| 1.006-01 - Policy must require that administrative user accounts not be used with applications that access the internet. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| DG0001-ORACLE11 - Vendor supported software is evaluated and patched against newly found vulnerabilities. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| DG0001-ORACLE11 - Vendor supported software is evaluated and patched against newly found vulnerabilities. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0167-ORACLE11 - Sensitive data served by the DBMS should be protected by encryption when transmitted across the network. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DG0167-ORACLE11 - Sensitive data served by the DBMS should be protected by encryption when transmitted across the network. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| DO3630-ORACLE11 - The Oracle Listener should be configured to require administration authentication - 'LSNRCTL Security' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | |
| DO3630-ORACLE11 - The Oracle Listener should be configured to require administration authentication - 'LSNRCTL Security' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | |
| DTBI002 - IE9 - The installed version of IE must be a supported version. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WA000-WI050 IIS6 - Unused and vulnerable script mappings in IIS 6 must be removed. - '.HTR scripting Disallowed' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI050 IIS6 - Unused and vulnerable script mappings in IIS 6 must be removed. - 'Index Server Web Interface Disallowed' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI092 IIS6 - The IIS web site permissions 'Write' or 'Script Source' must not be selected. - 'Script Source permission check' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | ACCESS CONTROL |
| WA000-WI092 IIS6 - The IIS web site permissions 'Write' or 'Script Source' must not be selected. - 'Write permission check' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | ACCESS CONTROL |
| WA000-WI6040 IIS6 - A unique non-privileged account must be used to run Worker Process Identities. - 'AppPoolIdentityType = 3 - WAMUserName' | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | ACCESS CONTROL |
| WA000-WWA054 A22 - Server side includes (SSIs) must run with execution capability disabled - +Includes | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | ACCESS CONTROL |
| WA000-WWA054 A22 - Server side includes (SSIs) must run with execution capability disabled - +Includes | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | ACCESS CONTROL |
| WA000-WWA054 A22 - Server side includes (SSIs) must run with execution capability disabled - None | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | |
| WA000-WWA054 A22 - Server side includes (SSIs) must run with execution capability disabled - None | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | |
| WA000-WWA054 A22 - Server side includes (SSIs) must run with execution capability disabled - Options None | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | |
| WA000-WWA054 A22 - Server side includes (SSIs) must run with execution capability disabled - Options None | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | ACCESS CONTROL |
| WA155 IIS6 - Classified web servers must be afforded physical security commensurate with the classification of its content. | DISA STIG IIS 6.0 Server v6r16 | Windows | CONTINGENCY PLANNING |
| WA155 W22 - Classified web servers will be afforded physical security commensurate with the classification of its content. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | |
| WG190 A22 - Web server software must be a vendor-supported version. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WG190 A22 - Web server software must be a vendor-supported version. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WG190 IIS6 - The web server must use a vendor-supported version of the web server software. | DISA STIG IIS 6.0 Server v6r16 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WG190 W22 - The web server must use a vendor-supported version of the web server software. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WG195 IIS6 - Anonymous access accounts must be restricted. | DISA STIG IIS 6.0 Server v6r16 | Windows | ACCESS CONTROL |
| WG230 A22 - Web server administration must be performed over a secure path or at the local console. | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG230 A22 - Web server administration must be performed over a secure path or at the local console. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG235 A22 - Web Administrators must only use encrypted connections for Document Root directory uploads. | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | |
| WG235 A22 - Web Administrators must only use encrypted connections for Document Root directory uploads. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG235 IIS6 - Web Administrators must secure encrypted connections for Document Root directory uploads. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | |
| WG235 W22 - Web Administrators must only use encrypted connections for Document Root directory uploads. | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | |
| WG290 A22 - Web client access to the content directories must be restricted to read and execute - alias | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | |
| WG290 A22 - Web client access to the content directories must be restricted to read and execute - alias | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG290 A22 - Web client access to the content directories must be restricted to read and execute - script alias | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | |
| WG290 A22 - Web client access to the content directories must be restricted to read and execute - script alias | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG290 A22 - Web client access to the content directories must be restricted to read and execute - script alias match | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | |
| WG290 A22 - Web client access to the content directories must be restricted to read and execute - script alias match | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG360 A22 - Symbolic links must not be used in the web content directory tree - conf | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG360 A22 - Symbolic links must not be used in the web content directory tree - conf | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG360 A22 - Symbolic links must not be used in the web content directory tree - find | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG360 A22 - Symbolic links must not be used in the web content directory tree - find | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG385 A22 - All web server documentation, sample code, example applications, and tutorials must be removed from a production web server. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG385 A22 - All web server documentation, sample code, example applications, and tutorials must be removed from a production web server. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG385 IIS6 - All web server documentation, sample code, example applications, and tutorials must be removed. - 'Inetpub\AdminScripts' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG385 IIS6 - All web server documentation, sample code, example applications, and tutorials must be removed. - 'Inetpub\Iissamples' | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG385 W22 - All web server documentation, sample code, example applications, and tutorials must be removed from a production web server. - 'extra' | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG385 W22 - All web server documentation, sample code, example applications, and tutorials must be removed from a production web server. - 'httpd-manual' | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG385 W22 - All web server documentation, sample code, example applications, and tutorials must be removed from a production web server. - 'printenv' | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG385 W22 - All web server documentation, sample code, example applications, and tutorials must be removed from a production web server. - 'test-cgi' | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
