| 1.12 Ensure host-based intrusion detection tool is used - mcafeetp package | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.12 Ensure host-based intrusion detection tool is used - mfetpd process | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.2.1 Ensure Firewall Is Enabled | CIS Apple macOS 13.0 Ventura v2.0.0 L1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4 Set IP address for 'logging host' | CIS Cisco IOS 16 L1 v2.0.0 | Cisco | AUDIT AND ACCOUNTABILITY, INCIDENT RESPONSE, SYSTEM AND INFORMATION INTEGRITY |
| 2.2.4 Set IP address for 'logging host' | CIS Cisco IOS 17 L1 v2.0.0 | Cisco | AUDIT AND ACCOUNTABILITY, INCIDENT RESPONSE, SYSTEM AND INFORMATION INTEGRITY |
| 2.5.2.1 Ensure Firewall Is Enabled | CIS Apple macOS 11.0 Big Sur v4.0.0 L1 | Unix | AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, INCIDENT RESPONSE, SYSTEM AND SERVICES ACQUISITION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 4.1 Ensure a SNS topic is created for sending out notifications from Cloudtwatch Alarms and Auto-Scaling Groups - CloudwatchAlarms | CIS Amazon Web Services Three-tier Web Architecture L1 1.0.0 | amazon_aws | SYSTEM AND INFORMATION INTEGRITY |
| 5.6 Ensure alerts are enabled for malicious files detected by WildFire | CIS Palo Alto Firewall 7 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 5.6 Ensure alerts are enabled for malicious files detected by WildFire | CIS Palo Alto Firewall 6 Benchmark L1 v1.0.0 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| 9.1.4 Ensure 'Windows Firewall: Domain: Settings: Display a notification' is set to 'No' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 9.2.4 Ensure 'Windows Firewall: Private: Settings: Display a notification' is set to 'No' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 9.3.4 Ensure 'Windows Firewall: Public: Settings: Display a notification' is set to 'No' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 9.3.4 Ensure 'Windows Firewall: Public: Settings: Display a notification' is set to 'No' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Alertmail server not configured or this feature is not available on the device | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - basic-threat | DISA STIG Cisco ASA FW v1r4 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - From-address | DISA STIG Cisco ASA FW v1r4 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - logging severity | DISA STIG Cisco ASA FW v1r4 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - Recipient-address | DISA STIG Cisco ASA FW v1r4 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - scanning-threat | DISA STIG Cisco ASA FW v1r4 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| CASA-FW-000300 - The Cisco ASA must be configured to generate an alert that can be forwarded to organization-defined personnel and/or the firewall administrator when denial-of-service (DoS) incidents are detected - smtp | DISA STIG Cisco ASA FW v1r4 | Cisco | SYSTEM AND INFORMATION INTEGRITY |
| Display a notification - Private Profile | MSCT Windows 11 v22H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Display a notification - Public Profile | MSCT Windows 10 v20H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Display a notification - Public Profile | MSCT Windows 11 v23H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| FNFG-FW-000150 - The FortiGate firewall must generate an alert that can be forwarded to, at a minimum, the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) when denial-of-service (DoS) incidents are detected - enc-algorithm | DISA Fortigate Firewall STIG v1r3 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| FNFG-FW-000150 - The FortiGate firewall must generate an alert that can be forwarded to, at a minimum, the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) when denial-of-service (DoS) incidents are detected. - set certificate | DISA Fortigate Firewall STIG v1r3 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| FNFG-FW-000150 - The FortiGate firewall must generate an alert that can be forwarded to, at a minimum, the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) when denial-of-service (DoS) incidents are detected. - set mode | DISA Fortigate Firewall STIG v1r3 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| FNFG-FW-000150 - The FortiGate firewall must generate an alert that can be forwarded to, at a minimum, the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) when denial-of-service (DoS) incidents are detected. - set server | DISA Fortigate Firewall STIG v1r3 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| Fortigate - Alert Emails - 'admin address' | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| JUSX-AG-000146 - The Juniper SRX Services Gateway Firewall must generate an alert to, at a minimum, the ISSO and ISSM when unusual/unauthorized activities or conditions are detected during continuous monitoring of communications traffic as it traverses inbound or outbound across internal security boundaries. | DISA Juniper SRX Services Gateway ALG v2r1 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| JUSX-AG-000147 - The Juniper SRX Services Gateway Firewall must generate an alert that can be forwarded to, at a minimum, the ISSO and ISSM when threats