| NET-NAC-031 - The switch must only allow a maximum of one registered MAC address per access port. | DISA STIG Cisco L2 Switch V8R27 | Cisco | |
| NET-VLAN-006 - The VLAN1 is being used for management traffic. | DISA STIG Cisco L2 Switch V8R27 | Cisco | |
| NET-VLAN-007 - Ensure trunking is disabled on all access ports. | DISA STIG Cisco L2 Switch V8R27 | Cisco | |
| NET-VLAN-008 - A dedicated VLAN is required for all trunk ports. | DISA STIG Cisco L2 Switch V8R27 | Cisco | |
| NET-VLAN-009 - Access switchports are assigned to the native VLAN | DISA STIG Cisco L2 Switch V8R27 | Cisco | |
| NET0340 - Network devices must display the DoD-approved logon banner warning - 'banner login' | DISA STIG Cisco L2 Switch V8R27 | Cisco | ACCESS CONTROL |
| NET0340 - Network devices must display the DoD-approved logon banner warning - 'banner motd' | DISA STIG Cisco L2 Switch V8R27 | Cisco | ACCESS CONTROL |
| NET0433 - The device is not authenticated using a AAA server - 'ip http authentication' | DISA STIG Cisco L2 Switch V8R27 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| NET0465 - Authorized accounts must be assigned the least privilege level necessary to perform assigned duties. | DISA STIG Cisco L2 Switch V8R27 | Cisco | |
| NET0470 - Unauthorized accounts are configured to access device. | DISA STIG Cisco L2 Switch V8R27 | Cisco | |
| NET0740 - HTTP server is not disabled | DISA STIG Cisco L2 Switch V8R27 | Cisco | CONFIGURATION MANAGEMENT |
| NET0744 - BSDr commands are not disabled - rcp-enable | DISA STIG Cisco L2 Switch V8R27 | Cisco | CONFIGURATION MANAGEMENT |
| NET0813 - NTP messages are not authenticated - 'ntp authentication-key' | DISA STIG Cisco L2 Switch V8R27 | Cisco | CONFIGURATION MANAGEMENT |
| NET0894 - Network element must only allow SNMP read access - 'community RW' | DISA STIG Cisco L2 Switch V8R27 | Cisco | ACCESS CONTROL |
| NET0894 - Network element must only allow SNMP read access - 'SNMP v3 priv|noauth' | DISA STIG Cisco L2 Switch V8R27 | Cisco | CONFIGURATION MANAGEMENT |
| NET1624 - The console port does not timeout after 10 minutes | DISA STIG Cisco L2 Switch V8R27 | Cisco | ACCESS CONTROL |
| NET1638 - Management connections must be secured by FIPS 140-2 - 'ssh algorithm encryption' | DISA STIG Cisco L2 Switch V8R27 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET1638 - Management connections must be secured by FIPS 140-2 -'ip http secure-server' | DISA STIG Cisco L2 Switch V8R27 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET1645 - SSH session timeout is not 60 seconds or less. | DISA STIG Cisco L2 Switch V8R27 | Cisco | ACCESS CONTROL |
| NET1675 - SNMP privileged and non-privileged access. | DISA STIG Cisco L2 Switch V8R27 | Cisco | |
| WA060 A22 - A public web server, if hosted on the NIPRNet, must be isolated in an accredited DoD DMZ Extension. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | |
| WA00505 A22 - Web Distributed Authoring and Versioning (WebDAV) must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WA00510 A22 - Web server status module must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WA00520 A22 - The web server must not be configured as a proxy server. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG040 A22 - Public web server resources must not be shared with private assets - exports | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG040 A22 - Public web server resources must not be shared with private assets - hosts.lpd | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG040 A22 - Public web server resources must not be shared with private assets - mnttab | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG050 A22 - The web server password(s) must be entrusted to the SA or Web Manager. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | |
| WG050 W22 - The web server service password(s) must be entrusted to the SA or Web Manager. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | |
| WG080 A22 - Installation of a compiler on production web server is prohibited. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | |
| WG145 A22 - The private web server must use an approved DoD certificate validation process. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | |
| WG204 A22 - A web server must be segregated from other services. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | |
| WG204 A22 - A web server must be segregated from other services. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | |
| WG204 W22 - A web server installation must be segregated from other services. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | |
| WG260 IIS6 - Only fully reviewed and tested web sites must exist on a production web server. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | |
| WG275 W22 - The web server, although started by superuser or privileged account, must run using a non-privileged account. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | |
| WG300 A22 - Web server system files must conform to minimum file permission requirements - apache bin/* | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG300 A22 - Web server system files must conform to minimum file permission requirements - apache/* | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG300 A22 - Web server system files must conform to minimum file permission requirements - config/* | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG300 A22 - Web server system files must conform to minimum file permission requirements - htdocs | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG300 A22 - Web server system files must conform to minimum file permission requirements - logs/* | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG330 A22 - A public web server must limit email to outbound only - netstat | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG350 A22 - A private web server will have a valid DoD server certificate. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | |
| WG350 W22 - A private web server must have a valid DoD server certificate. | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | |
| WG355 A22 - A private web server's list of CAs in a trust hierarchy must lead to an authorized DoD PKI Root CA. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | |
| WG355 IIS6 - A private web site must utilize certificates from a trusted DoD CA. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | |
| WG410 IIS6 - Interactive scripts must have proper access controls. - 'Execute Permissions set 'Script only' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | |
| WG430 A22 - Anonymous FTP user access to interactive scripts is prohibited. | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | |
| WG430 A22 - Anonymous FTP user access to interactive scripts is prohibited. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | |
| WG440 A22 - Monitoring software must include CGI or equivalent programs in its scope. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | |
