| AIOS-12-010500 - Apple iOS must require a valid password be successfully entered before the mobile device data is unencrypted. | AirWatch - DISA Apple iOS 12 v2r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-010500 - Apple iOS/iPadOS 17 must implement the management setting: limit Ad Tracking. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-010500 - Apple iOS/iPadOS 17 must implement the management setting: limit Ad Tracking. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| AIX7-00-001048 - AIX must protect the confidentiality and integrity of all information at rest. | DISA STIG AIX 7.x v2r9 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Enforce FileVault | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Enforce FileVault | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Enforce FileVault | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Enforce FileVault | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Enforce FileVault | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Enforce FileVault | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Big Sur - Enforce FileVault | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| BIND-9X-001132 - Permissions assigned to the DNSSEC keys used with the BIND 9.x implementation must enforce read-only access to the key owner and deny access to all other users. | DISA BIND 9.x STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Enforce FileVault | NIST macOS Catalina v1.5.0 - 800-171 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Enforce FileVault | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Enforce FileVault | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Enforce FileVault | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Enforce FileVault | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Enforce FileVault | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Enforce FileVault | NIST macOS Catalina v1.5.0 - All Profiles | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DKER-EE-002660 - Docker Secrets must be used to store configuration files and small amounts of user-generated data (up to 500 kb in size) in Docker Enterprise. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBC-0039 - Browser history must be saved. | DISA STIG Google Chrome v2r9 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI042-IE11 - Userdata persistence must be disallowed (Internet zone). | DISA STIG IE 11 v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI132-IE11 - Userdata persistence must be disallowed (Restricted Sites zone). | DISA STIG IE 11 v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO188 - Document metadata for password protected files must be protected. | DISA STIG Microsoft Office System 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO188 - Document metadata for password protected files must be protected. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO189 - The encryption type for password protected Open XML files must be set. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO189 - The encryption type for password protected Open XML files must be set. | DISA STIG Microsoft Office System 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO190 - The encryption type for password protected Office 97 thru Office 2003 must be set. | DISA STIG Microsoft Office System 2016 v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO190 - The encryption type for password protected Office 97 thru Office 2003 must be set. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO195 - Passwords for secured documents must be enforced. | DISA STIG Microsoft Office System 2013 v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EP11-00-005700 - The EDB Postgres Advanced Server must protect the confidentiality and integrity of all information at rest. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-MB-000125 - Exchange Public Folder stores must be retained until backups are complete. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000270 - Exchange Mailboxes must be retained until backups are complete. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000290 - Exchange email forwarding must be restricted. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000300 - Exchange email-forwarding SMTP domains must be restricted. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IIST-SV-000137 - The production IIS 10.0 web server must utilize SHA2 encryption for the Machine Key. | DISA IIS 10.0 Server v2r10 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IISW-SV-000137 - The production IIS 8.5 web server must utilize SHA2 encryption for the Machine Key. | DISA IIS 8.5 Server v2r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD3X-00-000440 - MongoDB must protect the confidentiality and integrity of all information at rest. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD4X-00-003800 - MongoDB must protect the confidentiality and integrity of all information at rest. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Enforce FileVault | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Enforce FileVault | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MSFT-11-002000 - Microsoft Android 11 must be configured to enable encryption for data at rest on removable storage media or alternately, the use of removable storage media must be disabled. | MobileIron - DISA Microsoft Android 11 COPE v1r2 | MDM | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| MSFT-11-002000 - Microsoft Android 11 must be configured to enable encryption for data at rest on removable storage media or alternately, the use of removable storage media must be disabled. | MobileIron - DISA Microsoft Android 11 COBO v1r2 | MDM | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| OL6-00-000276 - The operating system must protect the confidentiality and integrity of data at rest. | DISA STIG Oracle Linux 6 v2r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SLES-15-010330 - All SUSE operating system persistent disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at-rest protection. | DISA SLES 15 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL4-00-021300 - SQL Server must protect data at rest and ensure confidentiality and integrity of data. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL4-00-024300 - Symmetric keys (other than the database master key) must use a DoD certificate to encrypt the key. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL6-D0-009600 - The Service Master Key must be backed up and stored in a secure location that is not on the SQL Server. | DISA STIG SQL Server 2016 Instance DB Audit v3r1 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL6-D0-009700 - The Master Key must be backed up and stored in a secure location that is not on the SQL Server. | DISA STIG SQL Server 2016 Instance DB Audit v3r1 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| WDNS-SC-000024 - The Windows 2012 DNS Server must protect secret/private cryptographic keys while at rest. | DISA Microsoft Windows 2012 Server DNS STIG v2r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