identified by authoritative sources are detected. | DISA Juniper SRX Services Gateway ALG v2r1 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| JUSX-AG-000150 - The Juniper SRX Services Gateway Firewall must generate an alert that can be forwarded to, at a minimum, the ISSO and ISSM when DoS incidents are detected. | DISA Juniper SRX Services Gateway ALG v2r1 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| JUSX-IP-000023 - The IDPS must send an alert to, at a minimum, the ISSO and ISSM when intrusion detection events are detected that indicate a compromise or potential for compromise. | DISA Juniper SRX Services Gateway IDPS v1r2 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| JUSX-IP-000024 - The Juniper Networks SRX Series Gateway IDPS must generate an alert to, at a minimum, the ISSO and ISSM when root-level intrusion events that provide unauthorized privileged access are detected. | DISA Juniper SRX Services Gateway IDPS v1r2 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| JUSX-IP-000025 - The IDPS must send an alert to, at a minimum, the ISSO and ISSM when DoS incidents are detected. | DISA Juniper SRX Services Gateway IDPS v1r2 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| PANW-AG-000118 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when threats identified by authoritative sources (e.g., IAVMs or CTOs) are detected. | DISA STIG Palo Alto ALG v2r4 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| PANW-AG-000119 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when rootkits or other malicious software which allows unauthorized privileged access is detected - privileged | DISA STIG Palo Alto ALG v2r4 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| PANW-AG-000120 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when rootkits or other malicious software which allows unauthorized non-privileged access is detected - non-privileged | DISA STIG Palo Alto ALG v2r4 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| PANW-AG-000121 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when denial of service incidents are detected. | DISA STIG Palo Alto ALG v2r4 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| PANW-AG-000122 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when new active propagation of malware infecting DoD systems or malicious code adversely affecting the operations and/or security of DoD systems is detected. | DISA STIG Palo Alto ALG v2r4 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| PANW-IP-000051 - The Palo Alto Networks security platform must send an alert to, at a minimum, the ISSO and ISSM when intrusion detection events are detected which indicate a compromise or potential for compromise. | DISA STIG Palo Alto IDPS v2r3 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| PANW-IP-000052 - The Palo Alto Networks security platform must send an alert to, at a minimum, the ISSO and ISSM when threats identified by authoritative sources (e.g., IAVMs or CTOs) are detected. | DISA STIG Palo Alto IDPS v2r3 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| PANW-IP-000053 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when rootkits or other malicious software which allows unauthorized privileged or non-privileged access is detected. | DISA STIG Palo Alto IDPS v2r3 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| PANW-IP-000055 - The Palo Alto Networks security platform must send an alert to, at a minimum, the ISSO and ISSM when denial of service incidents are detected. | DISA STIG Palo Alto IDPS v2r3 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| PANW-IP-000056 - The Palo Alto Networks security platform must generate an alert to, at a minimum, the ISSO and ISSM when new active propagation of malware infecting DoD systems or malicious code adversely affecting the operations and/or security of DoD systems is detected. | DISA STIG Palo Alto IDPS v2r3 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-07-020019 - The Red Hat Enterprise Linux operating system must implement the Endpoint Security for Linux Threat Prevention tool. | DISA Red Hat Enterprise Linux 7 STIG v3r14 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| SYMP-AG-000660 - Symantec ProxySG providing content filtering must send an alert to, at a minimum, the ISSO and ISSM when detection events occur. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | SYSTEM AND INFORMATION INTEGRITY |
| SYMP-AG-000670 - Symantec ProxySG providing content filtering must generate an alert to, at a minimum, the ISSO and ISSM when denial-of-service (DoS) incidents are detected - Client limits | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | SYSTEM AND INFORMATION INTEGRITY |
| SYMP-AG-000670 - Symantec ProxySG providing content filtering must generate an alert to, at a minimum, the ISSO and ISSM when denial-of-service (DoS) incidents are detected - DoS incidents are detected. Rules | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | SYSTEM AND INFORMATION INTEGRITY |
| Windows Defender Firewall: Prohibit notifications | MSCT Windows 10 v21H1 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| Windows Defender Firewall: Prohibit notifications | MSCT Windows 11 v22H2 v1.0.0 | Windows | SYSTEM AND INFORMATION INTEGRITY |
