CNTR-K8-000270 - The Kubernetes API Server must enable Node,RBAC as the authorization mode. | DISA STIG Kubernetes v1r11 | Unix | ACCESS CONTROL |
CNTR-K8-000300 - The Kubernetes Scheduler must have secure binding. | DISA STIG Kubernetes v1r11 | Unix | ACCESS CONTROL |
CNTR-K8-000310 - The Kubernetes Controller Manager must have secure binding. | DISA STIG Kubernetes v1r11 | Unix | ACCESS CONTROL |
CNTR-K8-000320 - The Kubernetes API server must have the insecure port flag disabled. | DISA STIG Kubernetes v1r11 | Unix | ACCESS CONTROL |
CNTR-K8-000330 - The Kubernetes Kubelet must have the 'readOnlyPort' flag disabled - readOnlyPort flag disabled. | DISA STIG Kubernetes v1r11 | Unix | ACCESS CONTROL |
CNTR-K8-000340 - The Kubernetes API server must have the insecure bind address not set. | DISA STIG Kubernetes v1r11 | Unix | ACCESS CONTROL |
CNTR-K8-000370 - The Kubernetes Kubelet must have anonymous authentication disabled. | DISA STIG Kubernetes v1r11 | Unix | ACCESS CONTROL |
CNTR-K8-000430 - Kubernetes Kubectl cp command must give expected access and results. | DISA STIG Kubernetes v1r11 | Unix | ACCESS CONTROL |
CNTR-K8-000440 - The Kubernetes kubelet staticPodPath must not enable static pods. | DISA STIG Kubernetes v1r11 | Unix | ACCESS CONTROL |
CNTR-K8-000450 - Kubernetes DynamicAuditing must not be enabled - manifest | DISA STIG Kubernetes v1r11 | Unix | ACCESS CONTROL |
CNTR-K8-000470 - The Kubernetes API server must have Alpha APIs disabled. | DISA STIG Kubernetes v1r11 | Unix | ACCESS CONTROL |
EX13-EG-000010 - Exchange servers must use approved DoD certificates. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r5 | Windows | ACCESS CONTROL |
F5BI-AP-000240 - The F5 BIG-IP appliance must enforce approved authorizations for logical access to resources by explicitly configuring assigned resources with an authorization list. | DISA F5 BIG-IP Access Policy Manager STIG v2r3 | F5 | ACCESS CONTROL |
JUEX-NM-000060 - The Juniper EX switch must be configured to assign appropriate user roles or access levels to authenticated users. | DISA Juniper EX Series Network Device Management v1r4 | Juniper | ACCESS CONTROL |
MADB-10-000300 - MariaDB must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | DISA MariaDB Enterprise 10.x v1r2 DB | MySQLDB | ACCESS CONTROL |
MD4X-00-001700 - MongoDB must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | DISA STIG MongoDB Enterprise Advanced 4.x v1r2 DB | MongoDB | ACCESS CONTROL |
OL07-00-010483 - Oracle Linux operating systems version 7.2 or newer booted with a BIOS must have a unique name for the grub superusers account when booting into single-user and maintenance modes. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL |
OL07-00-010492 - Oracle Linux operating systems version 7.2 or newer booted with United Extensible Firmware Interface (UEFI) must have a unique name for the grub superusers account when booting into single-user mode and maintenance. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL |
OL08-00-010140 - OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance - UEFI must require authentication upon booting into single-user mode and maintenance | DISA Oracle Linux 8 STIG v1r8 | Unix | ACCESS CONTROL |
OL08-00-010150 - OL 8 operating systems booted with a BIOS must require authentication upon booting into single-user and maintenance modes. | DISA Oracle Linux 8 STIG v1r8 | Unix | ACCESS CONTROL |
OL08-00-010152 - OL 8 operating systems must require authentication upon booting into emergency mode. | DISA Oracle Linux 8 STIG v1r8 | Unix | ACCESS CONTROL |
RHEL-07-010492 - Red Hat Enterprise Linux operating systems version 7.2 or newer booted with United Extensible Firmware Interface (UEFI) must have a unique name for the grub superusers account when booting into single-user mode and maintenance. | DISA Red Hat Enterprise Linux 7 STIG v3r14 | Unix | ACCESS CONTROL |
RHEL-08-010140 - RHEL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance. | DISA Red Hat Enterprise Linux 8 STIG v1r13 | Unix | ACCESS CONTROL |
RHEL-08-010149 - RHEL 8 operating systems booted with a BIOS must require a unique superusers name upon booting into single-user and maintenance modes. | DISA Red Hat Enterprise Linux 8 STIG v1r13 | Unix | ACCESS CONTROL |
RHEL-08-010151 - RHEL 8 operating systems must require authentication upon booting into rescue mode. | DISA Red Hat Enterprise Linux 8 STIG v1r13 | Unix | ACCESS CONTROL |
RHEL-08-010152 - RHEL 8 operating systems must require authentication upon booting into emergency mode. | DISA Red Hat Enterprise Linux 8 STIG v1r13 | Unix | ACCESS CONTROL |
RHEL-09-212020 - RHEL 9 must require a unique superusers name upon booting into single-user and maintenance modes. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | ACCESS CONTROL |
RHEL-09-611195 - RHEL 9 must require authentication to access emergency mode. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | ACCESS CONTROL |
SLES-15-010190 - SUSE operating systems with a basic input/output system (BIOS) must require authentication upon booting into single-user and maintenance modes. | DISA SLES 15 STIG v1r12 | Unix | ACCESS CONTROL |
