| AIOS-17-010600 - Apple iOS/iPadOS 17 must implement the management setting: not allow automatic completion of Safari browser passcodes. | MobileIron - DISA Apple iOS/iPadOS 17 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-011900 - Apple iOS/iPadOS 17 users must complete required training. | AirWatch - DISA Apple iOS/iPadOS 17 v2r2 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-711200 - iPhone and iPad must have the latest available iOS/iPadOS operating system installed. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r2 | MDM | CONFIGURATION MANAGEMENT |
| APPL-14-002110 - The macOS system must disable Bluetooth sharing. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Big Sur - Disable Calendar.app | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Big Sur - Disable Mail App | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Big Sur - Disable Mail App | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Catalina - Disable Calendar.app | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Catalina - Disable Calendar.app | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Catalina - Disable Mail App | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Catalina - Disable Mail App | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Catalina - Disable Mail App | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| DB2X-00-003700 - Access to external executables must be disabled or restricted | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | CONFIGURATION MANAGEMENT |
| DKER-EE-001880 - The Docker Enterprise self-signed certificates in Docker Trusted Registry (DTR) must be replaced with DoD trusted, signed certificates. | DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-002020 - Docker Enterprise CPU priority must be set appropriately on all containers. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-002030 - All Docker Enterprise containers root filesystem must be mounted as read only. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-002040 - Docker Enterprise host devices must not be directly exposed to containers. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-002070 - The Docker Enterprise default seccomp profile must not be disabled. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-002080 - Docker Enterprise exec commands must not be used with privileged option. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-002130 - The Docker Enterprise socket must not be mounted inside any containers. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DTBC-0004 - Sites ability to show pop-ups must be disabled. | DISA Google Chrome Current Windows STIG v2r11 | Windows | CONFIGURATION MANAGEMENT |
| DTBI091-IE11 - Java permissions must be configured with High Safety (Trusted Sites zone). | DISA STIG IE 11 v2r5 | Windows | CONFIGURATION MANAGEMENT |
| DTBI121-IE11 - Java permissions must be disallowed (Restricted Sites zone). | DISA STIG IE 11 v2r5 | Windows | CONFIGURATION MANAGEMENT |
| DTBI126-IE11 - Functionality to drag and drop or copy and paste files must be disallowed (Restricted Sites zone). | DISA STIG IE 11 v2r5 | Windows | CONFIGURATION MANAGEMENT |
| DTBI133-IE11 - Active scripting must be disallowed (Restricted Sites Zone). | DISA STIG IE 11 v2r5 | Windows | CONFIGURATION MANAGEMENT |
| DTBI318-IE11 - Internet Explorer must be set to disallow users to add/delete sites. | DISA STIG IE 11 v2r5 | Windows | CONFIGURATION MANAGEMENT |
| DTBI385-IE11 - Script-initiated windows without size or position constraints must be disallowed (Internet zone). | DISA STIG IE 11 v2r5 | Windows | CONFIGURATION MANAGEMENT |
| DTBI435-IE11 - Java permissions must be disallowed (Locked Down Intranet zone). | DISA STIG IE 11 v2r5 | Windows | CONFIGURATION MANAGEMENT |
| DTBI495-IE11 - Pop-up Blocker must be enforced (Internet zone). | DISA STIG IE 11 v2r5 | Windows | CONFIGURATION MANAGEMENT |
| DTBI605-IE11 - Internet Explorer Processes for MK protocol must be enforced (iexplore). | DISA STIG IE 11 v2r5 | Windows | CONFIGURATION MANAGEMENT |
| DTBI725-IE11 - Turn on the auto-complete feature for user names and passwords on forms must be disabled. | DISA STIG IE 11 v2r5 | Windows | CONFIGURATION MANAGEMENT |
| DTBI810-IE11 - When uploading files to a server, the local directory path must be excluded (Internet zone). | DISA STIG IE 11 v2r5 | Windows | CONFIGURATION MANAGEMENT |
| DTBI840-IE11 - Cross-Site Scripting Filter must be enforced (Internet zone). | DISA STIG IE 11 v2r5 | Windows | CONFIGURATION MANAGEMENT |
| DTBI860-IE11 - When uploading files to a server, the local directory path must be excluded (Restricted Sites zone). | DISA STIG IE 11 v2r5 | Windows | CONFIGURATION MANAGEMENT |
| DTBI910-IE11 - Status bar updates via script must be disallowed (Internet zone). | DISA STIG IE 11 v2r5 | Windows | CONFIGURATION MANAGEMENT |
| DTBI1110-IE11 - Enabling outdated ActiveX controls for Internet Explorer must be blocked. | DISA STIG IE 11 v2r5 | Windows | CONFIGURATION MANAGEMENT |
| EX13-CA-000095 - Exchange IMAP4 service must be disabled. | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| EX13-CA-000105 - Exchange must have the Public Folder virtual directory removed if not in use by the site. | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| GOOG-09-003500 - The Google Android Pie must be configured to disable USB mass storage mode. | AirWatch - DISA Google Android 9.x v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-10-003500 - Google Android 10 must be configured to disable USB mass storage mode. | MobileIron - DISA Google Android 10.x v2r1 | MDM | CONFIGURATION MANAGEMENT |
| MD3X-00-000280 - Unused database components, DBMS software, and database objects must be removed. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | CONFIGURATION MANAGEMENT |
| Monterey - Disable the Internet Accounts System Preference Pane | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable the Internet Accounts System Preference Pane | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| O112-C2-004400 - OS accounts utilized to run external procedures called by the DBMS must have limited privileges. | DISA STIG Oracle 11.2g v2r5 Linux | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000223 - The TFTP service must not be running - CHKCONFIG | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000315 - The Bluetooth kernel module must be disabled - 'net-pf-31' | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-212050 - RHEL 9 must enable mitigations against processor-based vulnerabilities. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| RHEL-09-252025 - RHEL 9 must disable the chrony daemon from acting as a server. | DISA Red Hat Enterprise Linux 9 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| SQL4-00-016835 - SQL Server must have the Data Quality Services software component removed if it is unused. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-017000 - Unused database components that are integrated in SQL Server and cannot be uninstalled must be disabled. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
