DTBI425 - Java permissions must be disallowed (Local Machine zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
DTBI430 - Java permissions must be disallowed (Locked Down Local Machine zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
DTBI450 - Java permissions must be disallowed (Locked Down Restricted Sites zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
DTBI755 - Browser Geolocation functionality must be disallowed. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
DTBI760 - Browser must retain history on exit. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | ACCESS CONTROL |
DTBI840 - Cross-Site Scripting (XSS) Filter must be enforced (Internet zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
DTBI860 - When uploading files to a server, the local directory path must be excluded (Restricted Sites zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
DTBI890 - Cross-Site Scripting (XSS) Filter property must be enforced (Restricted Site zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
DTBI910 - Status bar updates via script must be disallowed (Internet zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
DTBI950 - Status bar updates via script must be disallowed (Restricted Site zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
WA00500 W22 - Active software modules must be minimized. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
WA00515 W22 - Automatic directory indexing must be disabled. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
WA00520 W22 - The web server must not be configured as a proxy server. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
WA00525 W22 - User specific directories must not be globally enabled. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
WA00540 W22 - The web server must be configured to explicitly deny access to the OS root. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
WA00545 W22 - Web server options for the OS root must be disabled. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
WA00547 W22 - The ability to override the access configuration for the OS root directory must be disabled. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
WA00550 W22 - The TRACE method must be disabled. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
WA00555 W22 - The web server must be configured to listen on a specific IP address and port. - '[::ffff:0.0.0.0]:80' | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
WA00555 W22 - The web server must be configured to listen on a specific IP address and port. - '0.0.0.0:80' | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
WA00555 W22 - The web server must be configured to listen on a specific IP address and port. - 'Listen directive exists' | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
WG145 W22 - The private web server must use an approved DoD certificate validation process. - 'SSLCARevocationFile' | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WG170 IIS6 - Each readable web document directory must contain a default, home, index or equivalent file. - 'EnableDefaultDoc set to True' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
WG205 IIS6 - The web document (home) directory must be on a separate partition from the web servers system files. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
WG220 W22 - Web administration tools must be restricted to the web manager and the web manager's designees. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
WG237 W22 - Remote authors or content providers must have all files scanned for malware before uploading files to the Document Root directory. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | SYSTEM AND INFORMATION INTEGRITY |
WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\AdminScripts' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\ftproot' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\ftproot\ftpfiles' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\wwwroot' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\wwwroot\docs' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\inetpub\wwwroot\scripts' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
WG300 IIS6 - Web server system files must conform to minimum file permission requirements. - '\system32\inetsrv' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
WG300 W22 - Web server system files must conform to minimum file permission requirements. - 'ServerRoot' | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
WG310 IIS6 - A web site must not contain a robots.txt file. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
WG330 W22 - A public web server must limit e-mail to outbound only. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
WG340 IIS6 - A private web server must utilize an approved TLS version. - 'SSL 3.0\Server' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WG340 IIS6 - A private web server must utilize an approved TLS version. - 'TLS 1.0\Client' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WG340 IIS6 - A private web server must utilize an approved TLS version. - 'TLS 1.0\Server' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'PCT 1.0 Server' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'SSL 2.0 Client' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'SSL 2.0 Server' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'SSL 3.0 Client' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'TLS 1.0 Client' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WG342 IIS6 - Public web servers must use TLS if authentication is required. - 'TLS 1.0 Server' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WG410 IIS6 - Interactive scripts must have proper access controls. - 'Enable Parent Paths set to False' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WG410 IIS6 - Interactive scripts must have proper access controls. - 'Virtual Directories - ASP Default Language set to VBScript' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WG410 IIS6 - Interactive scripts must have proper access controls. - 'Virtual Directories - Enable Parent Paths set to False' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
WG440 W22 - Monitoring software must include CGI or equivalent programs in its scope. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | SYSTEM AND INFORMATION INTEGRITY |
WG460 IIS6 - PERL scripts must use the TAINT option. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND INFORMATION INTEGRITY |