| 3.084 - The system is configured to use an unauthorized time server. - 'Type' - Domain | DISA Windows Vista STIG v6r41 | Windows | AUDIT AND ACCOUNTABILITY |
| 3.084 - The system is configured to use an unauthorized time server. - 'Type' - Non-domain | DISA Windows Vista STIG v6r41 | Windows | AUDIT AND ACCOUNTABILITY |
| AIOS-01-080007 - Apple iOS must not allow passwords that include more than two repeating or sequential characters. | AirWatch - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-02-080007 - Apple iOS must disable automatic transfer of diagnostic data to an external device other than an enrolled MDM service. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-02-080008 - Apple iOS must implement the management setting: limit Ad Tracking. | AirWatch - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-02-080101 - Apple iOS must not allow backup to remote systems (enterprise books). | AirWatch - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-11-080203 - Apple iOS must implement the management setting: force Apple Watch wrist detection. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-14-003300 - The mobile operating system must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device. | AirWatch - DISA Apple iOS/iPadOS 14 v1r3 | MDM | ACCESS CONTROL |
| AIOS-15-008400 - Apple iOS/iPadOS 15 must be configured to display the DoD advisory warning message at startup or each time the user unlocks the device. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | ACCESS CONTROL |
| AIOS-15-008400 - Apple iOS/iPadOS 15 must be configured to display the DoD advisory warning message at startup or each time the user unlocks the device. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | ACCESS CONTROL |
| AIOS-15-010800 - Apple iOS/iPadOS 15 must implement the management setting: not allow use of Handoff. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-010900 - Apple iOS/iPadOS 15 must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device for the first time. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-012300 - Apple iOS/iPadOS 15 must not allow managed apps to write contacts to unmanaged contacts accounts. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-012500 - Apple iOS/iPadOS 15 must implement the management setting: disable AirDrop. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-011800 - Apple iOS/iPadOS 16 must implement the management setting: Force Apple Watch wrist detection. | AirWatch - DISA Apple iOS/iPadOS 16 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-011800 - Apple iOS/iPadOS 16 must implement the management setting: Force Apple Watch wrist detection. | MobileIron - DISA Apple iOS/iPadOS 16 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-012300 - Apple iOS/iPadOS 17 must not allow managed apps to write contacts to unmanaged contacts accounts. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-710900 - Apple iOS/iPadOS 17 must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | ACCESS CONTROL |
| AIOS-17-710950 - Apple iOS/iPadOS 17 must implement the management setting: require passcode for incoming Airplay connection requests. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | ACCESS CONTROL |
| AIOS-17-711800 - Apple iOS/iPadOS 17 must implement the management setting: force Apple Watch wrist detection. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-713400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-14-002054 - The macOS system must be configured with Bluetooth turned off unless approved by the organization - HiddenPreferencePanes | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-12-005052 - The macOS system logon window must be configured to prompt for username and password, rather than show a list of users. | DISA STIG Apple macOS 12 v1r9 | Unix | CONFIGURATION MANAGEMENT |
| APPL-15-004050 - The macOS system must configure install.log retention to 365. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| ARST-RT-000080 - The Arista Multicast Source Discovery Protocol (MSDP) router must be configured to filter source-active multicast advertisements to external MSDP peers to avoid global visibility of local-only multicast sources and groups. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| ARST-RT-000180 - The Arista perimeter router must be configured to not redistribute static routes to an alternate gateway service provider into BGP or an IGP peering with the NIPRNet or to other autonomous systems. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| ARST-RT-000580 - The multicast Rendezvous Point (RP) Arista router must be configured to limit the multicast forwarding cache so that its resources are not saturated by managing an overwhelming number of Protocol Independent Multicast (PIM) and Multicast Source Discovery Protocol (MSDP) source-active entries. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000780 - The Arista router must be configured to advertise a hop limit of at least 32 in Router Advertisement messages for IPv6 stateless auto-configuration deployments. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | CONFIGURATION MANAGEMENT |
| CASA-VN-000010 - The Cisco ASA must be configured to generate log records containing information to establish what type of VPN events occurred - vpnc | DISA STIG Cisco ASA VPN v2r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CASA-VN-000520 - The Cisco ASA remote access VPN server must be configured to generate log records containing information to establish the source of the events - vpn | DISA STIG Cisco ASA VPN v2r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-RT-000236 - The Cisco router must be configured to advertise a hop limit of at least 32 in Router Advertisement messages for IPv6 stateless auto-configuration deployments. | DISA STIG Cisco IOS-XR Router RTR v3r1 | Cisco | CONFIGURATION MANAGEMENT |
| EX19-MB-000042 Exchange circular logging must be disabled. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r1 | Windows | AUDIT AND ACCOUNTABILITY |
| F5BI-AP-000239 - The F5 BIG-IP appliance must be configured to set the 'Max In Progress Sessions per Client IP' value to 10 or less. | DISA F5 BIG-IP Access Policy Manager STIG v2r3 | F5 | ACCESS CONTROL |
| F5BI-DM-000290 - If the BIG-IP appliance is being used to authenticate users for web applications, the HTTPOnly flag must be set. | DISA F5 BIG-IP Device Management STIG v2r3 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| JRE8-UX-000060 - Oracle JRE 8 must default to the most secure built-in setting - deployment.security.level | DISA STIG Oracle JRE 8 Unix v1r3 | Unix | CONFIGURATION MANAGEMENT |
| JUEX-L2-000150 - The Juniper EX switch must be configured to enable Storm Control on all host-facing access interfaces. | DISA Juniper EX Series Layer 2 Switch v2r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUEX-RT-000980 - The Juniper Multicast Source Discovery Protocol (MSDP) router must be configured to use its loopback address as the source address when originating MSDP traffic. | DISA Juniper EX Series Router v2r1 | Juniper | CONFIGURATION MANAGEMENT |
| OL08-00-010171 - OL 8 must have the 'policycoreutils' package installed. | DISA Oracle Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-020024 - OL 8 must limit the number of concurrent sessions to 10 for all accounts and/or account types. | DISA Oracle Linux 8 STIG v2r1 | Unix | ACCESS CONTROL |
| OL08-00-040004 - OL 8 must enable mitigations against processor-based vulnerabilities. | DISA Oracle Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-010375 - The Red Hat Enterprise Linux operating system must restrict access to the kernel message buffer. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010171 - RHEL 8 must have policycoreutils package installed. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010375 - RHEL 8 must restrict access to the kernel message buffer. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010471 - RHEL 8 must enable the hardware random number generator entropy gatherer service. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010542 - RHEL 8 must use a separate file system for the system audit data path. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-030602 - RHEL 8 must allocate an audit_backlog_limit of sufficient size to capture processes that start prior to the audit daemon. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-09-412040 - RHEL 9 must limit the number of concurrent sessions to ten for all accounts and/or account types. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-09-651030 - RHEL 9 must be configured so that the file integrity tool verifies Access Control Lists (ACLs). | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| WBSP-AS-001470 - The WebSphere Application Server must be configured to perform complete application deployments when using A/B clusters. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001580 - The WebSphere Application Server memory session settings must be defined according to application load requirements. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
