| 1.1.3.10.2 Set 'Network access: Allow anonymous SID/Name translation' to 'Disabled' | CIS Windows 8 L1 v1.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 2.023 - Standard user accounts must only have Read permissions to the Winlogon registry key. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 3.030 - Anonymous access to the registry must be restricted. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 4.1 Ensure All Default Passwords Are Changed | CIS Oracle Server 12c DB Traditional Auditing v3.0.0 | OracleDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 4.1 Ensure All Default Passwords Are Changed | CIS Oracle Server 12c DB Unified Auditing v3.0.0 | OracleDB | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 4.005 - Unapproved Users have access to Debug programs. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 4.009 - Unauthorized users are granted right to Act as part of the operating system. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 4.027 - Only administrators responsible for the system must have Administrator rights on the system. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| 6.6.5 Ensure all Custom Login Classes Forbid Shell Access | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | ACCESS CONTROL |
| 6.10.3.2 Ensure XNM-SSL Connection Limit is Set | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 6.10.3.3 Ensure XNM-SSL Rate Limit is Set | CIS Juniper OS Benchmark v2.1.0 L2 | Juniper | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 6.10.4.1 Ensure NETCONF Rate Limit is Set | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 6.10.4.2 Ensure NETCONF Connection Limit is Set | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 6.10.5.10 Ensure REST Service Address is Set | CIS Juniper OS Benchmark v2.1.0 L1 | Juniper | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| APPL-13-002069 - The macOS system must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. | DISA STIG Apple macOS 13 v1r4 | Unix | ACCESS CONTROL |
| APPL-14-002069 - The macOS system must require administrator privileges to modify systemwide settings. | DISA Apple macOS 14 (Sonoma) STIG v2r2 | Unix | ACCESS CONTROL |
| DTAVSEL-202 - The nails user and nailsgroup group must be restricted to the least privilege access required for the intended role - group | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | ACCESS CONTROL |
| DTAVSEL-202 - The nails user and nailsgroup group must be restricted to the least privilege access required for the intended role - group | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | ACCESS CONTROL |
| DTAVSEL-202 - The nails user and nailsgroup group must be restricted to the least privilege access required for the intended role - user | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Managed Client v1r5 | Unix | ACCESS CONTROL |
| DTAVSEL-202 - The nails user and nailsgroup group must be restricted to the least privilege access required for the intended role - user | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | ACCESS CONTROL |
| DTOO201 - Office System - Connection verification of permissions must be enforced. | DISA STIG Office System 2010 v1r13 | Windows | ACCESS CONTROL |
| EPAS-00-007400 - The EDB Postgres Advanced Server must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | ACCESS CONTROL |
| GOOG-12-012200 - Google Android 12 must be configured to disable all data signaling over [assignment: list of externally accessible hardware ports (for example, USB)]. | MobileIron - DISA Google Android 12 COPE v1r2 | MDM | ACCESS CONTROL |
| GOOG-12-012200 - Google Android 12 must be configured to disable all data signaling over [assignment: list of externally accessible hardware ports (for example, USB)]. | AirWatch - DISA Google Android 12 COBO v1r2 | MDM | ACCESS CONTROL |
| GOOG-13-012200 - Google Android 13 must be configured to disable all data signaling over [assignment: list of externally accessible hardware ports (for example, USB)] - for example, USB]. | MobileIron - DISA Google Android 13 COPE v2r1 | MDM | ACCESS CONTROL |
| GOOG-14-012200 - Google Android 14 must be configured to disable all data signaling over [assignment: list of externally accessible hardware ports (for example, USB)] - for example, USB]. | AirWatch - DISA Google Android 14 COBO v2r1 | MDM | ACCESS CONTROL |
| JUEX-NM-000930 - The Juniper EX switch must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. | DISA Juniper EX Series Network Device Management v2r1 | Juniper | ACCESS CONTROL |
