| 5.123 - Restrict unauthenticated RPC clients. | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 5.124 - Client computers required to authenticate for RPC communication. | DISA Windows Vista STIG v6r41 | Windows | IDENTIFICATION AND AUTHENTICATION |
| AMLS-L2-000140 - The Arista Multilayer Switch must re-authenticate all endpoint devices every 60 minutes or less - dot1x timeout reauth-period 3600 | DISA STIG Arista MLS DCS-7000 Series L2S v1r3 | Arista | IDENTIFICATION AND AUTHENTICATION |
| APPL-12-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization. | DISA STIG Apple macOS 12 v1r9 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-12-005051 - The macOS system must restrict the ability to utilize external writeable media devices. | DISA STIG Apple macOS 12 v1r9 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| APPL-13-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization. | DISA STIG Apple macOS 13 v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-ND-000660 - The Arista network device must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC). | DISA STIG Arista MLS EOS 4.2x NDM v2r1 | Arista | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001050 - The Cisco ASA must be configured to authenticate Simple Network Management Protocol (SNMP) messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - group | DISA STIG Cisco ASA NDM v2r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001050 - The Cisco ASA must be configured to authenticate Simple Network Management Protocol (SNMP) messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - host | DISA STIG Cisco ASA NDM v2r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001050 - The Cisco ASA must be configured to authenticate Simple Network Management Protocol (SNMP) messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) - user | DISA STIG Cisco ASA NDM v2r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001070 - The Cisco ASA must be configured to encrypt Simple Network Management Protocol (SNMP) messages using a FIPS 140-2 approved algorithm - group | DISA STIG Cisco ASA NDM v2r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001070 - The Cisco ASA must be configured to encrypt Simple Network Management Protocol (SNMP) messages using a FIPS 140-2 approved algorithm - host | DISA STIG Cisco ASA NDM v2r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001070 - The Cisco ASA must be configured to encrypt Simple Network Management Protocol (SNMP) messages using a FIPS 140-2 approved algorithm - user | DISA STIG Cisco ASA NDM v2r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001080 - The Cisco ASA must be configured to authenticate Network Time Protocol sources using authentication that is cryptographically based - md5 | DISA STIG Cisco ASA NDM v2r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001080 - The Cisco ASA must be configured to authenticate Network Time Protocol sources using authentication that is cryptographically based - ntp authenticate | DISA STIG Cisco ASA NDM v2r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001080 - The Cisco ASA must be configured to authenticate Network Time Protocol sources using authentication that is cryptographically based - ntp server | DISA STIG Cisco ASA NDM v2r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001080 - The Cisco ASA must be configured to authenticate Network Time Protocol sources using authentication that is cryptographically based - ntp server prefer | DISA STIG Cisco ASA NDM v2r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CASA-ND-001080 - The Cisco ASA must be configured to authenticate Network Time Protocol sources using authentication that is cryptographically based - ntp trusted-key | DISA STIG Cisco ASA NDM v2r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-001130 - The Cisco router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC). | DISA STIG Cisco IOS XE Router NDM v3r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-001150 - The Cisco router must be configured to authenticate NTP sources using authentication that is cryptographically based. | DISA STIG Cisco IOS-XR Router NDM v3r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| CISC-ND-001150 - The Cisco switch must be configured to authenticate Network Time Protocol (NTP) sources using authentication that is cryptographically based. | DISA STIG Cisco NX-OS Switch NDM v3r1 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| DTOO279 - Outlook - RPC encryption between Outlook and Exchange server must be enforced. | DISA STIG Office 2010 Outlook v1r13 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO279 - RPC encryption between Outlook and Exchange server must be enforced. | DISA STIG Microsoft Outlook 2013 v1r13 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO279 - RPC encryption between Outlook and Exchange server must be enforced. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO280 - Outlook - Authentication with Exchange Server must be required. | DISA STIG Office 2010 Outlook v1r13 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO280 - Outlook must be configured to force authentication when connecting to an Exchange server. | DISA STIG Microsoft Outlook 2013 v1r13 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DTOO280 - Outlook must be configured to force authentication when connecting to an Exchange server. | DISA STIG Microsoft Outlook 2016 v2r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| ESXI-80-000145 The ESXi host must enable bidirectional Challenge-Handshake Authentication Protocol (CHAP) authentication for Internet Small Computer Systems Interface (iSCSI) traffic. | DISA VMware vSphere 8.0 ESXi STIG v2r1 | VMware | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000210 - The FortiGate device must authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC) | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000215 - The FortiGate device must authenticate Network Time Protocol (NTP) sources using authentication that is cryptographically based. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| JUEX-NM-000480 - The Juniper EX switch must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC). | DISA Juniper EX Series Network Device Management v2r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUEX-NM-000490 - The Juniper EX switch must use an an NTP service that is hosted by a trusted source or a DOD-compliant enterprise or local NTP server. | DISA Juniper EX Series Network Device Management v2r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUNI-ND-001120 - The Juniper router must be configured to authenticate SNMP messages using a FIPS-validated Keyed-Hash Message Authentication Code (HMAC). | DISA STIG Juniper Router NDM v3r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| PANW-NM-000145 - The Palo Alto Networks security platform must authenticate Network Time Protocol sources - 'Primary NTP Server' | DISA STIG Palo Alto NDM v3r1 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| PANW-NM-000145 - The Palo Alto Networks security platform must authenticate Network Time Protocol sources - 'Secondary NTP Server' | DISA STIG Palo Alto NDM v3r1 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000240 - Symantec ProxySG must configure SNMPv3 so that cryptographically-based bidirectional authentication is used. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000240 - Symantec ProxySG must configure SNMPv3 so that cryptographically-based bidirectional authentication is used. - snmpv1 | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000240 - Symantec ProxySG must configure SNMPv3 so that cryptographically-based bidirectional authentication is used. - snmpv2c | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000240 - Symantec ProxySG must configure SNMPv3 so that cryptographically-based bidirectional authentication is used. - snmpv3 | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| VCSA-70-000253 - The vCenter server must enforce SNMPv3 security features where SNMP is required. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCSA-70-000265 - The vCenter server must disable SNMPv1/2 receivers. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCSA-80-000253 The vCenter server must enforce SNMPv3 security features where SNMP is required. | DISA VMware vSphere 8.0 vCenter STIG v2r1 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCSA-80-000265 The vCenter server must disable SNMPv1/2 receivers. | DISA VMware vSphere 8.0 vCenter STIG v2r1 | VMware | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001120 - WebSphere Application Server must authenticate all endpoint devices before establishing a local, remote, network connection | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001120 - WebSphere Application Server must authenticate all endpoint devices before establishing a local, remote, network connection | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001120 - WebSphere Application Server must authenticate all endpoint devices before establishing a local, remote, network connection | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WN11-CC-000165 - Unauthenticated RPC clients must be restricted from connecting to the RPC server. | DISA Windows 11 STIG v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN16-SO-000110 - The computer account password must not be prevented from being reset. | DISA Windows Server 2016 STIG v2r9 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-MS-000040 - Windows Server 2022 must restrict unauthenticated Remote Procedure Call (RPC) clients from connecting to the RPC server on domain-joined member servers and standalone or nondomain-joined systems. | DISA Windows Server 2022 STIG v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN22-SO-000090 - Windows Server 2022 computer account password must not be prevented from being reset. | DISA Windows Server 2022 STIG v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
