| 3.044 - The computer account password is prevented from being reset. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 3.054 - Users are not warned in advance that their passwords will expire. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| DG0015-ORACLE11 - Database applications should be restricted from using static DDL statements to modify the application schema. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| DG0019-ORACLE11 - Application software should be owned by a Software Application account - 'Oracle base directory file permissions are correct' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DG0019-ORACLE11 - Application software should be owned by a Software Application account - 'Oracle home directory file permissions are correct' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DG0019-ORACLE11 - Application software should be owned by a Software Application account. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0087-ORACLE11 - Sensitive data should be labeled. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| DG0089-ORACLE11 - Developers should not be assigned excessive privileges on production databases. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| DG0091-ORACLE11 - Custom and GOTS application source code stored in the database should be protected with encryption or encoding. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| DG0104-ORACLE11 - DBMS service identification should be unique and clearly identifies the service - 'All Oracle services use the proper naming' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DG0104-ORACLE11 - DBMS service identification should be unique and clearly identifies the service. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG7002-ORACLE11 - A minimum of two Oracle control files must be defined and configured to be stored on separate, archived disks (physical or virtual) or archived partitions on a RAID device. | DISA STIG Oracle 11 Installation v9r1 Database | OracleDB | CONFIGURATION MANAGEMENT |
| DO0145-ORACLE11 - OS DBA group membership should be restricted to authorized accounts. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DO0145-ORACLE11 - OS DBA group membership should be restricted to authorized accounts. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | ACCESS CONTROL |
| DO0157-ORACLE11 - Database application user accounts should be denied storage usage for object creation within the database. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| DO0221-ORACLE11 - The Oracle SID should not be the default SID - 'No default instance names exist' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | CONFIGURATION MANAGEMENT |
| DO0420-ORACLE11 - The XDB Protocol server should be uninstalled if not required and authorized for use - 'No XDB users exist' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| DO0430-ORACLE11 - The Oracle Management Agent should be uninstalled if not required and authorized or is installed on a database accessible from the Internet. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DO0430-ORACLE11 - The Oracle Management Agent should be uninstalled if not required and authorized or is installed on a database accessible from the Internet. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DO0430-ORACLE11 - The Oracle Management Agent should be uninstalled if not required and authorized or is installed on a database accessible from the Internet. | DISA STIG Oracle 11 Installation v9r1 Database | OracleDB | CONFIGURATION MANAGEMENT |
| DO3447-ORACLE11 - The Oracle OS_AUTHENT_PREFIX parameter should be changed from the default value of OPS$ - 'os_authent_prefix = OPS$' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| DO3685-ORACLE11 - The Oracle O7_DICTIONARY_ACCESSIBILITY parameter should be set to FALSE - 'O7_dictionary_accessibility = false' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| DO6746-ORACLE11 - The Oracle listener.ora file should specify IP addresses rather than host names to identify hosts - '%ORACLE_HOME%\NETWORK\ADMIN\listener.ora HOST does not use hostname' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DO6746-ORACLE11 - The Oracle listener.ora file should specify IP addresses rather than host names to identify hosts - '$ORACLE_HOME/network/admin/listener.ora HOST entroes do not use hostnames' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DTOO137 - Prompts to convert older databases must be enforced. | DISA STIG Microsoft Access 2013 v1r6 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI070 IIS6 - Indexing Services must only index web content. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI120 IIS6 - The Content Location header must not contain proprietary IP addresses. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WWA030 A22 - The httpd.conf MaxSpareServers directive must be set properly. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WA000-WWA030 A22 - The httpd.conf MaxSpareServers directive must be set properly. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG130 A22 - All utility programs, not necessary for operations, must be removed or disabled. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG130 IIS6 - Programs and features not necessary for operations must be removed. | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG130 W22 - All utility programs, not necessary for operations, must be removed or disabled. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG170 W22 - Each readable web document directory must contain either a default, home, index, or equivalent file. | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG420 A22 - Backup interactive scripts on the production web server are prohibited - ??0 | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG420 A22 - Backup interactive scripts on the production web server are prohibited - backup | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG420 A22 - Backup interactive scripts on the production web server are prohibited - bak | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG420 A22 - Backup interactive scripts on the production web server are prohibited - bak | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG420 A22 - Backup interactive scripts on the production web server are prohibited - old | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG420 A22 - Backup interactive scripts on the production web server are prohibited - old | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG420 A22 - Backup interactive scripts on the production web server are prohibited - tmp | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG420 A22 - Backup interactive scripts on the production web server are prohibited - tmp | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG420 IIS6 - Backup interactive scripts must be removed from the web site. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG420 W22 - Backup interactive scripts on the production web server must be prohibited. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG490 A22 - Java software on production web servers must be limited to class files and the JAVA virtual machine - cgi-bin | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG490 A22 - Java software on production web servers must be limited to class files and the JAVA virtual machine - cgi-bin | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG490 A22 - Java software on production web servers must be limited to class files and the JAVA virtual machine - html | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG490 A22 - Java software on production web servers must be limited to class files and the JAVA virtual machine - html | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG490 IIS6 - Java software installed on the web server must be limited to class files and the JAVA virtual machine. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG520 A22 - Web server and/or operating system information must be protected. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG520 A22 - Web server and/or operating system information must be protected. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
