| ARST-RT-000020 - The Arista BGP router must be configured to reject inbound route advertisements for any Bogon prefixes. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| ARST-RT-000080 - The Arista Multicast Source Discovery Protocol (MSDP) router must be configured to filter source-active multicast advertisements to external MSDP peers to avoid global visibility of local-only multicast sources and groups. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| ARST-RT-000180 - The Arista perimeter router must be configured to not redistribute static routes to an alternate gateway service provider into BGP or an IGP peering with the NIPRNet or to other autonomous systems. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| Big Sur - Disable Wi-Fi When Connected to Ethernet | NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL |
| Big Sur - Disable Wi-Fi When Connected to Ethernet | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL |
| Big Sur - Disable Wi-Fi When Connected to Ethernet | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL |
| Big Sur - Disable Wi-Fi When Connected to Ethernet | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| Big Sur - Disable Wi-Fi When Connected to Ethernet | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
| Catalina - Disable Wi-Fi When Connected to Ethernet | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | ACCESS CONTROL |
| Catalina - Disable Wi-Fi When Connected to Ethernet | NIST macOS Catalina v1.5.0 - 800-171 | Unix | ACCESS CONTROL |
| Catalina - Disable Wi-Fi When Connected to Ethernet | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL |
| Catalina - Disable Wi-Fi When Connected to Ethernet | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| Catalina - Disable Wi-Fi When Connected to Ethernet | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
| DTBI515 - Web sites in less privileged web content zones must be disallowed to navigate into the Internet zone. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | ACCESS CONTROL |
| DTBI520 - Web sites in less privileged web content zones must be disallowed to navigate into the Restricted Site zone. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | ACCESS CONTROL |
| GEN000000-AIX0210 - The system must provide protection from Internet Control Message Protocol (ICMP) attacks on TCP connections. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000000-AIX0300 - The system must not have the bootp service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000000-AIX0310 - The /etc/ftpaccess.ctl file must exist. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003600 - The system must not forward IPv4 source-routed packets. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003602 - The system must not process ICMP timestamp requests. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003603 - The system must not respond to ICMPv4 echoes sent to a broadcast address. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003604 - The system must not respond to ICMP timestamp requests sent to a broadcast address. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003605 - The system must not apply reversed source routing to TCP responses. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003606 - The system must prevent local applications from generating source-routed packets. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003607 - The system must not accept source-routed IPv4 packets. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003608 - Proxy ARP must not be enabled on the system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003610 - The system must not send IPv4 ICMP redirects. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003860 - The system must not have the finger service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007700 - The IPv6 protocol handler must not be bound to the network stack unless needed. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007720 - The IPv6 protocol handler must be prevented from dynamic loading unless needed. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007760 - Proxy Neighbor Discovery Protocol (NDP) must not be enabled on the system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007780 - The system must not have 6to4 enabled. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007820 - The system must not have IP tunnels configured - 'ifconfig -a' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007820 - The system must not have IP tunnels configured - 'lstun -a' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007860 - The system must ignore IPv6 ICMP redirect messages. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007880 - The system must not send IPv6 ICMP redirects. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007900 - The system must use an appropriate reverse-path filter for IPv6 network traffic, if the system uses IPv6. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007920 - The system must not forward IPv6 source-routed packets. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007940 - The system must not accept source-routed IPv6 packets. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - 800-171 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Wi-Fi When Connected to Ethernet | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL |
| Monterey - Disable Wi-Fi When Connected to Ethernet | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | ACCESS CONTROL |
