - RHEL 9 must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-600160 - RHEL 10 must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | ACCESS CONTROL |
| SLES-12-010340 - The SUSE operating system must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity after password expiration. | DISA SLES 12 STIG v3r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-15-020050 - The SUSE operating system must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity after password expiration. | DISA SUSE Linux Enterprise Server 15 STIG v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-040280 - User accounts must be locked after 35 days of inactivity. | DISA Solaris 11 X86 STIG v3r4 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| SOL-11.1-040280 - User accounts must be locked after 35 days of inactivity. | DISA Solaris 11 SPARC STIG v3r4 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| SQLI-22-007900 - If DBMS authentication using passwords is employed, SQL Server must enforce the DOD standards for password complexity and lifetime. | DISA Microsoft SQL Server 2022 Instance STIG v1r4 MS_SQLDB | MS_SQLDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| UBTU-20-010409 - The Ubuntu operating system must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity. | DISA Canonical Ubuntu 20.04 LTS STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-22-411035 - Ubuntu 22.04 LTS must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-24-200260 - Ubuntu 24.04 LTS must disable account identifiers (individuals, groups, roles, and devices) after 35 days of inactivity. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | ACCESS CONTROL |
| VCSA-80-000059 - The vCenter Server must uniquely identify and authenticate users or processes acting on behalf of users. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| WN10-00-000065 - Unused accounts must be disabled or removed from the system after 35 days of inactivity. | DISA Microsoft Windows 10 STIG v3r6 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN11-00-000065 - Unused accounts must be disabled or removed from the system after 35 days of inactivity. | DISA Microsoft Windows 11 STIG v2r7 | Windows | AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| WN19-00-000190 - Windows Server 2019 outdated or unused accounts must be removed or disabled. | DISA Microsoft Windows Server 2019 STIG v3r8 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-00-000190 - Windows Server 2022 outdated or unused accounts must be removed or disabled. | DISA Microsoft Windows Server 2022 STIG v2r8 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN25-00-000190 - Outdated or unused accounts on Windows Server 2025 must be removed or disabled. | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | ACCESS CONTROL |
