| VCSA-80-000145 The vCenter Server must set the interval for counting failed login attempts to at least 15 minutes. | DISA VMware vSphere 8.0 vCenter STIG v2r1 | VMware | ACCESS CONTROL |
| VCSA-80-000268 The vCenter Server must set the distributed port group Forged Transmits policy to "Reject". | DISA VMware vSphere 8.0 vCenter STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000272 The vCenter Server must configure all port groups to a value other than that of the native virtual local area network (VLAN). | DISA VMware vSphere 8.0 vCenter STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000279 The vCenter Server must protect the confidentiality and integrity of transmitted information by isolating Internet Protocol (IP)-based storage traffic. | DISA VMware vSphere 8.0 vCenter STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000285 The vCenter Server must restrict access to cryptographic permissions. | DISA VMware vSphere 8.0 vCenter STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000287 The vCenter Server must have new Key Encryption Keys (KEKs) reissued at regular intervals for vSAN encrypted datastore(s). | DISA VMware vSphere 8.0 vCenter STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000291 The vCenter Server must limit membership to the "TrustedAdmins" Single Sign-On (SSO) group. | DISA VMware vSphere 8.0 vCenter STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000302 The vCenter Server must reset port configuration when virtual machines are disconnected. | DISA VMware vSphere 8.0 vCenter STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000303 The vCenter Server must disable Secure Shell (SSH) access. | DISA VMware vSphere 8.0 vCenter STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000304 The vCenter Server must enable data in transit encryption for vSAN. | DISA VMware vSphere 8.0 vCenter STIG v2r1 | VMware | CONFIGURATION MANAGEMENT |
| VCST-80-000142 The vCenter STS service default ROOT web application must be removed. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCST-80-000151 The vCenter STS service must disable 'ALLOW_BACKSLASH'. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCST-80-000154 The vCenter STS service manager webapp must be removed. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCST-80-000155 The vCenter STS service host-manager webapp must be removed. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCUI-80-000037 The vCenter UI service must be configured to use a specified IP address and port. | DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| WN10-CC-000063 - Windows 10 systems must use either Group Policy or an approved Mobile Device Management (MDM) product to enforce STIG compliance. | DISA Windows 10 STIG v3r2 | Windows | CONFIGURATION MANAGEMENT |
| WN10-CC-000070 - Virtualization Based Security must be enabled on Windows 10 with the platform security level configured to Secure Boot or Secure Boot with DMA Protection. | DISA Windows 10 STIG v3r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000025 - Windows 11 must employ automated mechanisms to determine the state of system components with regard to flaw remediation using the following frequency: Continuously, where ESS is used; 30 days, for any additional internal network scans not covered by ESS; and annually, for external scans by Computer Network Defense Service Provider (CNDSP). | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000060 - Non-system-created file shares on a system must limit access to groups that require it. | DISA Windows 11 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-00-000105 - Simple Network Management Protocol (SNMP) must not be installed on the system. | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000110 - Simple TCP/IP Services must not be installed on the system. | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000125 - Copilot in Windows must be disabled for Windows 11 | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000165 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB server. | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000170 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client. | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000175 - The Secondary Logon service must be disabled on Windows 11. | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-AU-000054 - The system must be configured to audit Logon/Logoff - Account Lockout failures. | DISA Windows 11 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000075 - The system must be configured to audit Logon/Logoff - Logon successes. | DISA Windows 11 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000082 - Windows 11 must be configured to audit Object Access - File Share successes. | DISA Windows 11 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000084 - Windows 11 must be configured to audit Object Access - Other Object Access Events failures. | DISA Windows 11 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000115 - The system must be configured to audit Privilege Use - Sensitive Privilege Use successes. | DISA Windows 11 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000130 - The system must be configured to audit System - Other System Events successes. | DISA Windows 11 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000150 - The system must be configured to audit System - Security System Extension successes. | DISA Windows 11 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000155 - The system must be configured to audit System - System Integrity failures. | DISA Windows 11 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000550 - Windows 11 must be configured to audit Other Policy Change Events Successes. | DISA Windows 11 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000555 - Windows 11 must be configured to audit Other Policy Change Events Failures. | DISA Windows 11 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000560 - Windows 11 must be configured to audit other Logon/Logoff Events Successes. | DISA Windows 11 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-AU-000580 - Windows 11 must be configured to audit MPSSVC Rule-Level Policy Change Failures. | DISA Windows 11 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-CC-000037 - Local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain systems. | DISA Windows 11 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-CC-000038 - WDigest Authentication must be disabled. | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000040 - Insecure logons to an SMB server must be disabled. | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000044 - Internet connection sharing must be disabled. | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000052 - Windows 11 must be configured to prioritize ECC Curves with longer key lengths first. | DISA Windows 11 STIG v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN11-CC-000055 - Simultaneous connections to the internet or a Windows domain must be limited. | DISA Windows 11 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-CC-000070 - Virtualization-based Security must be enabled on Windows 11 with the platform security level configured to Secure Boot or Secure Boot with DMA Protection. | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000080 - Virtualization-based protection of code integrity must be enabled. | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000295 - Attachments must be prevented from being downloaded from RSS feeds. | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000320 - Users must be notified if a web-based program attempts to install software. | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-CC-000327 - PowerShell Transcription must be enabled on Windows 11. | DISA Windows 11 STIG v2r2 | Windows | AUDIT AND ACCOUNTABILITY |
| WN11-CC-000391 - Internet Explorer must be disabled for Windows 11. | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000025 - The built-in guest account must be renamed. | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
