| 1.2.3 Ensure gpgcheck is globally activated - CA that is recognized and approved by the organization. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 1.2.6 Ensure software packages have been digitally signed by a Certificate Authority (CA) - CA that is recognized and approved by the organization. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| 6.1.1 Audit system file permissions | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002064 - The macOS system must have the security assessment policy subsystem enabled. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| DTAVSEL-201 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to receive all patches, service packs and updates from a DoD-managed source. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | CONFIGURATION MANAGEMENT |
| DTAVSEL-201 - The McAfee VirusScan Enterprise must be configured to receive all patches, service packs and updates from a DoD-managed source. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | CONFIGURATION MANAGEMENT |
| DTOO127 - Access - Application add-ins must be signed by Trusted Publisher. | DISA STIG Office 2010 Access v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher | DISA STIG Microsoft Publisher 2016 v1r3 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher | DISA STIG Microsoft Office Access 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft PowerPoint 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft Visio 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft Word 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Add-ins to Office applications must be signed by a Trusted Publisher. | DISA STIG Microsoft Project 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Excel - Application add-ins must be signed by Trusted Publisher. | DISA STIG Office 2010 Excel v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - InfoPath - Application add-ins must be signed by Trusted Publisher. | DISA STIG Office 2010 InfoPath v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - PowerPoint - Application add-ins must be signed by Trusted Publisher. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Publisher - Application add-ins must be signed by Trusted Publisher. | DISA STIG Office 2010 Publisher v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO127 - Word - Application add-ins must be signed by Trusted Publisher. | DISA STIG Office 2010 Word v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Access - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Office 2010 Access v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Excel - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Office 2010 Excel v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - InfoPath - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Office 2010 InfoPath v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - PowerPoint - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Office 2010 PowerPoint v1r11 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Publisher - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Office 2010 Publisher v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked | DISA STIG Microsoft Office Access 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked | DISA STIG Microsoft Publisher 2016 v1r3 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Microsoft Visio 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Microsoft Project 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Microsoft Word 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Microsoft PowerPoint 2016 v1r1 | Windows | CONFIGURATION MANAGEMENT |
| DTOO131 - Word - Trust Bar Notifications for unsigned application add-ins must be blocked. | DISA STIG Office 2010 Word v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO159 - InfoPath - Disabling of Fully Trusted Solutions access to computers must be configured. | DISA STIG Office 2010 InfoPath v1r12 | Windows | CONFIGURATION MANAGEMENT |
| DTOO177 - Office System - Access to updates, add-ins, and patches on Office.com must be disabled. | DISA STIG Office System 2010 v1r13 | Windows | CONFIGURATION MANAGEMENT |
| DTOO297 - InfoPath - A form that is digitally signed must be displayed with a warning. | DISA STIG Office 2010 InfoPath v1r12 | Windows | CONFIGURATION MANAGEMENT |
| PHTN-30-000059 - The Photon operating system RPM package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 7.0 Photon OS v1r3 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000060 - The Photon operating system RPM package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 7.0 Photon OS v1r3 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000061 - The Photon operating system YUM repository must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 7.0 Photon OS v1r3 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000062 - The Photon operating system RPM package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000063 - The Photon operating system RPM package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000064 - The Photon operating system RPM package management tool must cryptographically verify the authenticity of all software packages during installation. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-010019 - The Red Hat Enterprise Linux operating system must ensure cryptographic verification of vendor software packages. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| VCFL-67-000012 - vSphere Client application files must be verified for their integrity. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCLD-67-000015 - VAMI server binaries and libraries must be verified for their integrity. | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-70-000008 - Lookup Service application files must be verified for their integrity. | DISA STIG VMware vSphere 7.0 Lookup Service v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-70-000009 - Lookup Service must only run one webapp. | DISA STIG VMware vSphere 7.0 Lookup Service v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCPF-67-000009 - Performance Charts must only run one web app. | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCPF-70-000008 - Performance Charts application files must be verified for their integrity. | DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1 | Unix | CONFIGURATION MANAGEMENT |
| VCST-67-000009 - The Security Token Service must only run one web app. | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCUI-67-000008 - vSphere UI application files must be verified for their integrity. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCUI-67-000009 - vSphere UI plugins must be authorized before use. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCUI-70-000008 - vSphere UI application files must be verified for their integrity. | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | CONFIGURATION MANAGEMENT |
