| AMLS-NM-000150 - The Arista Multilayer Switch must automatically audit account removal actions. | DISA STIG Arista MLS DCS-7000 Series NDM v1r4 | Arista | ACCESS CONTROL |
| CASA-ND-000120 - The Cisco ASA must be configured to automatically audit account removal actions - Buffer Enabled | DISA STIG Cisco ASA NDM v2r1 | Cisco | ACCESS CONTROL |
| CASA-ND-000120 - The Cisco ASA must be configured to automatically audit account removal actions - logging enabled | DISA STIG Cisco ASA NDM v2r1 | Cisco | ACCESS CONTROL |
| CISC-ND-000120 - The Cisco router must be configured to automatically audit account removal actions. | DISA STIG Cisco IOS XE Router NDM v3r1 | Cisco | ACCESS CONTROL |
| CISC-ND-000120 - The Cisco router must be configured to automatically audit account removal actions. | DISA STIG Cisco IOS Router NDM v3r1 | Cisco | ACCESS CONTROL |
| CISC-ND-000120 - The Cisco switch must be configured to automatically audit account removal actions. | DISA STIG Cisco NX-OS Switch NDM v3r1 | Cisco | ACCESS CONTROL |
| CISC-ND-000120 - The Cisco switch must be configured to automatically audit account removal actions. | DISA STIG Cisco IOS XE Switch NDM v3r1 | Cisco | ACCESS CONTROL |
| CISC-ND-000120 - The Cisco switch must be configured to automatically audit account removal actions. | DISA STIG Cisco IOS Switch NDM v3r1 | Cisco | ACCESS CONTROL |
| F5BI-DM-000025 - The BIG-IP appliance must automatically audit account removal actions. | DISA F5 BIG-IP Device Management STIG v2r3 | F5 | ACCESS CONTROL |
| FGFW-ND-000020 - The FortiGate device must automatically audit account removal actions | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - '/etc/security/audit/config USER_Remove exists' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - '/etc/security/audit/config USER_Remove exists' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - '/etc/security/audit/events USER_Remove exists' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - '/etc/security/audit/events USER_Remove exists' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - 'groupdel' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - 'groupdel' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - 'User audit class assignments should be reviewed' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - 'User audit class assignments should be reviewed' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - 'userdel' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - 'userdel' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - flags +ua and -ua | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - flags +ua and -ua | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - flags ua | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - flags ua | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - naflags +ua and -ua | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - naflags +ua and -ua | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - naflags ua | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - naflags ua | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| JUNI-ND-000120 - The Juniper router must be configured to automatically audit account removal actions. | DISA STIG Juniper Router NDM v3r1 | Juniper | ACCESS CONTROL |
| JUSX-DM-000018 - For local accounts created on the device, the Juniper SRX Services Gateway must automatically generate log records for account removal events. | DISA Juniper SRX Services Gateway NDM v3r1 | Juniper | ACCESS CONTROL |
| OL6-00-000177 - The operating system must automatically audit account termination - '/etc/group' | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000177 - The operating system must automatically audit account termination - '/etc/gshadow' | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000177 - The operating system must automatically audit account termination - '/etc/passwd' | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000177 - The operating system must automatically audit account termination - '/etc/security/opasswd' | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000177 - The operating system must automatically audit account termination - '/etc/shadow' | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| PHTN-30-000045 - The Photon operating system must audit all account removal actions. | DISA STIG VMware vSphere 7.0 Photon OS v1r3 | Unix | ACCESS CONTROL |
| PHTN-40-000078 The Photon operating system must audit all account removal actions. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL |
| PHTN-67-000047 - The Photon operating system must audit all account removal actions - groupdel | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL |
| PHTN-67-000047 - The Photon operating system must audit all account removal actions - userdel | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL |
| RHEL-06-000177 - The operating system must automatically audit account termination - /etc/group. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000177 - The operating system must automatically audit account termination - /etc/gshadow. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000177 - The operating system must automatically audit account termination - /etc/passwd. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000177 - The operating system must automatically audit account termination - /etc/security/opasswd. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000177 - The operating system must automatically audit account termination - /etc/shadow. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| SOL-11.1-010270 - The operating system must automatically audit account termination. | DISA STIG Solaris 11 SPARC v3r1 | Unix | ACCESS CONTROL |
| SOL-11.1-010270 - The operating system must automatically audit account termination. | DISA STIG Solaris 11 X86 v3r1 | Unix | ACCESS CONTROL |
| UBTU-20-010103 - The Ubuntu operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| UBTU-22-654135 - Ubuntu 22.04 LTS must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| UBTU-22-654145 - Ubuntu 22.04 LTS must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| WN22-AU-000110 - Windows Server 2022 must be configured to audit Account Management - User Account Management successes. | DISA Windows Server 2022 STIG v2r2 | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
