| AIOS-16-003000 - Apple iOS/iPadOS 16 must not allow backup to remote systems (iCloud) - iCloud. | AirWatch - DISA Apple iOS/iPadOS 16 v2r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-16-006800 - Apple iOS/iPadOS 16 must be configured to lock the display after 15 minutes (or less) of inactivity - or less of inactivity. | AirWatch - DISA Apple iOS/iPadOS 16 v2r1 | MDM | ACCESS CONTROL |
| AIOS-16-006800 - Apple iOS/iPadOS 16 must be configured to lock the display after 15 minutes (or less) of inactivity - or less of inactivity. | MobileIron - DISA Apple iOS/iPadOS 16 v2r1 | MDM | ACCESS CONTROL |
| AIOS-16-011700 - Apple iOS/iPadOS 16 must implement the management setting: Not share location data through iCloud. | AirWatch - DISA Apple iOS/iPadOS 16 v2r1 | MDM | ACCESS CONTROL |
| AIOS-17-006800 - Apple iOS/iPadOS 17 must be configured to lock the display after 15 minutes (or less) of inactivity - or less of inactivity. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | ACCESS CONTROL |
| AIOS-17-009200 - Apple iOS/iPadOS 17 must be configured to not allow backup of [all applications, configuration data] to locally connected systems. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-011300 - Apple iOS/iPadOS 17 must implement the management setting: use SSL for Exchange ActiveSync. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| AIOS-17-011700 - Apple iOS/iPadOS 17 must implement the management setting: not share location data through iCloud. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | ACCESS CONTROL |
| AIOS-17-013500 - Apple iOS must implement the management setting: not allow a user to remove Apple iOS configuration profiles that enforce DOD security requirements. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-014700 - Apple iOS/iPadOS 17 must have DOD root and intermediate PKI certificates installed. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-707400 - Apple iOS/iPadOS 17 allow list must be configured to not include applications with the following characteristics: | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIX7-00-002142 - The AIX /etc/hosts file must have a mode of 0640 or less permissive. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-002150 - The AIX cron and crontab directories must be group-owned by cron. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-000003 - The macOS system must initiate the session lock no more than five seconds after a screen saver is started. | DISA STIG Apple macOS 11 v1r5 | Unix | ACCESS CONTROL |
| APPL-11-000003 - The macOS system must initiate the session lock no more than five seconds after a screen saver is started. | DISA STIG Apple macOS 11 v1r8 | Unix | ACCESS CONTROL |
| APPL-11-000004 - The macOS system must initiate a session lock after a 15-minute period of inactivity. | DISA STIG Apple macOS 11 v1r8 | Unix | ACCESS CONTROL |
| APPL-11-000023 - The macOS system must display the Standard Mandatory DoD Notice and Consent Banner before granting remote access to the operating system. | DISA STIG Apple macOS 11 v1r8 | Unix | ACCESS CONTROL |
| APPL-11-000053 - The macOS system must be configured with the SSH daemon LoginGraceTime set to 30 or less. | DISA STIG Apple macOS 11 v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-11-001013 - The macOS system must be configured with audit log folders owned by root. | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001014 - The macOS system must be configured with audit log files group-owned by wheel. | DISA STIG Apple macOS 11 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001029 - The macOS system must allocate audit record storage capacity to store at least one week's worth of audit records when audit records are not immediately sent to a central audit record storage facility. | DISA STIG Apple macOS 11 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-002005 - The macOS system must be configured to disable Bonjour multicast advertising. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002006 - The macOS system must be configured to disable the UUCP service. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002022 - The macOS system must be configured to disable Remote Apple Events. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002023 - The macOS system must be configured to disable the application Calendar. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002035 - The macOS system must be configured to disable the Cloud Setup services. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002036 - The macOS system must be configured to disable the Privacy Setup services. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002060 - The macOS system must allow only applications that have a valid digital signature to run - EnableAssessment | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002060 - The macOS system must allow only applications that have a valid digital signature to run - Unsigned Applications | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002066 - The macOS system must not allow an unattended or automatic logon to the system. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002068 - The macOS system must set permissions on user home directories to prevent users from having access to read or modify another user's files - User directory home permissions | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002068 - The macOS system must set permissions on user home directories to prevent users from having access to read or modify another user's files - User subdirectory Public Access Control Lists | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-003013 - Apple macOS must be configured with a firmware password to prevent access to single user mode and booting from alternative media. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-003013 - Apple macOS must be configured with a firmware password to prevent access to single user mode and booting from alternative media. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-003050 - The macOS system must be configured so that the login command requires smart card authentication. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-003050 - The macOS system must be configured so that the login command requires smart card authentication. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-003052 - The macOS system must be configured so that the sudo command requires smart card authentication. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-004001 - The macOS system must be configured with system log files owned by root and group-owned by wheel or admin - newsyslog | DISA STIG Apple macOS 11 v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| APPL-11-004001 - The macOS system must be configured with system log files owned by root and group-owned by wheel or admin - newsyslog | DISA STIG Apple macOS 11 v1r8 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| APPL-11-004002 - The macOS system must be configured with system log files set to mode 640 or less permissive - newsyslog | DISA STIG Apple macOS 11 v1r8 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| APPL-11-005050 - The macOS Application Firewall must be enabled - EnableFirewall | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-005050 - The macOS Application Firewall must be enabled - EnableFirewall | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-005051 - The macOS system must restrict the ability to utilize external writeable media devices. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| Configuring CIDR Network Addresses for the BIG-IP packet filter - Always accept important ICMP | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring CIDR Network Addresses for the BIG-IP packet filter - Review Packet-Filter Rules | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring CIDR Network Addresses for the BIG-IP packet filter - Send ICMP error on packet reject | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| MYS8-00-001900 - The MySQL Database Server 8.0 must be able to generate audit records when unsuccessful attempts to retrieve privileges/permissions occur. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-002200 - The MySQL Database Server 8.0 must generate audit records when categories of information (e.g., classification levels/security levels) are accessed. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-002900 - The MySQL Database Server 8.0 must generate audit records when unsuccessful attempts to modify security objects occur. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-003400 - The MySQL Database Server 8.0 must generate audit records when security objects are deleted. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
