| AIX7-00-002140 - The AIX /etc/hosts file must be owned by root. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-002143 - AIX cron and crontab directories must have a mode of 0640 or less permissive. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-002145 - The AIX /etc/syslog.conf file must be group-owned by system. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AIX7-00-002147 - The AIX /var/spool/cron/atjobs directory must be owned by root or bin. | DISA STIG AIX 7.x v3r1 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-000002 - The macOS system must retain the session lock until the user reestablishes access using established identification and authentication procedures. | DISA STIG Apple macOS 11 v1r8 | Unix | ACCESS CONTROL |
| APPL-11-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked - minutesUntilFailedLoginReset | DISA STIG Apple macOS 11 v1r8 | Unix | ACCESS CONTROL |
| APPL-11-000023 - The macOS system must display the Standard Mandatory DoD Notice and Consent Banner before granting remote access to the operating system. | DISA STIG Apple macOS 11 v1r5 | Unix | ACCESS CONTROL |
| APPL-11-000031 - The macOS system must be configured so that log folders must not contain access control lists (ACLs). | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-000051 - The macOS system must be configured with the SSH daemon ClientAliveInterval option set to 900 or less. | DISA STIG Apple macOS 11 v1r8 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-11-000053 - The macOS system must be configured with the SSH daemon LoginGraceTime set to 30 or less. | DISA STIG Apple macOS 11 v1r8 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-11-001012 - The macOS system must be configured with audit log files owned by root. | DISA STIG Apple macOS 11 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001013 - The macOS system must be configured with audit log folders owned by root. | DISA STIG Apple macOS 11 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001029 - The macOS system must allocate audit record storage capacity to store at least one week's worth of audit records when audit records are not immediately sent to a central audit record storage facility. | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001044 - The macOS system must generate audit records for DoD-defined events such as successful/unsuccessful logon attempts, successful/unsuccessful direct access attempts, starting and ending time for user access, and concurrent logons to the same account from different sources. | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-002001 - The macOS system must be configured to disable SMB File Sharing unless it is required. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002004 - The macOS system must be configured to disable Location Services. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002004 - The macOS system must be configured to disable Location Services. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002005 - The macOS system must be configured to disable Bonjour multicast advertising. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002007 - The macOS system must be configured to disable Internet Sharing. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002007 - The macOS system must be configured to disable Internet Sharing. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002008 - The macOS system must be configured to disable Web Sharing. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002021 - The macOS system must be configured to disable sending diagnostic and usage data to Apple. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002037 - The macOS system must be configured to disable the Cloud Storage Setup services. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002066 - The macOS system must not allow an unattended or automatic logon to the system. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002068 - The macOS system must set permissions on user home directories to prevent users from having access to read or modify another user's files - Access Control List | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002068 - The macOS system must set permissions on user home directories to prevent users from having access to read or modify another user's files - User directory groups | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002068 - The macOS system must set permissions on user home directories to prevent users from having access to read or modify another user's files - User directory home permissions | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-003012 - The macOS system must be configured to prevent displaying password hints. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-003051 - The macOS system must be configured so that the su command requires smart card authentication. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-004002 - The macOS system must be configured with system log files set to mode 640 or less permissive - asl | DISA STIG Apple macOS 11 v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| APPL-11-004002 - The macOS system must be configured with system log files set to mode 640 or less permissive - asl | DISA STIG Apple macOS 11 v1r8 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Configuring an automatic logout for idle sessions - TMSH | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Configuring CIDR Network Addresses for the BIG-IP packet filter - enabled | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Mitigating risk from SSH brute force login attacks - Monitor login attempts | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| Modifying the list of ciphers and MAC and key exchange algorithms used by the SSH service on the BIG-IP system or BIG-IQ system | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| MYS8-00-001800 - The MySQL Database Server 8.0 must be able to generate audit records when privileges/permissions are retrieved. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-002400 - The MySQL Database Server 8.0 must generate audit records when privileges/permissions are added. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-002500 - The MySQL Database Server 8.0 must generate audit records when unsuccessful attempts to add privileges/permissions occur. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-003000 - The MySQL Database Server 8.0 must generate audit records when categories of information (e.g., classification levels/security levels) are modified. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-004000 - The MySQL Database Server 8.0 must generate audit records for all privileged activities or other system-level access. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-004300 - The MySQL Database Server 8.0 must generate audit records when concurrent logons/connections by the same user from different workstations. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-005500 - The MySQL Database Server 8.0 must be configured in accordance with the security configuration settings based on DoD security configuration and implementation guidance, including STIGs, NSA configuration guides, CTOs, DTMs, and IAVMs. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | CONFIGURATION MANAGEMENT |
| MYS8-00-005800 - Unused database components which are integrated in the MySQL Database Server 8.0 and cannot be uninstalled must be disabled. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | CONFIGURATION MANAGEMENT |
| MYS8-00-006500 - The MySQL Database Server 8.0 must isolate security functions from non-security functions. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MYS8-00-006600 - Database contents must be protected from unauthorized and unintended information transfer by enforcement of a data-transfer policy. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MYS8-00-006800 - Access to database files must be limited to relevant processes and to authorized, administrative users. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MYS8-00-008100 - The MySQL Database Server 8.0 must protect its audit configuration from unauthorized modification. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-008200 - The MySQL Database Server 8.0 must protect its audit features from unauthorized removal. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-009600 - The MySQL Database Server 8.0 must allocate audit record storage capacity in accordance with organization-defined audit record storage requirements. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | AUDIT AND ACCOUNTABILITY |
| MYS8-00-011500 - The MySQL Database Server 8.0 must use NSA-approved cryptography to protect classified information in accordance with the data owner's requirements. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
