| AOSX-14-004020 - The macOS system must authenticate all endpoint devices before establishing a local, remote, and/or network connection using bidirectional authentication that is cryptographically based. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AOSX-15-000008 - The macOS system must be configured with Wi-Fi support software disabled. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| APPL-11-000008 - The macOS system must be configured with Wi-Fi support software disabled. | DISA STIG Apple macOS 11 v1r5 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| APPL-11-000008 - The macOS system must be configured with Wi-Fi support software disabled. | DISA STIG Apple macOS 11 v1r8 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| ARST-ND-000600 - The Arista network device must be configured to synchronize internal system clocks using redundant authenticated time sources. | DISA STIG Arista MLS EOS 4.2x NDM v1r1 | Arista | AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| BIND-9X-001100 - The BIND 9.x server implementation must uniquely identify and authenticate the other DNS server before responding to a server-to-server transaction, zone transfer and/or dynamic update request using cryptographically based bidirectional authentication to protect the integrity of the information in transit - allow-transfer none | DISA BIND 9.x STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| BIND-9X-001100 - The BIND 9.x server implementation must uniquely identify and authenticate the other DNS server before responding to a server-to-server transaction, zone transfer and/or dynamic update request using cryptographically based bidirectional authentication to protect the integrity of the information in transit - master allow-transfer | DISA BIND 9.x STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| BIND-9X-001100 - The BIND 9.x server implementation must uniquely identify and authenticate the other DNS server before responding to a server-to-server transaction, zone transfer and/or dynamic update request using cryptographically based bidirectional authentication to protect the integrity of the information in transit - secondary keys | DISA BIND 9.x STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Disable Wi-Fi Interface | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Wi-Fi Interface | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Wi-Fi Interface | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Wi-Fi Interface | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Wi-Fi Interface | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Wi-Fi Interface | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Wi-Fi Interface | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Wi-Fi Interface | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC). | DISA STIG Cisco IOS-XR Router NDM v2r5 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC). | DISA STIG Cisco IOS Router NDM v2r8 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-001130 - The Cisco switch must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - HMAC | DISA STIG Cisco NX-OS Switch NDM v2r7 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-001130 - The Cisco switch must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC). | DISA STIG Cisco IOS Switch NDM v2r8 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-001150 - The Cisco router must be configured to authenticate Network Time Protocol (NTP) sources using authentication that is cryptographically based. | DISA STIG Cisco IOS Router NDM v2r8 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-001150 - The Cisco router must be configured to authenticate Network Time Protocol (NTP) sources using authentication that is cryptographically based. | DISA STIG Cisco IOS XE Router NDM v2r9 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-001150 - The Cisco router must be configured to authenticate NTP sources using authentication that is cryptographically based. | DISA STIG Cisco IOS-XR Router NDM v2r5 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-001150 - The Cisco switch must be configured to authenticate Network Time Protocol (NTP) sources using authentication that is cryptographically based - NTP sources using authentication that is cryptographically based | DISA STIG Cisco NX-OS Switch NDM v2r7 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-001150 - The Cisco switch must be configured to authenticate Network Time Protocol (NTP) sources using authentication that is cryptographically based. | DISA STIG Cisco IOS Switch NDM v2r8 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-001150 - The Cisco switch must be configured to authenticate Network Time Protocol (NTP) sources using authentication that is cryptographically based. | DISA STIG Cisco IOS XE Switch NDM v2r8 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| DKER-EE-001070 - FIPS mode must be enabled on all Docker Engine - Enterprise nodes - docker info .SecurityOptions | DISA STIG Docker Enterprise 2.x Linux/Unix v2r1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-DM-000110 - The Juniper SRX Services Gateway must authenticate NTP servers before establishing a network connection using bidirectional authentication that is cryptographically based. | DISA Juniper SRX Services Gateway NDM v2r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| PANW-NM-000145 - The Palo Alto Networks security platform must authenticate Network Time Protocol sources - 'Primary NTP Server' | DISA STIG Palo Alto NDM v2r2 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| PANW-NM-000145 - The Palo Alto Networks security platform must authenticate Network Time Protocol sources - 'Secondary NTP Server' | DISA STIG Palo Alto NDM v2r2 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| VCSA-70-000077 - The vCenter Server must enable FIPS-validated cryptography. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCWN-65-006000 - The vCenter Server for Windows must disable SNMPv1. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | IDENTIFICATION AND AUTHENTICATION |
| WN10-CC-000165 - Unauthenticated RPC clients must be restricted from connecting to the RPC server. | DISA Windows 10 STIG v2r8 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-CC-000064-MS - Unauthenticated RPC clients must be restricted from connecting to the RPC server. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN16-MS-000040 - Unauthenticated Remote Procedure Call (RPC) clients must be restricted from connecting to the RPC server. | DISA Windows Server 2016 STIG v2r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN16-SO-000110 - The computer account password must not be prevented from being reset. | DISA Windows Server 2016 STIG v2r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-MS-000040 - Windows Server 2019 must restrict unauthenticated Remote Procedure Call (RPC) clients from connecting to the RPC server on domain-joined member servers and standalone or nondomain-joined systems - RPC clients from connecting to the RPC server on domain-joined member servers and standalone systems. | DISA Windows Server 2019 STIG v2r8 | Windows | IDENTIFICATION AND AUTHENTICATION |
