| 19.7.4.2 (L1) Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| 19.7.4.2 Ensure 'Notify antivirus programs when opening attachments' is set to 'Enabled' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | ACCESS CONTROL, SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Disable Wi-Fi When Connected to Ethernet | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | ACCESS CONTROL |
| Big Sur - Disable Wi-Fi When Connected to Ethernet | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | ACCESS CONTROL |
| Big Sur - Disable Wi-Fi When Connected to Ethernet | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
| Catalina - Disable Wi-Fi When Connected to Ethernet | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL |
| Catalina - Disable Wi-Fi When Connected to Ethernet | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL |
| Catalina - Disable Wi-Fi When Connected to Ethernet | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL |
| Catalina - Disable Wi-Fi When Connected to Ethernet | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL |
| DTBI515 - Web sites in less privileged web content zones must be disallowed to navigate into the Internet zone. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | ACCESS CONTROL |
| DTBI520 - Web sites in less privileged web content zones must be disallowed to navigate into the Restricted Site zone. | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | ACCESS CONTROL |
| FNFG-FW-000005 - The FortiGate firewall must use filters that use packet headers and packet attributes, including source and destination IP addresses and ports. | DISA Fortigate Firewall STIG v1r3 | FortiGate | ACCESS CONTROL |
| GEN003600 - The system must not forward IPv4 source-routed packets. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003602 - The system must not process ICMP timestamp requests. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003603 - The system must not respond to ICMPv4 echoes sent to a broadcast address. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003604 - The system must not respond to ICMP timestamp requests sent to a broadcast address. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003605 - The system must not apply reversed source routing to TCP responses. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003606 - The system must prevent local applications from generating source-routed packets. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003607 - The system must not accept source-routed IPv4 packets. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003608 - Proxy ARP must not be enabled on the system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003610 - The system must not send IPv4 ICMP redirects. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN003860 - The system must not have the finger service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007700 - The IPv6 protocol handler must not be bound to the network stack unless needed. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007720 - The IPv6 protocol handler must be prevented from dynamic loading unless needed. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007760 - Proxy Neighbor Discovery Protocol (NDP) must not be enabled on the system. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007780 - The system must not have 6to4 enabled. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007820 - The system must not have IP tunnels configured - 'ifconfig -a' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007820 - The system must not have IP tunnels configured - 'lstun -a' | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007860 - The system must ignore IPv6 ICMP redirect messages. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007880 - The system must not send IPv6 ICMP redirects. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007900 - The system must use an appropriate reverse-path filter for IPv6 network traffic, if the system uses IPv6. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007920 - The system must not forward IPv6 source-routed packets. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN007940 - The system must not accept source-routed IPv6 packets. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| JUEX-RT-000040 - The Juniper BGP router must be configured to reject inbound route advertisements from a customer edge (CE) router for prefixes that are not allocated to that customer. | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| JUEX-RT-000070 - The Juniper router configured for Multicast Source Discovery Protocol (MSDP) must filter received source-active multicast advertisements for any undesirable multicast groups and sources. | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| JUEX-RT-000180 - The Juniper perimeter router must not be configured to be a Border Gateway Protocol (BGP) peer to an alternate gateway service provider. | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| JUEX-RT-000200 - The Juniper out-of-band management (OOBM) gateway router must be configured to have separate IGP instances for the managed network and management network. | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| JUEX-RT-000230 - The Juniper multicast Rendezvous Point (RP) router must be configured to filter Protocol Independent Multicast (PIM) Join messages received from the Designated Router (DR) for any undesirable multicast groups. | DISA Juniper EX Series Router v2r1 | Juniper | ACCESS CONTROL |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - 800-53r5 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - All Profiles | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Internet Sharing | NIST macOS Monterey v1.0.0 - 800-171 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Monterey - Disable Wi-Fi When Connected to Ethernet | NIST macOS Monterey v1.0.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL |
| Monterey - Disable Wi-Fi When Connected to Ethernet | NIST macOS Monterey v1.0.0 - 800-171 | Unix | ACCESS CONTROL |
| Monterey - Disable Wi-Fi When Connected to Ethernet | NIST macOS Monterey v1.0.0 - CNSSI 1253 | Unix | ACCESS CONTROL |
