| ADBP-XI-001305 - Adobe Acrobat Pro XI Webmail must be disabled. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | CONFIGURATION MANAGEMENT |
| ADBP-XI-001310 - The Adobe Acrobat Pro XI Welcome Screen must be disabled. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | CONFIGURATION MANAGEMENT |
| AIOS-17-008400 - Apple iOS/iPadOS 17 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | ACCESS CONTROL |
| AIOS-17-010900 - Apple iOS/iPadOS 17 must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | ACCESS CONTROL |
| AIOS-17-010950 - Apple iOS/iPadOS 17 must implement the management setting: require passcode for incoming Airplay connection requests. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | ACCESS CONTROL |
| AIOS-17-011800 - Apple iOS/iPadOS 17 must implement the management setting: force Apple Watch wrist detection. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-012300 - Apple iOS/iPadOS 17 must not allow managed apps to write contacts to unmanaged contacts accounts. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-710900 - Apple iOS/iPadOS 17 must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1 | MDM | ACCESS CONTROL |
| APPL-11-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization - DisableBluetooth | DISA STIG Apple macOS 11 v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-11-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization - HiddenPreferencePanes | DISA STIG Apple macOS 11 v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-12-002009 - The macOS system must be configured to disable AirDrop. | DISA STIG Apple macOS 12 v1r9 | Unix | CONFIGURATION MANAGEMENT |
| APPL-12-005053 - The macOS system must restrict the ability of individuals to write to external optical media. | DISA STIG Apple macOS 12 v1r9 | Unix | CONFIGURATION MANAGEMENT |
| APPL-13-005053 - The macOS system must restrict the ability of individuals to write to external optical media. | DISA STIG Apple macOS 13 v1r4 | Unix | CONFIGURATION MANAGEMENT |
| APPL-14-004050 - The macOS system must configure install.log retention to 365. | DISA Apple macOS 14 (Sonoma) STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| ARST-L2-000230 - The Arista MLS layer 2 switch must not have any switch ports assigned to the native VLAN. | DISA STIG Arista MLS EOS 4.2x L2S v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000070 - The Arista Multicast Source Discovery Protocol (MSDP) router must be configured to filter received source-active multicast advertisements for any undesirable multicast groups and sources. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| ARST-RT-000140 - The Arista multicast edge router must be configured to establish boundaries for administratively scoped multicast traffic. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| ARST-RT-000150 - The Arista router must be configured to have all inactive interfaces disabled. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| ARST-RT-000520 - The Arista router must be configured to have IP directed broadcast disabled on all interfaces. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| Configuring a pre-login or post-login message banner for the BIG-IP or Enterprise Manager system - Banner Enabled | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| ESXI-67-000002 - The ESXi host must verify the DCUI.Access list. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-67-000067 - All ESXi host-connected physical switch ports must be configured with spanning tree disabled. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-80-000207 The ESXi host Secure Shell (SSH) daemon must be configured to not allow gateway ports. | DISA VMware vSphere 8.0 ESXi STIG OS v2r1 | Unix | CONFIGURATION MANAGEMENT |
| KNOX-07-000200 - The Samsung must be configured to not allow passwords with more than two repeating or sequential characters - Characters | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-000200 - The Samsung must be configured to not allow passwords with more than two repeating or sequential characters - Numbers | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-000600 - The Samsung Android 7 with Knox must be configured to not allow more than 10 consecutive failed authentication attempts. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | ACCESS CONTROL |
| KNOX-07-005700 - The Samsung must be configured to disable automatic transfer of diagnostic data. Disable Google Crash Report. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-913400 - The Samsung must implement the setting: Configure to prohibit more than 10 failed Container authentication attempts. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| SPLK-CL-000080 - Splunk Enterprise must display the Standard Mandatory DOD Notice and Consent Banner before granting access to the server. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST API | Splunk | ACCESS CONTROL |
| UBTU-20-010400 - The Ubuntu operating system must limit the number of concurrent sessions to ten for all accounts and/or account types. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | ACCESS CONTROL |
| UBTU-22-215020 - Ubuntu 22.04 LTS must not have the 'systemd-timesyncd' package installed. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | CONFIGURATION MANAGEMENT |
| VMCH-67-000001 - Copy operations must be disabled on the virtual machine. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-67-000020 - System administrators must use templates to deploy virtual machines whenever possible. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000002 - Drag and drop operations must be disabled on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000015 - Informational messages from the virtual machine to the VMX file must be limited on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-70-000018 - Shared salt values must be disabled on the virtual machine (VM). | DISA STIG VMware vSphere 7.0 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-80-000192 Virtual machines (VMs) must have paste operations disabled. | DISA VMware vSphere 8.0 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-80-000199 Virtual machines (VMs) must have shared salt values disabled. | DISA VMware vSphere 8.0 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-80-000200 Virtual machines (VMs) must disable access through the "dvfilter" network Application Programming Interface (API). | DISA VMware vSphere 8.0 Virtual Machine STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| WN10-CC-000080 - Virtualization-based protection of code integrity must be enabled. | DISA Windows 10 STIG v3r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000085 - Standard local user accounts must not exist on a system in a domain. | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000035 - The system must be configured to ignore NetBIOS name release requests except from WINS servers. | DISA Windows 11 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-CC-000197 - Microsoft consumer experiences must be turned off. | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000220 - File Explorer heap termination on corruption must be disabled. | DISA Windows 11 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-CC-000390 - Windows 11 must be configured to prevent users from receiving suggestions for third-party or additional applications. | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| ZEBR-10-011000 - Zebra Android 10 devices must be configured to disable the use of third-party keyboards. | AirWatch - DISA Zebra Android 10 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-11-003400 - Zebra Android 11 must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device. | AirWatch - DISA Zebra Android 11 COBO v1r3 | MDM | ACCESS CONTROL |
| ZEBR-11-006100 - Zebra Android 11 must be configured to generate audit records for the following auditable events: Detected integrity violations. | MobileIron - DISA Zebra Android 11 COBO v1r3 | MDM | AUDIT AND ACCOUNTABILITY |
| ZEBR-11-011000 - Zebra Android 11 devices must be configured to disable the use of third-party keyboards. | AirWatch - DISA Zebra Android 11 COBO v1r3 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-11-011100 - Zebra Android 11 devices must be configured to enable Common Criteria Mode (CC Mode). | AirWatch - DISA Zebra Android 11 COBO v1r3 | MDM | CONFIGURATION MANAGEMENT |
