3.084 - The system is configured to use an unauthorized time server. - 'Type' - Domain | DISA Windows Vista STIG v6r41 | Windows | AUDIT AND ACCOUNTABILITY |
3.084 - The system is configured to use an unauthorized time server. - 'Type' - Non-domain | DISA Windows Vista STIG v6r41 | Windows | AUDIT AND ACCOUNTABILITY |
AIOS-01-080007 - Apple iOS must not allow passwords that include more than two repeating or sequential characters. | AirWatch - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
AIOS-02-080007 - Apple iOS must disable automatic transfer of diagnostic data to an external device other than an enrolled MDM service. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
AIOS-02-080008 - Apple iOS must implement the management setting: limit Ad Tracking. | AirWatch - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
AIOS-02-080101 - Apple iOS must not allow backup to remote systems (enterprise books). | AirWatch - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
AIOS-11-080203 - Apple iOS must implement the management setting: force Apple Watch wrist detection. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
AIOS-14-003300 - The mobile operating system must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device. | AirWatch - DISA Apple iOS/iPadOS 14 v1r3 | MDM | ACCESS CONTROL |
AIOS-15-008400 - Apple iOS/iPadOS 15 must be configured to display the DoD advisory warning message at startup or each time the user unlocks the device. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | ACCESS CONTROL |
AIOS-15-008400 - Apple iOS/iPadOS 15 must be configured to display the DoD advisory warning message at startup or each time the user unlocks the device. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | ACCESS CONTROL |
AIOS-15-010800 - Apple iOS/iPadOS 15 must implement the management setting: not allow use of Handoff. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
AIOS-15-010900 - Apple iOS/iPadOS 15 must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device for the first time. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
AIOS-15-012300 - Apple iOS/iPadOS 15 must not allow managed apps to write contacts to unmanaged contacts accounts. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
AIOS-15-012500 - Apple iOS/iPadOS 15 must implement the management setting: disable AirDrop. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
AIOS-16-011800 - Apple iOS/iPadOS 16 must implement the management setting: Force Apple Watch wrist detection. | AirWatch - DISA Apple iOS/iPadOS 16 v2r1 | MDM | CONFIGURATION MANAGEMENT |
AIOS-16-011800 - Apple iOS/iPadOS 16 must implement the management setting: Force Apple Watch wrist detection. | MobileIron - DISA Apple iOS/iPadOS 16 v2r1 | MDM | CONFIGURATION MANAGEMENT |
AIOS-17-012300 - Apple iOS/iPadOS 17 must not allow managed apps to write contacts to unmanaged contacts accounts. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
AIOS-17-710900 - Apple iOS/iPadOS 17 must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | ACCESS CONTROL |
AIOS-17-710950 - Apple iOS/iPadOS 17 must implement the management setting: require passcode for incoming Airplay connection requests. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | ACCESS CONTROL |
AIOS-17-711800 - Apple iOS/iPadOS 17 must implement the management setting: force Apple Watch wrist detection. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | CONFIGURATION MANAGEMENT |
AIOS-17-713400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
AIOS-18-008400 - Apple iOS/iPadOS 18 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | ACCESS CONTROL |
AIOS-18-010500 - Apple iOS/iPadOS 18 must implement the management setting: limit Ad Tracking. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
AOSX-14-002054 - The macOS system must be configured with Bluetooth turned off unless approved by the organization - HiddenPreferencePanes | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
APPL-12-005052 - The macOS system logon window must be configured to prompt for username and password, rather than show a list of users. | DISA STIG Apple macOS 12 v1r9 | Unix | CONFIGURATION MANAGEMENT |
ARST-RT-000080 - The Arista Multicast Source Discovery Protocol (MSDP) router must be configured to filter source-active multicast advertisements to external MSDP peers to avoid global visibility of local-only multicast sources and groups. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
ARST-RT-000180 - The Arista perimeter router must be configured to not redistribute static routes to an alternate gateway service provider into BGP or an IGP peering with the NIPRNet or to other autonomous systems. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
ARST-RT-000580 - The multicast Rendezvous Point (RP) Arista router must be configured to limit the multicast forwarding cache so that its resources are not saturated by managing an overwhelming number of Protocol Independent Multicast (PIM) and Multicast Source Discovery Protocol (MSDP) source-active entries. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
ARST-RT-000780 - The Arista router must be configured to advertise a hop limit of at least 32 in Router Advertisement messages for IPv6 stateless auto-configuration deployments. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | CONFIGURATION MANAGEMENT |
CASA-VN-000520 - The Cisco ASA remote access VPN server must be configured to generate log records containing information to establish the source of the events. | DISA STIG Cisco ASA VPN v2r2 | Cisco | AUDIT AND ACCOUNTABILITY |
ESXI-67-000014 - The ESXi host SSH daemon must not permit root logins. | DISA STIG VMware vSphere 6.7 ESXi OS v1r3 | Unix | CONFIGURATION MANAGEMENT |
ESXI-67-000018 - The ESXi host SSH daemon must not permit GSSAPI authentication. | DISA STIG VMware vSphere 6.7 ESXi OS v1r3 | Unix | CONFIGURATION MANAGEMENT |
ESXI-67-000052 - The ESXi host must protect the confidentiality and integrity of transmitted information by using different TCP/IP stacks where possible. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
KNOX-07-018200 - The Samsung must be configured to Add the MDM Client application to the Battery optimizations modes Whitelist. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
KNOX-07-900300 - The Samsung must be configured to not allow Container passwords with more than two repeating or sequential characters. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
RHEL-07-010375 - The Red Hat Enterprise Linux operating system must restrict access to the kernel message buffer. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
SLES-15-010375 - The SUSE operating system must restrict access to the kernel message buffer. | DISA SLES 15 STIG v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
SLES-15-020020 - The SUSE operating system must limit the number of concurrent sessions to 10 for all accounts and/or account types. | DISA SLES 15 STIG v2r2 | Unix | ACCESS CONTROL |
SLES-15-040200 - A separate file system must be used for SUSE operating system user home directories (such as /home or an equivalent). | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
SYMP-NM-000060 - Symantec ProxySG must display the Standard Mandatory DoD Notice and Consent Banner before granting access to the device. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | ACCESS CONTROL |
VCSA-70-000283 - The vCenter Server must disable Username/Password and Windows Integrated Authentication. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | CONFIGURATION MANAGEMENT |
VMCH-67-000003 - Paste operations must be disabled on the virtual machine. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
VMCH-67-000009 - Unauthorized CD/DVD devices must be disconnected on the virtual machine. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
VMCH-67-000023 - 3D features on the virtual machine must be disabled when not required. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
WBSP-AS-000380 - The WebSphere Application Server must generate log records when attempts to access subject privileges occur. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
WBSP-AS-000640 - The WebSphere Application Server must alert the SA and ISSO, in the event of a log processing failure - notification | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
WBSP-AS-000670 - The WebSphere Application Server high availability applications must be configured to fail over in log subsystem failure. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
WBSP-AS-000940 - The WebSphere Application Server must remove JREs left by web server and plug-in installers in the DMZ. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
WBSP-AS-001580 - The WebSphere Application Server memory session settings must be defined according to application load requirements. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
ZEBR-10-003400 - Zebra Android 10 must be configured to display the DoD advisory warning message at startup or each time the user unlocks the device. | MobileIron - DISA Zebra Android 10 COPE v1r2 | MDM | ACCESS CONTROL |