| 5.123 - Restrict unauthenticated RPC clients. | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 5.124 - Client computers required to authenticate for RPC communication. | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| AMLS-L2-000130 - The Arista Multilayer Switch must authenticate all endpoint devices before establishing a network connection using bidirectional authentication that is cryptographically based - aaa authentication dot1x default group | DISA STIG Arista MLS DCS-7000 Series L2S v1r2 | Arista | IDENTIFICATION AND AUTHENTICATION |
| AMLS-L2-000130 - The Arista Multilayer Switch must authenticate all endpoint devices before establishing a network connection using bidirectional authentication that is cryptographically based - dot1x system-auth-control | DISA STIG Arista MLS DCS-7000 Series L2S v1r2 | Arista | IDENTIFICATION AND AUTHENTICATION |
| AMLS-L2-000140 - The Arista Multilayer Switch must re-authenticate all endpoint devices every 60 minutes or less - dot1x reauthentication | DISA STIG Arista MLS DCS-7000 Series L2S v1r2 | Arista | IDENTIFICATION AND AUTHENTICATION |
| AMLS-L2-000140 - The Arista Multilayer Switch must re-authenticate all endpoint devices every 60 minutes or less - dot1x timeout reauth-period 3600 | DISA STIG Arista MLS DCS-7000 Series L2S v1r2 | Arista | IDENTIFICATION AND AUTHENTICATION |
| APPL-12-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization. | DISA STIG Apple macOS 12 v1r8 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-12-005051 - The macOS system must restrict the ability to utilize external writeable media devices. | DISA STIG Apple macOS 12 v1r8 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| APPL-13-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization. | DISA STIG Apple macOS 13 v1r3 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-ND-000660 - The Arista network device must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC). | DISA STIG Arista MLS EOS 4.2x NDM v1r1 | Arista | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001050 - The Cisco ASA must be configured to authenticate Simple Network Management Protocol (SNMP) messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - group | DISA STIG Cisco ASA NDM v1r6 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001050 - The Cisco ASA must be configured to authenticate Simple Network Management Protocol (SNMP) messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - host | DISA STIG Cisco ASA NDM v1r6 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001050 - The Cisco ASA must be configured to authenticate Simple Network Management Protocol (SNMP) messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - user | DISA STIG Cisco ASA NDM v1r6 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001070 - The Cisco ASA must be configured to encrypt Simple Network Management Protocol (SNMP) messages using a FIPS 140-2 approved algorithm - group | DISA STIG Cisco ASA NDM v1r6 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001070 - The Cisco ASA must be configured to encrypt Simple Network Management Protocol (SNMP) messages using a FIPS 140-2 approved algorithm - host | DISA STIG Cisco ASA NDM v1r6 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001070 - The Cisco ASA must be configured to encrypt Simple Network Management Protocol (SNMP) messages using a FIPS 140-2 approved algorithm - user | DISA STIG Cisco ASA NDM v1r6 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001080 - The Cisco ASA must be configured to authenticate Network Time Protocol sources using authentication that is cryptographically based - md5 | DISA STIG Cisco ASA NDM v1r6 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001080 - The Cisco ASA must be configured to authenticate Network Time Protocol sources using authentication that is cryptographically based - ntp authenticate | DISA STIG Cisco ASA NDM v1r6 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001080 - The Cisco ASA must be configured to authenticate Network Time Protocol sources using authentication that is cryptographically based - ntp server | DISA STIG Cisco ASA NDM v1r6 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001080 - The Cisco ASA must be configured to authenticate Network Time Protocol sources using authentication that is cryptographically based - ntp server prefer | DISA STIG Cisco ASA NDM v1r6 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001080 - The Cisco ASA must be configured to authenticate Network Time Protocol sources using authentication that is cryptographically based - ntp trusted-key | DISA STIG Cisco ASA NDM v1r6 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC). | DISA STIG Cisco IOS XE Router NDM v2r9 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-001130 - The Cisco switch must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC). | DISA STIG Cisco IOS XE Switch NDM v2r8 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| DTOO279 - Outlook - RPC encryption between Outlook and Exchange server must be enforced. | DISA STIG Office 2010 Outlook v1r13 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO279 - RPC encryption between Outlook and Exchange server must be enforced. | DISA STIG Microsoft Outlook 2013 v1r13 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO279 - RPC encryption between Outlook and Exchange server must be enforced. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO280 - Outlook - Authentication with Exchange Server must be required. | DISA STIG Office 2010 Outlook v1r13 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO280 - Outlook must be configured to force authentication when connecting to an Exchange server. | DISA STIG Microsoft Outlook 2013 v1r13 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO280 - Outlook must be configured to force authentication when connecting to an Exchange server. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000210 - The FortiGate device must authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000215 - The FortiGate device must authenticate Network Time Protocol (NTP) sources using authentication that is cryptographically based. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| JUEX-NM-000480 - The Juniper EX switch must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC). | DISA Juniper EX Series Network Device Management v1r4 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUEX-NM-000490 - The Juniper EX switch must use an an NTP service that is hosted by a trusted source or a DOD-compliant enterprise or local NTP server. | DISA Juniper EX Series Network Device Management v1r4 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUNI-ND-001120 - The Juniper router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC). | DISA STIG Juniper Router NDM v2r3 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUNI-ND-001140 - The Juniper router must be configured to authenticate NTP sources using authentication that is cryptographically based | DISA STIG Juniper Router NDM v2r3 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| O365-OU-000001 - The Exchange client authentication with Exchange servers must be enabled to use Kerberos Password Authentication. | DISA STIG Microsoft Office 365 ProPlus v2r11 | Windows | IDENTIFICATION AND AUTHENTICATION |
| O365-OU-000002 - Outlook must use remote procedure call (RPC) encryption to communicate with Microsoft Exchange servers. | DISA STIG Microsoft Office 365 ProPlus v2r11 | Windows | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000240 - Symantec ProxySG must configure SNMPv3 so that cryptographically-based bidirectional authentication is used. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000240 - Symantec ProxySG must configure SNMPv3 so that cryptographically-based bidirectional authentication is used. - snmpv1 | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000240 - Symantec ProxySG must configure SNMPv3 so that cryptographically-based bidirectional authentication is used. - snmpv2c | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000240 - Symantec ProxySG must configure SNMPv3 so that cryptographically-based bidirectional authentication is used. - snmpv3 | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| VCSA-70-000253 - The vCenter server must enforce SNMPv3 security features where SNMP is required. | DISA STIG VMware vSphere 7.0 vCenter v1r2 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCSA-70-000265 - The vCenter server must disable SNMPv1/2 receivers. | DISA STIG VMware vSphere 7.0 vCenter v1r2 | VMware | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001120 - WebSphere Application Server must authenticate all endpoint devices before establishing a local, remote, network connection | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001120 - WebSphere Application Server must authenticate all endpoint devices before establishing a local, remote, network connection | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001120 - WebSphere Application Server must authenticate all endpoint devices before establishing a local, remote, network connection | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN11-CC-000165 - Unauthenticated RPC clients must be restricted from connecting to the RPC server. | DISA Windows 11 STIG v1r5 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-SO-000090 - Windows Server 2019 computer account password must not be prevented from being reset. | DISA Windows Server 2019 STIG v2r8 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-MS-000040 - Windows Server 2022 must restrict unauthenticated Remote Procedure Call (RPC) clients from connecting to the RPC server on domain-joined member servers and standalone or nondomain-joined systems. | DISA Windows Server 2022 STIG v1r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-SO-000090 - Windows Server 2022 computer account password must not be prevented from being reset. | DISA Windows Server 2022 STIG v1r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
