| BIND-9X-001055 - A BIND 9.x server implementation must prohibit recursion on authoritative name servers - options allow-query | DISA BIND 9.x STIG v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-L2-000040 - The Cisco switch must manage excess bandwidth to limit the effects of packet flooding types of denial-of-service (DoS) attacks - DoS attacks. | DISA STIG Cisco IOS XE Switch L2S v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-L2-000040 - The Cisco switch must manage excess bandwidth to limit the effects of packet-flooding types of denial-of-service (DoS) attacks. | DISA STIG Cisco IOS Switch L2S v3r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-AG-000124 - The Juniper SRX Services Gateway Firewall must block outbound traffic containing known and unknown denial-of-service (DoS) attacks to protect against the use of internal information systems to launch any DoS attacks against other networks or endpoints - DoS attacks against other networks or endpoints. | DISA Juniper SRX Services Gateway ALG v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-IP-000005 - The Juniper Networks SRX Series Gateway IDPS must block outbound traffic containing known and unknown DoS attacks by ensuring that rules are applied to outbound communications traffic. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-IP-000006 - The Juniper Networks SRX Series Gateway IDPS must block outbound traffic containing known and unknown DoS attacks by ensuring that signature-based objects are applied to outbound communications traffic. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| PANW-AG-000047 - The Palo Alto Networks security platform must protect against the use of internal systems for launching denial-of-service (DoS) attacks against external networks or endpoints - DoS attacks against other networks or endpoints. | DISA STIG Palo Alto ALG v3r1 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| PANW-AG-000047 - The Palo Alto Networks security platform must protect against the use of internal systems from launching Denial of Service (DoS) attacks against other networks or endpoints. | DISA STIG Palo Alto ALG v2r1 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| PANW-AG-000049 - The Palo Alto Networks security platform must block phone home traffic. | DISA STIG Palo Alto ALG v3r1 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| PANW-AG-000049 - The Palo Alto Networks security platform must block phone home traffic. | DISA STIG Palo Alto ALG v2r1 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| PANW-AG-000102 - The Palo Alto Networks security platform must protect against Denial of Service (DoS) attacks by employing rate-based attack prevention behavior analysis (traffic thresholds). | DISA STIG Palo Alto ALG v2r1 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| PANW-AG-000112 - The Palo Alto Networks security platform must detect use of network services that have not been authorized or approved by the ISSM and ISSO, at a minimum. | DISA STIG Palo Alto ALG v2r1 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| PANW-IP-000018 - The Palo Alto Networks security platform must have a denial-of-service (DoS) Protection Profile for outbound traffic applied to a policy for traffic originating from the internal zone going to the external zone. | DISA STIG Palo Alto IDPS v3r1 | Palo_Alto | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-16-030410 - An application firewall must protect against or limit the effects of Denial of Service (DoS) attacks by ensuring the Ubuntu operating system is implementing rate-limiting measures on impacted network interfaces - DoS attacks | DISA STIG Ubuntu 16.04 LTS v2r1 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-18-010504 - The Ubuntu operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments. | DISA STIG Ubuntu 18.04 LTS v2r2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-18-010504 - The Ubuntu operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments. | DISA STIG Ubuntu 18.04 LTS v2r4 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-18-010512 - The Ubuntu operating system must configure the uncomplicated firewall to rate-limit impacted network interfaces. | DISA STIG Ubuntu 18.04 LTS v2r2 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-18-010512 - The Ubuntu operating system must configure the uncomplicated firewall to rate-limit impacted network interfaces. | DISA STIG Ubuntu 18.04 LTS v2r4 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| WN10-CC-000220 - Turning off File Explorer heap termination on corruption must be disabled. | DISA Windows 10 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN10-CC-000220 - Turning off File Explorer heap termination on corruption must be disabled. | DISA Windows 10 STIG v2r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-CC-000090 - Turning off File Explorer heap termination on corruption must be disabled. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-CC-000090 - Turning off File Explorer heap termination on corruption must be disabled. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-CC-000090 - Turning off File Explorer heap termination on corruption must be disabled. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-CC-000090 - Turning off File Explorer heap termination on corruption must be disabled. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-CC-000090 - Turning off File Explorer heap termination on corruption must be disabled. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000041 - The system must be configured to limit how often keep-alive packets are sent. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000041 - The system must be configured to limit how often keep-alive packets are sent. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000041 - The system must be configured to limit how often keep-alive packets are sent. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000041 - The system must be configured to limit how often keep-alive packets are sent. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000041 - The system must be configured to limit how often keep-alive packets are sent. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000044 - The system must be configured to disable the Internet Router Discovery Protocol (IRDP). | DISA Windows Server 2012 and 2012 R2 DC STIG v3r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000044 - The system must be configured to disable the Internet Router Discovery Protocol (IRDP). | DISA Windows Server 2012 and 2012 R2 DC STIG v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000044 - The system must be configured to disable the Internet Router Discovery Protocol (IRDP). | DISA Windows Server 2012 and 2012 R2 MS STIG v3r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000044 - The system must be configured to disable the Internet Router Discovery Protocol (IRDP). | DISA Windows Server 2012 and 2012 R2 DC STIG v3r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000044 - The system must be configured to disable the Internet Router Discovery Protocol (IRDP). | DISA Windows Server 2012 and 2012 R2 MS STIG v3r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000044 - The system must be configured to disable the Internet Router Discovery Protocol (IRDP). | DISA Windows Server 2012 and 2012 R2 MS STIG v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000047 - IPv6 TCP data retransmissions must be configured to prevent resources from becoming exhausted. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000047 - IPv6 TCP data retransmissions must be configured to prevent resources from becoming exhausted. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000047 - IPv6 TCP data retransmissions must be configured to prevent resources from becoming exhausted. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000047 - IPv6 TCP data retransmissions must be configured to prevent resources from becoming exhausted. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000047 - IPv6 TCP data retransmissions must be configured to prevent resources from becoming exhausted. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000047 - IPv6 TCP data retransmissions must be configured to prevent resources from becoming exhausted. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000048 - The system must limit how many times unacknowledged TCP data is retransmitted. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r3 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000048 - The system must limit how many times unacknowledged TCP data is retransmitted. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000048 - The system must limit how many times unacknowledged TCP data is retransmitted. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000048 - The system must limit how many times unacknowledged TCP data is retransmitted. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-SO-000048 - The system must limit how many times unacknowledged TCP data is retransmitted. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WNFWA-000005 - The Windows Firewall must allow outbound connections when connected to a domain. | DISA Microsoft Windows Firewall v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WNFWA-000013 - The Windows Firewall must allow outbound connections when connected to a private network | DISA Microsoft Windows Firewall v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WNFWA-000021 - The Windows Firewall must allow outbound connections when connected to a public network | DISA Microsoft Windows Firewall v1r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
