| ADBP-XI-000290 - Adobe Acrobat Pro XI must be configured to block Flash Content. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | CONFIGURATION MANAGEMENT |
| AIOS-01-080002 - Apple iOS must lock the display after 15 minutes (or less) of inactivity. | AirWatch - DISA Apple iOS 10 v1r3 | MDM | ACCESS CONTROL |
| AIOS-01-100100 - Apple iOS must be configured to wipe all sensitive DoD data and PII data during a remote wipe command from the MDM server. | AirWatch - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-02-080014 - Apple iOS must not allow non-DoD applications to access DoD data. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-03-080102 - Apple iOS must implement the management setting: not allow Exchange messages to be forwarded or moved to other accounts. | AirWatch - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| APPL-12-000001 - The macOS system must be configured to prevent Apple Watch from terminating a session lock. | DISA STIG Apple macOS 12 v1r9 | Unix | ACCESS CONTROL |
| APPL-12-000002 - The macOS system must retain the session lock until the user reestablishes access using established identification and authentication procedures. | DISA STIG Apple macOS 12 v1r9 | Unix | ACCESS CONTROL |
| APPL-12-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked. | DISA STIG Apple macOS 12 v1r9 | Unix | ACCESS CONTROL |
| APPL-12-000031 - The macOS system must be configured so that log folders must not contain access control lists (ACLs). | DISA STIG Apple macOS 12 v1r9 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-12-000053 - The macOS system must be configured with the SSH daemon LoginGraceTime set to 30 or less. | DISA STIG Apple macOS 12 v1r9 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-12-001015 - The macOS system must be configured with audit log folders group-owned by wheel. | DISA STIG Apple macOS 12 v1r9 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-12-001016 - The macOS system must be configured with audit log files set to mode 440 or less permissive. | DISA STIG Apple macOS 12 v1r9 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-12-002001 - The macOS system must be configured to disable SMB File Sharing unless it is required. | DISA STIG Apple macOS 12 v1r9 | Unix | CONFIGURATION MANAGEMENT |
| APPL-12-002008 - The macOS system must be configured to disable Web Sharing. | DISA STIG Apple macOS 12 v1r9 | Unix | CONFIGURATION MANAGEMENT |
| APPL-12-002022 - The macOS system must be configured to disable Remote Apple Events. | DISA STIG Apple macOS 12 v1r9 | Unix | CONFIGURATION MANAGEMENT |
| APPL-12-002035 - The macOS system must be configured to disable the Cloud Setup services. | DISA STIG Apple macOS 12 v1r9 | Unix | CONFIGURATION MANAGEMENT |
| APPL-12-003012 - The macOS system must be configured to prevent displaying password hints. | DISA STIG Apple macOS 12 v1r9 | Unix | CONFIGURATION MANAGEMENT |
| CASA-FW-000050 - The Cisco ASA must be configured to generate traffic log entries containing information to establish when (date and time) the events occurred. | DISA STIG Cisco ASA FW v2r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CASA-FW-000100 - The Cisco ASA must be configured to use TCP when sending log records to the central audit server - Logging Host | DISA STIG Cisco ASA FW v2r1 | Cisco | CONFIGURATION MANAGEMENT |
| CASA-FW-000170 - The Cisco ASA perimeter firewall must be configured to filter traffic destined to the enclave in accordance with the specific traffic that is approved and registered in the Ports, Protocols, and Services Management (PPSM) Category Assurance List (CAL) and vulnerability assessments - Interface | DISA STIG Cisco ASA FW v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN000000-AIX0300 - The system must not have the bootp service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000000-AIX0310 - The /etc/ftpaccess.ctl file must exist. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000240 - The system clock must be synchronized to an authoritative DoD time source - 'NTP daemon is started at boot' | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN000580 - The system must require passwords to contain a minimum of 14 characters. | DISA STIG AIX 5.3 v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000585 - The system must enforce the entire password during authentication - 'Verify no password hashes in the /etc/security/passwd' | DISA STIG AIX 5.3 v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000595 - Password hashes must have been generated using a FIPS 140-2 hashing algorithm - 'Verify no password hashes in /etc/passwd' | DISA STIG AIX 5.3 v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000640 - The system must require that passwords contain at least one special character. | DISA STIG AIX 5.3 v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN005160 - Any X Windows host must write .Xauthority files. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN008020 - The LDAP TLS connection must require a certificate and this certificate has a valid path to a trusted CA - 'ldapsslkeyf exists' | DISA STIG AIX 5.3 v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN008050 - The /etc/ldap.conf file (or equivalent) must not contain passwords - 'bindpwd: is not unencrypted' | DISA STIG AIX 5.3 v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-22-213025 - Ubuntu 22.04 LTS must implement nonexecutable data to protect its memory from unauthorized code execution. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-22-232025 - Ubuntu 22.04 LTS must configure the '/var/log' directory to have mode '755' or less permissive. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-22-232080 - Ubuntu 22.04 LTS must configure the directories used by the system journal to be owned by 'root'. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-22-232135 - Ubuntu 22.04 LTS must configure the '/var/log/syslog' file to be group-owned by 'adm'. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-22-271015 - Ubuntu 22.04 LTS must display the Standard Mandatory DOD Notice and Consent Banner before granting local access to the system via a graphical user logon. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | ACCESS CONTROL |
| UBTU-22-412030 - Ubuntu 22.04 LTS must automatically exit interactive command shell user sessions after 15 minutes of inactivity. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | ACCESS CONTROL |
| UBTU-22-651025 - Ubuntu 22.04 LTS must be configured so that the script that runs each 30 days or less to check file integrity is the default. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-22-652010 - Ubuntu 22.04 LTS must be configured to preserve log records from failure events. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-22-653030 - Ubuntu 22.04 LTS must shut down by default upon audit failure. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654010 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the apparmor_parser command. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654015 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the chacl command. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654020 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the chage command. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654065 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the mount command. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654070 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the newgrp command. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654115 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the umount command. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654195 - Ubuntu 22.04 LTS must generate audit records for the /var/log/btmp file. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654200 - Ubuntu 22.04 LTS must generate audit records for the /var/log/wtmp file. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654215 - Ubuntu 22.04 LTS must generate audit records for the use and modification of the lastlog file. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654220 - Ubuntu 22.04 LTS must generate audit records when successful/unsuccessful attempts to modify the /etc/sudoers file occur. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654225 - Ubuntu 22.04 LTS must generate audit records when successful/unsuccessful attempts to modify the /etc/sudoers.d directory occur. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
