| 3.4 Ensure that Storage Account Access Keys are Periodically Regenerated | CIS Microsoft Azure Foundations v2.0.0 L1 | microsoft_azure | ACCESS CONTROL, CONFIGURATION MANAGEMENT, MAINTENANCE |
| 4.1.3.20 Ensure audit the umount command | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.26 Ensure audit of the rmdir syscall - 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.26 Ensure audit of the rmdir syscall - 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.27 Ensure audit of unlink syscall - 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.27 Ensure audit of unlink syscall - 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.28 Ensure audit unlinkat syscall - 32 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.28 Ensure audit unlinkat syscall - 64 bit | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.33 Ensure audit of semanage command | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.34 Ensure audit of the setsebool command. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.35 Ensure audit of the chcon command | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| 4.1.3.39 Ensure audit of setfiles command | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| AMLS-NM-000340 - Arista Multilayer Switches used for nonlocal maintenance sessions must implement cryptographic mechanisms to protect the integrity of nonlocal maintenance and diagnostic communications - api http | DISA STIG Arista MLS DCS-7000 Series NDM v1r3 | Arista | MAINTENANCE |
| AMLS-NM-000340 - Arista Multilayer Switches used for nonlocal maintenance sessions must implement cryptographic mechanisms to protect the integrity of nonlocal maintenance and diagnostic communications - api https | DISA STIG Arista MLS DCS-7000 Series NDM v1r3 | Arista | MAINTENANCE |
| AMLS-NM-000340 - Arista Multilayer Switches used for nonlocal maintenance sessions must implement cryptographic mechanisms to protect the integrity of nonlocal maintenance and diagnostic communications - telnet | DISA STIG Arista MLS DCS-7000 Series NDM v1r3 | Arista | MAINTENANCE |
| AMLS-NM-000350 - Arista Multilayer Switches used for nonlocal maintenance sessions must implement cryptographic mechanisms to protect the confidentiality of nonlocal maintenance and diagnostic communications - api http | DISA STIG Arista MLS DCS-7000 Series NDM v1r3 | Arista | MAINTENANCE |
| AMLS-NM-000350 - Arista Multilayer Switches used for nonlocal maintenance sessions must implement cryptographic mechanisms to protect the confidentiality of nonlocal maintenance and diagnostic communications - api https | DISA STIG Arista MLS DCS-7000 Series NDM v1r3 | Arista | MAINTENANCE |
| AMLS-NM-000350 - Arista Multilayer Switches used for nonlocal maintenance sessions must implement cryptographic mechanisms to protect the confidentiality of nonlocal maintenance and diagnostic communications - telnet | DISA STIG Arista MLS DCS-7000 Series NDM v1r3 | Arista | MAINTENANCE |
| ARST-ND-000700 - The Arista network device must be configured to implement cryptographic mechanisms using a FIPS 140-2 approved algorithm to protect the confidentiality of remote maintenance sessions. | DISA STIG Arista MLS EOS 4.2x NDM v1r1 | Arista | MAINTENANCE |
| Big Sur - Ensure System Volume is Read Only | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Ensure System Volume is Read Only | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Ensure System Volume is Read Only | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Ensure System Volume is Read Only | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Ensure System Volume is Read Only | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| CASA-ND-001140 - The Cisco ASA must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of non-local maintenance and diagnostic communications - group | DISA STIG Cisco ASA NDM v1r6 | Cisco | MAINTENANCE |
| CASA-ND-001140 - The Cisco ASA must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of non-local maintenance and diagnostic communications - host | DISA STIG Cisco ASA NDM v1r6 | Cisco | MAINTENANCE |
| CASA-ND-001140 - The Cisco ASA must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of non-local maintenance and diagnostic communications - user | DISA STIG Cisco ASA NDM v1r6 | Cisco | MAINTENANCE |
| CASA-ND-001150 - The Cisco ASA must be configured to implement cryptographic mechanisms using a FIPS 140-2 approved algorithm to protect the confidentiality of remote maintenance sessions - ssh cipher | DISA STIG Cisco ASA NDM v1r6 | Cisco | MAINTENANCE |
| CASA-ND-001150 - The Cisco ASA must be configured to implement cryptographic mechanisms using a FIPS 140-2 approved algorithm to protect the confidentiality of remote maintenance sessions - ssh key-exchange | DISA STIG Cisco ASA NDM v1r6 | Cisco | MAINTENANCE |
| Catalina - Configure SSHD to Use Secure Key Exchange Algorithms | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| Catalina - Ensure System Volume is Read Only | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Ensure System Volume is Read Only | NIST macOS Catalina v1.5.0 - All Profiles | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Ensure System Volume is Read Only | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Ensure System Volume is Read Only | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Ensure System Volume is Read Only | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| FGFW-ND-000260 - The FortiGate devices must use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of nonlocal maintenance and diagnostic communications. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | MAINTENANCE |
| FGFW-ND-000265 - The FortiGate device must implement cryptographic mechanisms using a FIPS 140-2 approved algorithm to protect the confidentiality of remote maintenance sessions. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | MAINTENANCE |
| JUEX-NM-000510 - The Juniper EX switches must be configured to use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of nonlocal maintenance and diagnostic communications. | DISA Juniper EX Series Network Device Management v1r4 | Juniper | MAINTENANCE |
| JUEX-NM-000520 - The Juniper EX switch must be configured to implement cryptographic mechanisms using a FIPS 140-2 approved algorithm to protect the confidentiality of remote maintenance sessions. | DISA Juniper EX Series Network Device Management v1r4 | Juniper | MAINTENANCE |
| Monterey - Ensure System Volume is Read Only | NIST macOS Monterey v1.0.0 - All Profiles | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Ensure System Volume is Read Only | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Ensure System Volume is Read Only | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Ensure System Volume is Read Only | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Ensure System Volume is Read Only | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| SYMP-NM-000290 - The Symantec ProxySG Web Management Console and SSH sessions must implement cryptographic mechanisms to protect the confidentiality of nonlocal maintenance and diagnostic communications. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | MAINTENANCE |
| SYMP-NM-000300 - The Symantec ProxySG must use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of nonlocal maintenance and diagnostic communications. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | MAINTENANCE |
| WN11-CC-000335 - The Windows Remote Management (WinRM) client must not allow unencrypted traffic. | DISA Windows 11 STIG v1r5 | Windows | MAINTENANCE |
| WN11-CC-000350 - The Windows Remote Management (WinRM) service must not allow unencrypted traffic. | DISA Windows 11 STIG v1r5 | Windows | MAINTENANCE |
| WN22-CC-000480 - Windows Server 2022 Windows Remote Management (WinRM) client must not allow unencrypted traffic. | DISA Windows Server 2022 STIG v1r4 | Windows | MAINTENANCE |
| WN22-CC-000510 - Windows Server 2022 Windows Remote Management (WinRM) service must not allow unencrypted traffic. | DISA Windows Server 2022 STIG v1r4 | Windows | MAINTENANCE |
