| F5BI-LT-000025 - The BIG-IP Core implementation must be configured to retain the Standard Mandatory DoD-approved Notice and Consent Banner on the screen until users accessing virtual servers acknowledge the usage conditions and take explicit actions to log on for further access. | DISA F5 BIG-IP Local Traffic Manager STIG v2r3 | F5 | ACCESS CONTROL |
| RHEL-06-000200 - The audit system must be configured to audit user deletions of files and programs - unlinkat 32 bit | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000231 - The SSH daemon must set a timeout count on idle sessions. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | MAINTENANCE |
| RHEL-06-000261 - The Automatic Bug Reporting Tool (abrtd) service must not be running - 'PROCESS_CHECK'. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000266 - The oddjobd service must not be running - 'PROCESS_CHECK'. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000294 - All GIDs referenced in /etc/passwd must be defined in /etc/group | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000299 - The system must require passwords to contain no more than three consecutive repeating characters - system-auth. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000335 - The operating system must manage information system identifiers for users and devices by disabling the user identifier after an organization defined time period of inactivity. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-06-000339 - The FTP daemon must be configured for logging or verbose mode - 'xferlog_std_format = no'. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-06-000516 - The system package management tool must verify ownership on all files and directories associated with packages. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000525 - Auditing must be enabled at boot by setting a kernel parameter - UEFI | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| RHEL-07-021330 - The Red Hat Enterprise Linux operating system must use a separate file system for the system audit data path. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| SLES-12-030310 - The SUSE operating system must be configured to use Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). | DISA SLES 12 STIG v2r13 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010340 - The audit system must be configured to audit failed attempts to access files and programs. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-010350 - The operating system must protect against an individual falsely denying having performed a particular action. In order to do so the system must be configured to send audit records to a remote audit server. | DISA STIG Solaris 11 SPARC v3r1 | Unix | AUDIT AND ACCOUNTABILITY |
| SOL-11.1-010360 - The auditing system must not define a different auditing level for specific users. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-020090 - The finger daemon package must not be installed. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-040270 - The value mesg n must be configured as the default setting for all users. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-040500 - The operating system must limit the number of concurrent sessions for each account to an organization-defined number of sessions. | DISA STIG Solaris 11 SPARC v3r1 | Unix | ACCESS CONTROL |
| SOL-11.1-050020 - The system must not respond to ICMP timestamp requests. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-050100 - The system must disable TCP reverse IP source routing. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-050120 - The system must set maximum number of incoming connections to 1024. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-050370 - The system must prevent local applications from generating source-routed packets. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-050380 - The operating system must display the DoD approved system use notification message or banner before granting access to the system for general system logons. | DISA STIG Solaris 11 X86 v3r1 | Unix | ACCESS CONTROL |
| SOL-11.1-050380 - The operating system must display the DoD approved system use notification message or banner before granting access to the system for general system logons. | DISA STIG Solaris 11 SPARC v3r1 | Unix | ACCESS CONTROL |
| SOL-11.1-050430 - The FTP service must display the DoD approved system use notification message or banner before granting access to the system. | DISA STIG Solaris 11 X86 v3r1 | Unix | ACCESS CONTROL |
| SOL-11.1-090040 - The system must not have any unnecessary accounts. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-090240 - All manual editing of system-relevant files shall be done using the pfedit command, which logs changes made to the files. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-100050 - The audit system must maintain a central audit trail for all zones. | DISA STIG Solaris 11 X86 v3r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-16-010930 - The Ubuntu operating system must use a separate file system for the system audit data path. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-18-010314 - The Ubuntu operating system must allocate audit record storage capacity to store at least one weeks worth of audit records, when audit records are not immediately sent to a central audit record storage facility. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-18-010503 - The Ubuntu operating system must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000069 - Oracle WebLogic must generate audit records for the DoD-selected list of auditable events. | Oracle WebLogic Server 12c Windows v2r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000073 - Oracle WebLogic must produce process events and severity levels to establish what type of HTTPD-related events and severity levels occurred. | Oracle WebLogic Server 12c Linux v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000074 - Oracle WebLogic must produce audit records containing sufficient information to establish what type of JVM-related events and severity levels occurred. | Oracle WebLogic Server 12c Linux v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000075 - Oracle WebLogic must produce process events and security levels to establish what type of Oracle WebLogic process events and severity levels occurred. | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000079 - Oracle WebLogic must produce audit records that contain sufficient information to establish the outcome (success or failure) of application server and application events. | Oracle WebLogic Server 12c Windows v2r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000083 - Oracle WebLogic must provide a real-time alert when organization-defined audit failure events occur - Module-HealthState | Oracle WebLogic Server 12c Windows v2r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000084 - Oracle WebLogic must alert designated individual organizational officials in the event of an audit processing failure - SMTP Notification | Oracle WebLogic Server 12c Linux v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000086 - Oracle WebLogic must notify administrative personnel as a group in the event of audit processing failure - Module-HealthState | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000086 - Oracle WebLogic must notify administrative personnel as a group in the event of audit processing failure - SMTP Notification | Oracle WebLogic Server 12c Windows v2r1 | Windows | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000093 - Oracle WebLogic must use internal system clocks to generate time stamps for audit records. | Oracle WebLogic Server 12c Linux v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000093 - Oracle WebLogic must use internal system clocks to generate time stamps for audit records. | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-02-000095 - Oracle WebLogic must protect audit information from any type of unauthorized read access. | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-08-000210 - Oracle WebLogic must terminate the network connection associated with a communications session at the end of the session or after a DoD-defined time period of inactivity. | Oracle WebLogic Server 12c Linux v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-CC-000006 - All Direct Access traffic must be routed through the internal network. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-CC-000020 - An Error Report must not be sent when a generic device driver is installed. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-SO-000025 - Users must be warned in advance of their passwords expiring. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-SO-000044 - The system must be configured to disable the Internet Router Discovery Protocol (IRDP). | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN12-UC-000006 - Toast notifications to the lock screen must be turned off. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
