DG0076-ORACLE11 - Sensitive information from production database exports must be modified before import to a development database. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | |
DG0146-ORACLE11 - Audit records should include the reason for blacklisting or disabling DBMS connections or accounts. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | |
DTBI010 - First Run Customize settings must be enabled as home page. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
DTBI031 - The Java Permissions must be disallowed (Internet zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
DTBI038 - Launching programs and files in IFRAME must be disallowed (Internet zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
DTBI039 - Navigating windows and frames across different domains must be disallowed (Internet zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | ACCESS CONTROL |
DTBI046 - Logon options must be configured to prompt (Internet zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
DTBI119 - File downloads must be disallowed (Restricted Site zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
DTBI126 - Functionality to drag and drop or copy and paste files must be disallowed (Restricted Sites zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
DTBI128 - Launching programs and files in IFRAME must be disallowed (Restricted Sites zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
DTBI134 - Clipboard operations via script must be disallowed (Restricted Sites zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
DTBI136 - Logon options must be configured and enforced (Restricted Sites zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
DTBI300 - Configuring History setting must be set to 40 days - History | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | AUDIT AND ACCOUNTABILITY |
DTBI612 - Internet Explorer Processes for Zone Elevation must be enforced (Explorer). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
DTBI630 - Internet Explorer Processes for Restrict File Download must be enforced (Reserved). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
DTBI635 - Internet Explorer Processes for Restrict File Download must be enforced (Explorer). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
DTBI670 - Scripting of Java applets must be disallowed (Restricted Sites zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
DTBI770 - Deleting web sites that the user has visited must be disallowed. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | AUDIT AND ACCOUNTABILITY |
DTBI800 - Scripting of Internet Explorer web browser control property must be disallowed (Internet zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
DTBI810 - When uploading files to a server, the local directory path must be excluded (Internet zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
WA00505 A22 - Web Distributed Authoring and Versioning (WebDAV) must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
WA00510 A22 - Web server status module must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
WA00520 A22 - The web server must not be configured as a proxy server. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
WA00540 A22 - The web server must be configured to explicitly deny access to the OS root - Deny | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | ACCESS CONTROL |
WA00540 A22 - The web server must be configured to explicitly deny access to the OS root - Order | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | ACCESS CONTROL |
WA00545 A22 - Web server options for the OS root must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
WA00547 A22 - The ability to override the access configuration for the OS root directory must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
WA00550 A22 - The TRACE method must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
WA00555 A22 - The web server must be configured to listen on a specific IP address and port - 0.0.0.0:80 | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
WA00555 A22 - The web server must be configured to listen on a specific IP address and port - 80 | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
WA00555 A22 - The web server must be configured to listen on a specific IP address and port - listen | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
WA00560 A22 - The URL-path name must be set to the file path name or the directory path name. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
WA00605 A22 - Error logging must be enabled. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
WA00612 A22 - The sites error logs must log the correct format. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
WG040 A22 - Public web server resources must not be shared with private assets - mnttab | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
WG040 A22 - Public web server resources must not be shared with private assets - sharetab | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
WG110 A22 - The number of allowed simultaneous requests must be set. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
WG140 A22 - Private web servers must require certificates issued from a DoD-authorized Certificate Authority. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
WG205 A22 - The web document (home) directory must be in a separate partition from the web server's system files. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
WG210 A22 - Web content directories must not be anonymously shared. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | ACCESS CONTROL |
WG237 A22 - Remote authors or content providers must have all files scanned for viruses and malicious code before uploading files to the Document Root directory. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
WG240 A22 - Logs of web server access and errors must be established and maintained | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
WG250 A22 - Log file access must be restricted to System Administrators, Web Administrators or Auditors. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
WG255 A22 - Access to the web server log files must be restricted to administrators, web administrators, and auditors. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
WG260 A22 - Only web sites that have been fully reviewed and tested must exist on a production web server. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
WG300 A22 - Web server system files must conform to minimum file permission requirements - config | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
WG340 A22 - A private web server must utilize an approved TLS version - SSLEngine | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
WG340 A22 - A private web server must utilize an approved TLS version - SSLProtocol | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
WG370 A22 - MIME types for csh or sh shell programs must be disabled - Action | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
WG370 A22 - MIME types for csh or sh shell programs must be disabled - AddHandler | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |