| 1.016 - Security configuration tools or equivalent processes must be used to configure and maintain platforms for security compliance. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 3.006 - Floppy media devices are not allocated upon user logon. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 3.095 - The system is configured to redirect ICMP. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| 4.006 - Users must be forcibly disconnected when their logon hours expire. | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.210 - Device Install - Generic Driver Error Report | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| DG0015-ORACLE11 - Database applications should be restricted from using static DDL statements to modify the application schema. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| DG0019-ORACLE11 - Application software should be owned by a Software Application account - 'Oracle base directory file permissions are correct' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DG0019-ORACLE11 - Application software should be owned by a Software Application account - 'Oracle home directory file permissions are correct' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DG0019-ORACLE11 - Application software should be owned by a Software Application account. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DG0087-ORACLE11 - Sensitive data should be labeled. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| DG0089-ORACLE11 - Developers should not be assigned excessive privileges on production databases. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | ACCESS CONTROL |
| DG0091-ORACLE11 - Custom and GOTS application source code stored in the database should be protected with encryption or encoding. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| DG0104-ORACLE11 - DBMS service identification should be unique and clearly identifies the service - 'All Oracle services use the proper naming' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DG0104-ORACLE11 - DBMS service identification should be unique and clearly identifies the service. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DO0145-ORACLE11 - OS DBA group membership should be restricted to authorized accounts. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | ACCESS CONTROL |
| DO0145-ORACLE11 - OS DBA group membership should be restricted to authorized accounts. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | ACCESS CONTROL |
| DO0157-ORACLE11 - Database application user accounts should be denied storage usage for object creation within the database. | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| DO0221-ORACLE11 - The Oracle SID should not be the default SID - 'No default instance names exist' | DISA STIG Oracle 11 Instance v9r1 Database | OracleDB | CONFIGURATION MANAGEMENT |
| DO0430-ORACLE11 - The Oracle Management Agent should be uninstalled if not required and authorized or is installed on a database accessible from the Internet. | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DO0430-ORACLE11 - The Oracle Management Agent should be uninstalled if not required and authorized or is installed on a database accessible from the Internet. | DISA STIG Oracle 11 Installation v9r1 Database | OracleDB | CONFIGURATION MANAGEMENT |
| DO0430-ORACLE11 - The Oracle Management Agent should be uninstalled if not required and authorized or is installed on a database accessible from the Internet. | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DO6746-ORACLE11 - The Oracle listener.ora file should specify IP addresses rather than host names to identify hosts - '%ORACLE_HOME%\NETWORK\ADMIN\listener.ora HOST does not use hostname' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| DO6746-ORACLE11 - The Oracle listener.ora file should specify IP addresses rather than host names to identify hosts - '$ORACLE_HOME/network/admin/listener.ora HOST entroes do not use hostnames' | DISA STIG Oracle 11 Installation v9r1 Linux | Unix | CONFIGURATION MANAGEMENT |
| DTBI750 - Updates to web site lists from Microsoft must be disallowed. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | CONFIGURATION MANAGEMENT |
| GEN000510 - The system must display a publicly-viewable pattern during a graphical desktop environment session lock. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001290 - All manual page files must not have extended ACLs - '/usr/share/info/*' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN001440 - All interactive users must be assigned a home directory in the /etc/passwd file. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| WA000-WI070 IIS6 - Indexing Services must only index web content. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WI120 IIS6 - The Content Location header must not contain proprietary IP addresses. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WA000-WWA030 A22 - The httpd.conf MaxSpareServers directive must be set properly. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG130 A22 - All utility programs, not necessary for operations, must be removed or disabled. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG130 A22 - All utility programs, not necessary for operations, must be removed or disabled. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG130 IIS6 - Programs and features not necessary for operations must be removed. | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG130 W22 - All utility programs, not necessary for operations, must be removed or disabled. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG265 A22 - The required DoD banner page must be displayed to authenticated users accessing a DoD private website. | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | ACCESS CONTROL |
| WG265 W22 - The required DoD banner page must be displayed to authenticated users accessing a DoD private website. | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | ACCESS CONTROL |
| WG420 IIS6 - Backup interactive scripts must be removed from the web site. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG420 W22 - Backup interactive scripts on the production web server must be prohibited. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG490 A22 - Java software on production web servers must be limited to class files and the JAVA virtual machine - cgi-bin | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG490 A22 - Java software on production web servers must be limited to class files and the JAVA virtual machine - cgi-bin | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG490 A22 - Java software on production web servers must be limited to class files and the JAVA virtual machine - html | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WG490 A22 - Java software on production web servers must be limited to class files and the JAVA virtual machine - html | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WG490 IIS6 - Java software installed on the web server must be limited to class files and the JAVA virtual machine. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | CONFIGURATION MANAGEMENT |
| WG490 W22 - Java software on production web servers must be limited to class files and the JAVA virtual machine. - 'Alias - *.java' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG490 W22 - Java software on production web servers must be limited to class files and the JAVA virtual machine. - 'DocumentRoot - *.java' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG490 W22 - Java software on production web servers must be limited to class files and the JAVA virtual machine. - 'ScriptAlias - *.java' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG490 W22 - Java software on production web servers must be limited to class files and the JAVA virtual machine. - 'ScriptAlias - *.jpp' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG490 W22 - Java software on production web servers must be limited to class files and the JAVA virtual machine. - 'ScriptAlias_Match - *.java' | DISA STIG Apache Site 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
| WG520 A22 - Web server and/or operating system information must be protected. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WG520 IIS6 - Web server and/or operating system information must be protected. | DISA STIG IIS 6.0 Server v6r16 | Windows | CONFIGURATION MANAGEMENT |