SQL4-00-002000 - SQL Server must enforce approved authorizations for logical access to information and database-level system resources in accordance with applicable access control policies. | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | ACCESS CONTROL |
SYMP-NM-000030 - Symantec ProxySG must configure Web Management Console access restrictions to authorized IP address/ranges. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | ACCESS CONTROL |
UBTU-20-010009 - Ubuntu operating systems when booted must require authentication upon booting into single-user and maintenance modes. | DISA STIG Ubuntu 20.04 LTS v1r7 | Unix | ACCESS CONTROL |
WBSP-AS-000211 - The WebSphere Application Server Java 2 security must be enabled. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | ACCESS CONTROL |
WBSP-AS-000211 - The WebSphere Application Server Java 2 security must be enabled. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | ACCESS CONTROL |
WBSP-AS-000211 - The WebSphere Application Server Java 2 security must be enabled. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | ACCESS CONTROL |
WBSP-AS-000212 - The WebSphere Application Server Java 2 security must not be bypassed. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | ACCESS CONTROL |
WINUR-000017 - The Deny access to this computer from the network user right on workstations must be configured - Domain | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
WINUR-000017 - The Deny access to this computer from the network user right on workstations must be configured - guests | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
WINUR-000020 - The Deny log on locally user rightmust be configured to prevent access from highly privileged accounts. - Domain | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
WN11-UR-000010 - The 'Access this computer from the network' user right must only be assigned to the Administrators and Remote Desktop Users groups - Access this computer from the network user right must only be assigned to the Administrators and Remote Desktop Users groups. | DISA Windows 11 STIG v1r5 | Windows | ACCESS CONTROL |
WN11-UR-000025 - The 'Allow log on locally' user right must only be assigned to the Administrators and Users groups - Allow log on locally user right must only be assigned to the Administrators and Users groups. | DISA Windows 11 STIG v1r5 | Windows | ACCESS CONTROL |
WN11-UR-000070 - The 'Deny access to this computer from the network' user right on workstations must be configured to prevent access from highly privileged domain accounts and local accounts on domain systems and unauthenticated access on all systems - Deny access to this computer from the network user right on workstations must be configured to prevent access from highly privileged domain accounts and local accounts on domain systems and unauthenticated access on all systems. | DISA Windows 11 STIG v1r5 | Windows | ACCESS CONTROL |
WN11-UR-000075 - The 'Deny log on as a batch job' user right on domain-joined workstations must be configured to prevent access from highly privileged domain accounts - Deny log on as a batch job user right on domain-joined workstations must be configured to prevent access from highly privileged domain accounts. | DISA Windows 11 STIG v1r5 | Windows | ACCESS CONTROL |
WN22-00-000130 - Windows Server 2022 local volumes must use a format that supports NTFS attributes. | DISA Windows Server 2022 STIG v1r4 | Windows | ACCESS CONTROL |
WN22-00-000180 - Windows Server 2022 nonadministrative accounts or groups must only have print permissions on printer shares. | DISA Windows Server 2022 STIG v1r4 | Windows | ACCESS CONTROL |
WN22-DC-000380 - Windows Server 2022 Deny log on as a batch job user right on domain controllers must be configured to prevent unauthenticated access. | DISA Windows Server 2022 STIG v1r4 | Windows | ACCESS CONTROL |
WN22-DC-000390 - Windows Server 2022 Deny log on as a service user right must be configured to include no accounts or groups (blank) on domain controllers. | DISA Windows Server 2022 STIG v1r4 | Windows | ACCESS CONTROL |
WN22-MS-000070 - Windows Server 2022 Access this computer from the network user right must only be assigned to the Administrators and Authenticated Users groups on domain-joined member servers and standalone or nondomain-joined systems. | DISA Windows Server 2022 STIG v1r4 | Windows | ACCESS CONTROL |
WN22-MS-000100 - Windows Server 2022 Deny log on as a service user right on domain-joined member servers must be configured to prevent access from highly privileged domain accounts. No other groups or accounts must be assigned this right. | DISA Windows Server 2022 STIG v1r4 | Windows | ACCESS CONTROL |
WN22-MS-000110 - Windows Server 2022 Deny log on locally user right on domain-joined member servers must be configured to prevent access from highly privileged domain accounts and from unauthenticated access on all systems. | DISA Windows Server 2022 STIG v1r4 | Windows | ACCESS CONTROL |