| DG0019-ORACLE11 - Application software should be owned by a Software Application account - 'Oracle home directory file permissions are correct' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DG0019-ORACLE11 - Application software should be owned by a Software Application account. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0104-ORACLE11 - DBMS service identification should be unique and clearly identifies the service - 'All Oracle services use the proper naming' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DO0145-ORACLE11 - OS DBA group membership should be restricted to authorized accounts. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DO0430-ORACLE11 - The Oracle Management Agent should be uninstalled if not required and authorized or is installed on a database accessible from the Internet. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DO0430-ORACLE11 - The Oracle Management Agent should be uninstalled if not required and authorized or is installed on a database accessible from the Internet. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DTBI367 - Internet Explorer must be configured to make Proxy settings per user. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | ACCESS CONTROL |
| DTBI697 - Ability for users to enable or disable add-ons must be enforced. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | ACCESS CONTROL |
| DTBI750 - Updates to web site lists from Microsoft must be disallowed. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
| NET0720 - TCP and UDP small server services are not disabled - 'service tcp-small-servers' | DISA STIG Cisco L2 Switch V8R27 | Cisco | CONFIGURATION MANAGEMENT |
| NET0722 - The PAD service is enabled. | DISA STIG Cisco L2 Switch V8R27 | Cisco | CONFIGURATION MANAGEMENT |
| NET0724 - TCP Keep-Alives must be enabled. | DISA STIG Cisco L2 Switch V8R27 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| NET0812 - Two NTP servers are not used to synchronize time - 'ntp multicast client MULTICAST_IP_1' | DISA STIG Cisco L2 Switch V8R27 | Cisco | CONFIGURATION MANAGEMENT |
| NET0812 - Two NTP servers are not used to synchronize time - 'ntp update-calendar' | DISA STIG Cisco L2 Switch V8R27 | Cisco | AUDIT AND ACCOUNTABILITY |
| NET0820 - DNS servers must be defined for client resolver. | DISA STIG Cisco L2 Switch V8R27 | Cisco | CONFIGURATION MANAGEMENT |
| NET1021 - The network element must log all messages except debugging - 'Logging buffered' | DISA STIG Cisco L2 Switch V8R27 | Cisco | AUDIT AND ACCOUNTABILITY |
| NET1021 - The network element must log all messages except debugging - 'Logging console notifications' | DISA STIG Cisco L2 Switch V8R27 | Cisco | AUDIT AND ACCOUNTABILITY |
| NET1021 - The network element must log all messages except debugging - 'Logging trap' | DISA STIG Cisco L2 Switch V8R27 | Cisco | AUDIT AND ACCOUNTABILITY |
| NET1021 - The network element must log all messages except debugging - 'No logging trap' | DISA STIG Cisco L2 Switch V8R27 | Cisco | AUDIT AND ACCOUNTABILITY |
| NET1021 - The network element must log all messages except debugging- 'Debugging on' | DISA STIG Cisco L2 Switch V8R27 | Cisco | AUDIT AND ACCOUNTABILITY |
| NET1021 - The network element must log all messages except debugging- 'Logging on' | DISA STIG Cisco L2 Switch V8R27 | Cisco | AUDIT AND ACCOUNTABILITY |
| NET1629 - The auxiliary port is not disabled | DISA STIG Cisco L2 Switch V8R27 | Cisco | CONFIGURATION MANAGEMENT |
| NET1640 - Management connections must be logged - logging on | DISA STIG Cisco L2 Switch V8R27 | Cisco | AUDIT AND ACCOUNTABILITY |
| NET1640 - Management connections must be logged - login failure | DISA STIG Cisco L2 Switch V8R27 | Cisco | AUDIT AND ACCOUNTABILITY |
| NET1640 - Management connections must be logged - login success | DISA STIG Cisco L2 Switch V8R27 | Cisco | AUDIT AND ACCOUNTABILITY |
| WA000-WI070 IIS6 - Indexing Services must only index web content. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA120 IIS6 - Administrative users and groups with access privilege to the web server must be documented. | DISA STIG IIS 6.0 Server v6r16 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WA140 IIS6 - Web server content and configuration files must be part of a routine backup program. | DISA STIG IIS 6.0 Server v6r16 | Windows | CONTINGENCY PLANNING |
| WG130 A22 - All utility programs, not necessary for operations, must be removed or disabled. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG130 IIS6 - Programs and features not necessary for operations must be removed. | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG130 W22 - All utility programs, not necessary for operations, must be removed or disabled. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG170 A22 - Each readable web document directory must contain either a default, home, index, or equivalent file. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG265 A22 - The required DoD banner page must be displayed to authenticated users accessing a DoD private website. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | ACCESS CONTROL |
| WG265 A22 - The required DoD banner page must be displayed to authenticated users accessing a DoD private website. | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | ACCESS CONTROL |
| WG265 IIS6 - The required DoD banner page must be displayed to authenticated users accessing a DoD private website. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | ACCESS CONTROL |
| WG265 W22 - The required DoD banner page must be displayed to authenticated users accessing a DoD private website. | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | ACCESS CONTROL |
| WG420 A22 - Backup interactive scripts on the production web server are prohibited - ??0 | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG420 A22 - Backup interactive scripts on the production web server are prohibited - backup | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG420 W22 - Backup interactive scripts on the production web server must be prohibited. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG490 W22 - Java software on production web servers must be limited to class files and the JAVA virtual machine. - 'Alias - *.java' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG490 W22 - Java software on production web servers must be limited to class files and the JAVA virtual machine. - 'Alias - *.jpp' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG490 W22 - Java software on production web servers must be limited to class files and the JAVA virtual machine. - 'DocumentRoot - *.java' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG490 W22 - Java software on production web servers must be limited to class files and the JAVA virtual machine. - 'DocumentRoot - *.jpp' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG490 W22 - Java software on production web servers must be limited to class files and the JAVA virtual machine. - 'ScriptAlias - *.java' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG490 W22 - Java software on production web servers must be limited to class files and the JAVA virtual machine. - 'ScriptAlias - *.jpp' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG490 W22 - Java software on production web servers must be limited to class files and the JAVA virtual machine. - 'ScriptAlias_Match - *.java' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG490 W22 - Java software on production web servers must be limited to class files and the JAVA virtual machine. - 'ScriptAlias_Match - *.jpp' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG520 IIS6 - Web server and/or operating system information must be protected. | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG520 W22 - Web server and/or operating system information must be protected. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG610 A22 - Web sites must utilize ports, protocols, and services according to PPSM guidelines. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
