| DKER-EE-001000 - The Docker Enterprise Per User Limit Login Session Control in the Universal Control Plane (UCP) Admin Settings must be set to an organization-defined value for all accounts and/or account types. | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2 | Unix | ACCESS CONTROL |
| EX16-MB-000060 - Exchange Audit record parameters must be set. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | AUDIT AND ACCOUNTABILITY |
| EX16-MB-000070 - Exchange Circular Logging must be disabled. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | AUDIT AND ACCOUNTABILITY |
| GEN002752 - The audit system must be configured to audit account disabling - flags +ua and -ua | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN002752 - The audit system must be configured to audit account disabling - naflags ua | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN002753 - The audit system must be configured to audit account termination - naflags +ua and -ua | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GOOG-09-003400 - The Google Android Pie must be configured to display the DoD advisory warning message at start-up or each time the user unlocks the device. | AirWatch - DISA Google Android 9.x v2r1 | MDM | ACCESS CONTROL |
| IIST-SV-000205 - The IIS 10.0 web server must enable HTTP Strict Transport Security (HSTS) | DISA IIS 10.0 Server v2r10 | Windows | CONFIGURATION MANAGEMENT |
| IIST-SV-000210 - HTTPAPI Server version must be removed from the HTTP Response Header information. | DISA IIS 10.0 Server v2r10 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| JUNI-RT-000460 - The Juniper BGP router must be configured to enable the Generalized TTL Security Mechanism (GTSM) - Interfaces | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000550 - The Juniper BGP router must be configured to limit the prefix size on any inbound route advertisement to /24 or the least significant prefixes issued to the customer - prefix-length-range | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000570 - The Juniper MPLS router must be configured to use its loopback address as the source address for LDP peering sessions. | DISA STIG Juniper Router RTR v3r1 | Juniper | CONTINGENCY PLANNING |
| JUNI-RT-000690 - The Juniper PE router must be configured to implement Protocol Independent Multicast (PIM) snooping for each Virtual Private LAN Services (VPLS) bridge domain. | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000810 - The Juniper multicast Rendezvous Point (RP) router must be configured to limit the multicast forwarding cache so that its resources are not saturated by managing an overwhelming number of Protocol Independent Multicast (PIM) and Multicast Source Discovery Protocol (MSDP) source-active entries - suppress | DISA STIG Juniper Router RTR v3r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000930 - The Juniper Multicast Source Discovery Protocol (MSDP) router must be configured to limit the amount of source-active messages it accepts on per-peer basis. | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL |
| OH12-1X-000094 - OHS must have the LoadModule vhost_alias_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000096 - OHS must have the LoadModule mime_magic_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000112 - OHS must have the LoadModule dir_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000117 - OHS must have the IfModule cgid_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000141 - OHS must have the LoadModule usertrack_module directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000198 - OHS must have the HostnameLookups directive enabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000206 - OHS must have the RewriteLog directive set properly. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 412 | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 502 | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OL6-00-000004 - The system must use a separate file system for the system audit data path. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000025 - All device files must be monitored by the system Linux Security Module. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000071 - The system must be configured so all network connections associated with a communication session are terminated at the end of the session or after 15 minutes of inactivity from the user at a command prompt, except to fulfill documented and validated mission requirements. | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000171 - The audit system must be configured to audit all attempts to alter system time through clock_settime - b32 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000182 - The audit system must be configured to audit modifications to the systems network configuration - '/etc/issue.net' | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000183 - The audit system must be configured to audit modifications to the systems Mandatory Access Control (MAC) configuration (SELinux) - SELinux | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000184 - The audit system must be configured to audit all discretionary access control permission modifications using chmod, fchmod, and fchmodat - b64 auid=0 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000185 - The audit system must be configured to audit all discretionary access control permission modifications using chown, fchown, fchownat, and lchown - b32 auid=0 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000190 - The audit system must be configured to audit all discretionary access control permission modifications using setxattr, lsetxattr, fsetxattr, removexattr, lremovexattr, and fremovexattr - b32 auid=0 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000197 - The audit system must be configured to audit failed attempts to access files and programs - b64 EACCES auid>=500 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000199 - The audit system must be configured to audit successful file system mounts - b64 auid>=500 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000200 - The audit system must be configured to audit user deletions of files and programs - b64 auid>=500 | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000268 - The rdisc service must not be running - CHKCONFIG | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000273 - The system must use SMB client signing for connecting to samba servers using mount.cifs. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000276 - The operating system must protect the confidentiality and integrity of data at rest. | DISA STIG Oracle Linux 6 v2r7 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL6-00-000294 - All GIDs referenced in /etc/passwd must be defined in /etc/group. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000299 - The system must require passwords to contain no more than three consecutive repeating characters - password-auth | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000319 - The system must limit users to 10 simultaneous system logins, or a site-defined number, in accordance with operational requirements. | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000339 - The FTP daemon must be configured for logging or verbose mode - 'xferlog_enable' | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL6-00-000342 - The system default umask for the bash shell must be 077. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000525 - Auditing must be enabled at boot by setting a kernel parameter. | DISA STIG Oracle Linux 6 v2r7 | Unix | AUDIT AND ACCOUNTABILITY |
| OL07-00-021320 - The Oracle Linux operating system must use a separate file system for /var. | DISA Oracle Linux 7 STIG v2r14 | Unix | CONFIGURATION MANAGEMENT |
| OL07-00-021340 - The Oracle Linux operating system must use a separate file system for /tmp (or equivalent) - or equivalent. | DISA Oracle Linux 7 STIG v2r14 | Unix | CONFIGURATION MANAGEMENT |
| OL07-00-040600 - For Oracle Linux operating systems using DNS resolution, at least two name servers must be configured - immutable. | DISA Oracle Linux 7 STIG v2r14 | Unix | CONFIGURATION MANAGEMENT |
| SQL4-00-039100 - The SQL Server Browser service must be disabled if its use is not necessary.. | DISA STIG SQL Server 2014 Instance OS Audit v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN19-CC-000040 - Windows Server 2019 source routing must be configured to the highest protection level to prevent Internet Protocol (IP) source routing. | DISA Windows Server 2019 STIG v3r2 | Windows | CONFIGURATION MANAGEMENT |