| Monterey - Configure the System to Block Non-Privileged Users from Executing Privileged Functions | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL |
| MSFT-11-005200 - The mobile operating system must allow only the Administrator (MDM) to perform the following management function: Enable/disable location services. | MobileIron - DISA Microsoft Android 11 COPE v1r2 | MDM | ACCESS CONTROL |
| MSFT-11-005200 - The mobile operating system must allow only the Administrator (MDM) to perform the following management function: Enable/disable location services. | AirWatch - DISA Microsoft Android 11 COPE v1r2 | MDM | ACCESS CONTROL |
| PHTN-40-000105 The Photon operating system must enable symlink access control protection in the kernel. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL |
| RHEL-09-432010 - RHEL 9 must have the sudo package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | ACCESS CONTROL |
| WA00510 W22 - Web server status module must be disabled. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | ACCESS CONTROL |
| WINRG-000001 - Standard user accounts must only have Read permissions to the Active Setup\Installed Components registry key. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| WN11-SO-000167 - Remote calls to the Security Account Manager (SAM) must be restricted to Administrators. | DISA Windows 11 STIG v2r2 | Windows | ACCESS CONTROL |
| WN11-UR-000005 - The 'Access Credential Manager as a trusted caller' user right must not be assigned to any groups or accounts. | DISA Windows 11 STIG v2r2 | Windows | ACCESS CONTROL |
| WN11-UR-000045 - The 'Create a token object' user right must not be assigned to any groups or accounts. | DISA Windows 11 STIG v2r2 | Windows | ACCESS CONTROL |
| WN11-UR-000110 - The 'Impersonate a client after authentication' user right must only be assigned to Administrators, Service, Local Service, and Network Service. | DISA Windows 11 STIG v2r2 | Windows | ACCESS CONTROL |
| WN11-UR-000145 - The 'Perform volume maintenance tasks' user right must only be assigned to the Administrators group. | DISA Windows 11 STIG v2r2 | Windows | ACCESS CONTROL |
| WN11-UR-000150 - The 'Profile single process' user right must only be assigned to the Administrators group. | DISA Windows 11 STIG v2r2 | Windows | ACCESS CONTROL |
| WN11-UR-000160 - The 'Restore files and directories' user right must only be assigned to the Administrators group. | DISA Windows 11 STIG v2r2 | Windows | ACCESS CONTROL |
| WN11-UR-000165 - The 'Take ownership of files or other objects' user right must only be assigned to the Administrators group. | DISA Windows 11 STIG v2r2 | Windows | ACCESS CONTROL |
| WN22-DC-000080 - Windows Server 2022 Active Directory SYSVOL directory must have the proper access control permissions. | DISA Windows Server 2022 STIG v2r2 | Windows | ACCESS CONTROL |
| WN22-DC-000090 - Windows Server 2022 Active Directory Group Policy objects must have proper access control permissions. | DISA Windows Server 2022 STIG v2r2 | Windows | ACCESS CONTROL |
| WN22-DC-000350 - Windows Server 2022 Add workstations to domain user right must only be assigned to the Administrators group on domain controllers. | DISA Windows Server 2022 STIG v2r2 | Windows | ACCESS CONTROL |
| WN22-DC-000420 - Windows Server 2022 Enable computer and user accounts to be trusted for delegation user right must only be assigned to the Administrators group on domain controllers. | DISA Windows Server 2022 STIG v2r2 | Windows | ACCESS CONTROL |
| WN22-MS-000010 - Windows Server 2022 must only allow administrators responsible for the member server or standalone or nondomain-joined system to have Administrator rights on the system. | DISA Windows Server 2022 STIG v2r2 | Windows | ACCESS CONTROL |
| WN22-UR-000020 - Windows Server 2022 Act as part of the operating system user right must not be assigned to any groups or accounts. | DISA Windows Server 2022 STIG v2r2 | Windows | ACCESS CONTROL |
| WN22-UR-000090 - Windows Server 2022 create symbolic links user right must only be assigned to the Administrators group. | DISA Windows Server 2022 STIG v2r2 | Windows | ACCESS CONTROL |
| WN22-UR-000120 - Windows Server 2022 generate security audits user right must only be assigned to Local Service and Network Service. | DISA Windows Server 2022 STIG v2r2 | Windows | ACCESS CONTROL |
