| AIOS-13-010500 - Apple iOS/iPadOS must require a valid password be successfully entered before the mobile device data is unencrypted. | MobileIron - DISA Apple iOS/iPadOS 13 v2r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-14-007600 - Apple iOS/iPadOS must implement the management setting: remove managed applications upon unenrollment from MDM (including sensitive and protected data). | MobileIron - DISA Apple iOS/iPadOS 14 v1r3 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-14-007600 - Apple iOS/iPadOS must implement the management setting: remove managed applications upon unenrollment from MDM (including sensitive and protected data). | AirWatch - DISA Apple iOS/iPadOS 14 v1r3 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-14-008900 - Apple iOS/iPadOS must implement the management setting: limit Ad Tracking. | MobileIron - DISA Apple iOS/iPadOS 14 v1r3 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-14-008900 - Apple iOS/iPadOS must implement the management setting: limit Ad Tracking. | AirWatch - DISA Apple iOS/iPadOS 14 v1r3 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-16-010500 - Apple iOS/iPadOS 16 must implement the management setting: limit Ad Tracking. | AirWatch - DISA Apple iOS/iPadOS 16 v2r1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-16-010500 - Apple iOS/iPadOS 16 must implement the management setting: limit Ad Tracking. | MobileIron - DISA Apple iOS/iPadOS 16 v2r1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-11-005020 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest. | DISA STIG Apple macOS 11 v1r8 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-11-005020 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest. | DISA STIG Apple macOS 11 v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-12-005020 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest. | DISA STIG Apple macOS 12 v1r9 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-13-005020 - The macOS system must implement cryptographic mechanisms to protect the confidentiality and integrity of all information at rest. | DISA STIG Apple macOS 13 v1r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-14-005020 - The macOS system must enforce FileVault. | DISA Apple macOS 14 (Sonoma) STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-15-005020 - The macOS system must enforce FileVault. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| BIND-9X-001130 - The DNSSEC keys used with the BIND 9.x implementation must be owned by a privileged account. | DISA BIND 9.x STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| BIND-9X-001131 - The DNSSEC keys used with the BIND 9.x implementation must be group owned by a privileged account. | DISA BIND 9.x STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DB2X-00-005400 - DB2 must protect the confidentiality and integrity of all information at rest. | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-MB-000130 - The Exchange Public Folder database must not be overwritten by a restore. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-MB-000135 - Exchange Mailboxes must be retained until backups are complete. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-MB-000140 - The Exchange Mailbox database must not be overwritten by a restore. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-MB-000145 - Exchange email forwarding must be restricted. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-MB-000150 - Exchange email-forwarding SMTP domains must be restricted. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX16-MB-000300 - Exchange email-forwarding SMTP domains must be restricted. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IIST-SV-000137 - The production IIS 10.0 web server must utilize SHA2 encryption for the Machine Key. | DISA IIS 10.0 Server v3r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| JBOS-AS-000400 - JBoss file permissions must be configured to protect the confidentiality and integrity of application files. | DISA RedHat JBoss EAP 6.3 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MSFT-11-002000 - Microsoft Android 11 must be configured to enable encryption for data at rest on removable storage media or alternately, the use of removable storage media must be disabled. | AirWatch - DISA Microsoft Android 11 COPE v1r2 | MDM | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| MSFT-11-002000 - Microsoft Android 11 must be configured to enable encryption for data at rest on removable storage media or alternately, the use of removable storage media must be disabled. | AirWatch - DISA Microsoft Android 11 COBO v1r2 | MDM | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| O112-C2-018300 - The DBMS must take needed steps to protect data at rest and ensure confidentiality and integrity of application data. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| O121-C2-018300 - The DBMS must take needed steps to protect data at rest and ensure confidentiality and integrity of application data. | DISA STIG Oracle 12c v3r1 Database | OracleDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000008 - Office applications must be configured to specify encryption type in password-protected Office 97-2003 files. | DISA STIG Microsoft Office 365 ProPlus v3r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-CO-000009 - Office applications must be configured to specify encryption type in password-protected Office Open XML files. | DISA STIG Microsoft Office 365 ProPlus v3r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010030 - All OL 8 local disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at-rest protection. | DISA Oracle Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PGS9-00-008300 - PostgreSQL must protect the confidentiality and integrity of all information at rest. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| PPS9-00-005700 - The EDB Postgres Advanced Server must protect the confidentiality and integrity of all information at rest. | EDB PostgreSQL Advanced Server OS Linux Audit v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-06-000276 - The operating system must protect the confidentiality and integrity of data at rest. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-231190 - RHEL 9 local disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at rest protection. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SLES-12-010450 - All SUSE operating system persistent disk partitions must implement cryptographic mechanisms to prevent unauthorized disclosure or modification of all information that requires at rest protection. | DISA SLES 12 STIG v2r13 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-060160 - The operating system must protect the confidentiality and integrity of information at rest. | DISA STIG Solaris 11 SPARC v3r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SOL-11.1-060160 - The operating system must protect the confidentiality and integrity of information at rest. | DISA STIG Solaris 11 X86 v3r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL4-00-024100 - The Database Master Key must be encrypted by the Service Master Key, where a Database Master Key is required and another encryption method has not been specified. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL4-00-024200 - Database Master Key passwords must not be stored in credentials within the database. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL4-00-024300 - Symmetric keys (other than the database master key) must use a DoD certificate to encrypt the key. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL4-00-024500 - The Service Master Key must be backed up, stored offline and off-site. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL6-D0-001600 - The Database Master Key encryption password must meet DOD password complexity requirements. | DISA STIG SQL Server 2016 Database Audit v3r1 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL6-D0-001700 - The Database Master Key must be encrypted by the Service Master Key, where a Database Master Key is required and another encryption method has not been specified. | DISA STIG SQL Server 2016 Database Audit v3r1 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL6-D0-001800 - The Certificate used for encryption must be backed up and stored in a secure location that is not on the SQL Server. | DISA STIG SQL Server 2016 Database Audit v3r1 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL6-D0-009500 - SQL Server must protect the confidentiality and integrity of all information at rest. | DISA STIG SQL Server 2016 Instance DB Audit v3r1 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-20-010414 - Ubuntu operating systems handling data requiring 'data at rest' protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-22-231010 - Ubuntu 22.04 LTS must implement cryptographic mechanisms to prevent unauthorized disclosure and modification of all information that requires protection at rest. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN10-00-000250 - Windows 10 nonpersistent VM sessions must not exceed 24 hours. | DISA Windows 10 STIG v3r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-00-000250 - Windows Server 2022 systems requiring data at rest protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest. | DISA Windows Server 2022 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
