| AMLS-NM-000210 - The Arista Multilayer Switch must be configured to prohibit the use of all unnecessary and/or nonsecure functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments. | DISA STIG Arista MLS DCS-7000 Series NDM v1r4 | Arista | CONFIGURATION MANAGEMENT |
| AOSX-15-002021 - The macOS system must be configured to disable sending diagnostic and usage data to Apple. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | CONFIGURATION MANAGEMENT |
| AS24-U2-000360 - The Apache web server must be configured to use a specified IP address and port. | DISA STIG Apache Server 2.4 Unix Site v2r4 | Unix | CONFIGURATION MANAGEMENT |
| AS24-W2-000360 - The Apache web server must be configured to use a specified IP address and port - Zero IPs Only | DISA STIG Apache Server 2.4 Windows Site v2r1 | Windows | CONFIGURATION MANAGEMENT |
| CISC-ND-000470 - The Cisco router must be configured to prohibit the use of all unnecessary and nonsecure functions and services. | DISA STIG Cisco IOS Router NDM v3r2 | Cisco | CONFIGURATION MANAGEMENT |
| DKER-EE-002160 - Docker Enterprise incoming container traffic must be bound to a specific host interface. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| F5BI-LT-000071 - The BIG-IP Core implementation must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the Ports, Protocol, and Service Management (PPSM) Category Assurance List (CAL) and vulnerability assessments. | DISA F5 BIG-IP Local Traffic Manager STIG v2r3 | F5 | CONFIGURATION MANAGEMENT |
| IIST-SI-000219 - Each IIS 10.0 website must be assigned a default host header. | DISA IIS 10.0 Site v2r10 | Windows | CONFIGURATION MANAGEMENT |
| IISW-SI-000219 - Each IIS 8.5 website must be assigned a default host header. | DISA IIS 8.5 Site v2r9 | Windows | CONFIGURATION MANAGEMENT |
| JBOS-AS-000255 - JBoss application and management ports must be approved by the PPSM CAL. | DISA JBoss EAP 6.3 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| JUSX-DM-000109 - For nonlocal maintenance sessions, the Juniper SRX Services Gateway must remove or explicitly deny the use of nonsecure protocols. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | CONFIGURATION MANAGEMENT |
| JUSX-DM-000115 - The Juniper SRX Services Gateway must be configured with only one local user account to be used as the account of last resort. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | CONFIGURATION MANAGEMENT |
| O112-C2-001700 - The DBMS must support the disabling of network protocols deemed by the organization to be non-secure. | DISA STIG Oracle 11.2g v2r5 Windows | Windows | CONFIGURATION MANAGEMENT |
| OH12-1X-000173 - OHS must be configured to use a specified IP address, port, and protocol - httpd.conf | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | CONFIGURATION MANAGEMENT |
| OH12-1X-000173 - OHS must be configured to use a specified IP address, port, and protocol - ssl.conf | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000009 - The Red Hat Network Service (rhnsd) service must not be running, unless it is being used to query the Oracle Unbreakable Linux Network for updates and information - CHKCONFIG | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000009 - The Red Hat Network Service (rhnsd) service must not be running, unless it is being used to query the Oracle Unbreakable Linux Network for updates and information - PROCESS_CHECK | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000124 - The Datagram Congestion Control Protocol (DCCP) must be disabled unless required. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000203 - The xinetd service must be disabled if no network services utilizing it are enabled - CHKCONFIG | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000204 - The xinetd service must be uninstalled if no network services utilizing it are enabled. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000221 - The ypbind service must not be running - CHKCONFIG | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000261 - The Automatic Bug Reporting Tool (abrtd) service must not be running - CHKCONFIG | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000265 - The ntpdate service must not be running - CHKCONFIG | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000265 - The ntpdate service must not be running - PROCESS_CHECK | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000266 - The oddjobd service must not be running - CHKCONFIG | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000266 - The oddjobd service must not be running - PROCESS_CHECK | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000268 - The rdisc service must not be running - PROCESS_CHECK | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000009 - The Red Hat Network Service (rhnsd) service must not be running, unless using RHN or an RHN Satellite - 'CHKCONFIG'. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000009 - The Red Hat Network Service (rhnsd) service must not be running, unless using RHN or an RHN Satellite - 'PROCESS_CHECK'. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000125 - The Stream Control Transmission Protocol (SCTP) must be disabled unless required. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000203 - The xinetd service must be disabled if no network services utilizing it are enabled - PROCESS_CHECK. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000204 - The xinetd service must be uninstalled if no network services utilizing it are enabled. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000221 - The ypbind service must not be running - PROCESS | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000261 - The Automatic Bug Reporting Tool (abrtd) service must not be running - 'CHKCONFIG'. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000262 - The atd service must be disabled - PROCESS_CHECK. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000265 - The ntpdate service must not be running - 'CHKCONFIG'. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000266 - The oddjobd service must not be running - 'CHKCONFIG'. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000267 - The qpidd service must not be running - CHKCONFIG. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000267 - The qpidd service must not be running - PROCESS_CHECK. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000268 - The rdisc service must not be running - 'PROCESS_CHECK'. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-251015 - The firewalld service on RHEL 9 must be active. | DISA Red Hat Enterprise Linux 9 STIG v2r3 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| SLES-15-010220 - The SUSE operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services as defined in the Ports, Protocols, and Services Management (PPSM) Category Assignments List (CAL) and vulnerability assessments. | DISA SLES 15 STIG v2r2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| SQL4-00-017400 - SQL Server must be configured to prohibit or restrict the use of unauthorized network protocols. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL4-00-017410 - SQL Server must be configured to prohibit or restrict the use of unauthorized network ports. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | CONFIGURATION MANAGEMENT |
| SQL6-D0-007700 - SQL Server must be configured to prohibit or restrict the use of organization-defined ports, as defined in the PPSM CAL and vulnerability assessments. | DISA STIG SQL Server 2016 Instance OS Audit v3r2 | Windows | CONFIGURATION MANAGEMENT |
| WDNS-CM-000029 - The Windows 2012 DNS Server must be configured to prohibit or restrict unapproved ports and protocols. | DISA Microsoft Windows 2012 Server DNS STIG v2r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-SV-000105 - The Telnet service must be disabled if installed. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN16-00-000390 - The Telnet Client must not be installed. | DISA Windows Server 2016 STIG v2r9 | Windows | CONFIGURATION MANAGEMENT |
| WN19-00-000330 - Windows Server 2019 must not have the Microsoft FTP service installed unless required by the organization. | DISA Microsoft Windows Server 2019 STIG v3r3 | Windows | CONFIGURATION MANAGEMENT |
| WN19-00-000360 - Windows Server 2019 must not have the Telnet Client installed. | DISA Microsoft Windows Server 2019 STIG v3r3 | Windows | CONFIGURATION MANAGEMENT |
