| ADBP-XI-001280 - Adobe Acrobat Pro XI Default Handler changes must be disabled. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | CONFIGURATION MANAGEMENT |
| ADBP-XI-001325 - Adobe Acrobat Pro XI privileged site locations must be disabled. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | CONFIGURATION MANAGEMENT |
| APPL-11-000006 - The macOS system must conceal, via the session lock, information previously visible on the display with a publicly viewable image. | DISA STIG Apple macOS 11 v1r5 | Unix | ACCESS CONTROL |
| ARST-RT-000060 - The Arista BGP router must be configured to reject route advertisements from BGP peers that do not list their autonomous system (AS) number as the first AS in the AS_PATH attribute. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| ARST-RT-000100 - The Arista BGP router must be configured to reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| ARST-RT-000320 - The PE router must be configured to enforce a Quality-of-Service (QoS) policy in accordance with the QoS GIG Technical Profile. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX19-MB-000142 The Exchange Global Recipient Count Limit must be set. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| FNFG-FW-000150 - The FortiGate firewall must generate an alert that can be forwarded to, at a minimum, the Information System Security Officer (ISSO) and Information System Security Manager (ISSM) when denial-of-service (DoS) incidents are detected - enc-algorithm | DISA Fortigate Firewall STIG v1r3 | FortiGate | SYSTEM AND INFORMATION INTEGRITY |
| GEN001280 - Manual page files must have mode 0644 or less permissive - '/usr/share/infopage/*' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN001290 - All manual page files must not have extended ACLs - '/usr/share/info' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN001290 - All manual page files must not have extended ACLs - '/usr/share/man/*' | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001440 - All interactive users must be assigned a home directory in the /etc/passwd file. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN001780 - Global initialization files must contain the 'mesg -n' or 'mesg n' commands - '/etc/bashrc' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN001780 - Global initialization files must contain the 'mesg -n' or 'mesg n' commands - '/etc/suid_profile' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN002500 - The sticky bit must be set on all public directories. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN002715 - System audit tool executables must be owned by root - '/sbin/aureport' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002715 - System audit tool executables must be owned by root - '/sbin/ausearch' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/auditmerge' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002715 - System audit tool executables must be owned by root - '/usr/sbin/auditpr' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002716 - System audit tool executables must be group-owned by bin, sys, or system - '/usr/sbin/audit' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002716 - System audit tool executables must be group-owned by bin, sys, or system - '/usr/sbin/auditpr' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002716 - System audit tool executables must be group-owned by bin, sys, or system - '/usr/sbin/auditstream' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002716 - System audit tool executables must be group-owned by root, bin, sys, or system - '/sbin/auditctl' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/auditpr' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002718 - System audit tool executables must not have extended ACLs - '/sbin/aureport' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002718 - System audit tool executables must not have extended ACLs - '/sbin/ausearch' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditmerge' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN003220 - Cron programs must not set the umask to a value less restrictive than 077 - '/etc/cron.daily/*' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN003220 - Cron programs must not set the umask to a value less restrictive than 077. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003620 - A separate file system must be used for user home directories (such as /home or equivalent). | DISA STIG AIX 6.1 v1r14 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN004440 - Sendmail logging must not be set to less than nine in the sendmail.cf file. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN004560 - The SMTP service's SMTP greeting must not provide version information. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| JUEX-NM-000490 - The Juniper EX switch must use an an NTP service that is hosted by a trusted source or a DOD-compliant enterprise or local NTP server. | DISA Juniper EX Series Network Device Management v2r1 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| JUEX-RT-000320 - The Juniper MPLS router with RSVP-TE enabled must be configured to enable refresh reduction features. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| MSFT-11-005200 - The mobile operating system must allow only the Administrator (MDM) to perform the following management function: Enable/disable location services. | MobileIron - DISA Microsoft Android 11 COPE v1r2 | MDM | ACCESS CONTROL |
| OL08-00-010440 - YUM must remove all software components after updated versions have been installed on OL 8. | DISA Oracle Linux 8 STIG v2r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| PHTN-40-000112 The Photon operating system must immediately notify the SA and ISSO when allocated audit record storage volume reaches 75 percent of the repository maximum audit record storage capacity. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-08-010440 - YUM must remove all software components after updated versions have been installed on RHEL 8. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-214035 - RHEL 9 must remove all software components after updated versions have been installed. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| SPLK-CL-000020 - Splunk Enterprise must notify the system administrator (SA) and information system security officer (ISSO) when account events are received (creation, deletion, modification, or disabling) - creation, deletion, modification, or disabling. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST API | Splunk | ACCESS CONTROL |
| SPLK-CL-000120 - The System Administrator (SA) and Information System Security Manager (ISSM) must configure the retention of the log records based on the defined security plan. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG OS | Unix | AUDIT AND ACCOUNTABILITY |
| SPLK-CL-000180 - Splunk Enterprise must notify the System Administrator (SA) or Information System Security Officer (ISSO) if communication with the host and devices within its scope of coverage is lost. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST API | Splunk | AUDIT AND ACCOUNTABILITY |
| SQL2-00-012600 - SQL Server itself, or the logging or alerting mechanism the application utilizes, must provide a warning when allocated audit record storage volume reaches an organization-defined percentage of maximum audit record storage capacity. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | AUDIT AND ACCOUNTABILITY |
| SYMP-NM-000090 - Symantec ProxySG must generate an alert to the console when a log processing failure is detected such as loss of communications with the Central Log Server or log records are no longer being sent. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010300 - The Ubuntu operating system must have a crontab script running weekly to offload audit events of standalone systems. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010410 - The Ubuntu operating system must automatically expire temporary accounts within 72 hours. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | ACCESS CONTROL |
| UBTU-20-010441 - The Ubuntu operating system must be configured such that Pluggable Authentication Module (PAM) prohibits the use of cached authentications after one day. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-22-631015 - Ubuntu 22.04 LTS must be configured such that Pluggable Authentication Module (PAM) prohibits the use of cached authentications after one day. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001520 - The WebSphere Application Server must not generate LTPA keys automatically. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001530 - The WebSphere Application Server must periodically regenerate LTPA keys. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
