| ADBP-XI-000290 - Adobe Acrobat Pro XI must be configured to block Flash Content. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | CONFIGURATION MANAGEMENT |
| AIOS-01-080002 - Apple iOS must lock the display after 15 minutes (or less) of inactivity. | AirWatch - DISA Apple iOS 10 v1r3 | MDM | ACCESS CONTROL |
| AIOS-01-100100 - Apple iOS must be configured to wipe all sensitive DoD data and PII data during a remote wipe command from the MDM server. | AirWatch - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-02-080014 - Apple iOS must not allow non-DoD applications to access DoD data. | MobileIron - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-03-080102 - Apple iOS must implement the management setting: not allow Exchange messages to be forwarded or moved to other accounts. | AirWatch - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-14-000200 - The mobile operating system must be configured to not allow passwords that include more than two repeating or sequential characters. | AirWatch - DISA Apple iOS/iPadOS 14 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-14-000300 - The mobile operating system must be configured to enable a screen-lock policy that will lock the display after a period of inactivity. | AirWatch - DISA Apple iOS/iPadOS 14 v1r3 | MDM | ACCESS CONTROL |
| AIOS-14-000400 - The mobile operating system must be configured to not allow more than ten consecutive failed authentication attempts. | MobileIron - DISA Apple iOS/iPadOS 14 v1r3 | MDM | ACCESS CONTROL |
| AIOS-15-003000 - Apple iOS/iPadOS 15 must not allow backup to remote systems (iCloud). | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-15-003300 - Apple iOS/iPadOS 15 must not allow backup to remote systems (iCloud Keychain). | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-15-003400 - Apple iOS/iPadOS 15 must not allow backup to remote systems (My Photo Stream). | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-15-003700 - Apple iOS/iPadOS 15 must not allow backup to remote systems (enterprise books). | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-15-006700 - Apple iOS/iPadOS 15 must be configured to enable a screen-lock policy that will lock the display after a period of inactivity. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | ACCESS CONTROL |
| AIOS-15-006900 - Apple iOS/iPadOS 15 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | ACCESS CONTROL |
| AIOS-15-009200 - Apple iOS/iPadOS 15 must be configured to not allow backup of [all applications, configuration data] to locally connected systems. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-15-010700 - Apple iOS/iPadOS 15 must implement the management setting: Encrypt iTunes backups/Encrypt local backup. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-011900 - Apple iOS/iPadOS 15 users must complete required training. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-012000 - A managed photo app must be used to take and store work-related photos. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-012000 - A managed photo app must be used to take and store work-related photos. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-012600 - Apple iOS/iPadOS 15 must implement the management setting: disable paired Apple Watch. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-012600 - Apple iOS/iPadOS 15 must implement the management setting: disable paired Apple Watch. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-013200 - The Apple iOS/iPadOS 15 must be supervised by the MDM. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-013500 - Apple iOS must implement the management setting: not allow a user to remove Apple iOS configuration profiles that enforce DoD security requirements. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-014400 - Apple iOS/iPadOS 15 must disable connections to Siri servers for the purpose of dictation. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-014600 - Apple iOS/iPadOS 15 must disable copy/paste of data from managed to unmanaged applications. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-006600 - Apple iOS/iPadOS 16 must be configured to not allow passwords that include more than four repeating or sequential characters. | AirWatch - DISA Apple iOS/iPadOS 16 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-007200 - Apple iOS/iPadOS 16 must not include applications with the following characteristics: access to Siri when the device is locked. | MobileIron - DISA Apple iOS/iPadOS 16 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-010200 - Apple iOS/iPadOS 16 must be configured to disable ad hoc wireless client-to-client connection capability. | MobileIron - DISA Apple iOS/iPadOS 16 v2r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-16-011100 - Apple iOS/iPadOS 16 must implement the management setting: Disable Allow Shared Albums. | MobileIron - DISA Apple iOS/iPadOS 16 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-706800 - Apple iOS/iPadOS 16 must be configured to lock the display after 15 minutes (or less) of inactivity - or less of inactivity. | AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r1 | MDM | ACCESS CONTROL |
| AIOS-16-706900 - Apple iOS/iPadOS 16 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r1 | MDM | ACCESS CONTROL |
| AIOS-17-011300 - Apple iOS/iPadOS 17 must implement the management setting: use SSL for Exchange ActiveSync. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| AIOS-17-706700 - Apple iOS/iPadOS 17 must be configured to enable a screen-lock policy that will lock the display after a period of inactivity. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | ACCESS CONTROL |
| AIOS-17-706700 - Apple iOS/iPadOS 17 must be configured to enable a screen-lock policy that will lock the display after a period of inactivity. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1 | MDM | ACCESS CONTROL |
| AIOS-17-706800 - Apple iOS/iPadOS 17 must be configured to lock the display after 15 minutes (or less) of inactivity - or less of inactivity. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | ACCESS CONTROL |
| AIOS-17-706900 - Apple iOS/iPadOS 17 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | ACCESS CONTROL |
| AIOS-17-707000 - Apple iOS/iPadOS 17 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DOD-approved commercial app repository, MDM server, mobile application store]. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-711300 - Apple iOS/iPadOS 17 must implement the management setting: use SSL for Exchange ActiveSync. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| AIOS-17-711300 - Apple iOS/iPadOS 17 must implement the management setting: use SSL for Exchange ActiveSync. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| AIOS-17-714700 - Apple iOS/iPadOS 17 must have DOD root and intermediate PKI certificates installed. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | CONFIGURATION MANAGEMENT |
| APPL-15-005160 - The macOS system must disable Apple Intelligence Writing Tools. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| ARST-L2-000060 - The Arista MLS layer 2 switch must have BPDU Guard enabled on all switch ports connecting to access layer switches and hosts. | DISA STIG Arista MLS EOS 4.2x L2S v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-L2-000220 - The Arista MLS layer 2 switch must have the native VLAN assigned to an ID other than the default VLAN for all 802.1q trunk links. | DISA STIG Arista MLS EOS 4.2x L2S v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000020 - The Arista BGP router must be configured to reject inbound route advertisements for any Bogon prefixes. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| ARST-RT-000370 - The Arista perimeter router must be configured to filter ingress traffic at the external interface on an inbound direction. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000480 - The PE router providing MPLS Layer 2 Virtual Private Network (L2VPN) services must be configured to authenticate targeted Label Distribution Protocol (LDP) sessions used to exchange virtual circuit (VC) information using a FIPS-approved message authentication code algorithm. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | IDENTIFICATION AND AUTHENTICATION |
| ARST-RT-000510 - The Arista router must be configured to have gratuitous ARP disabled on all external interfaces. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000540 - The Arista router must be configured to have Internet Control Message Protocol (ICMP) mask replies disabled on all external interfaces. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000590 - The Arista multicast Designated Router (DR) must be configured to increase the shortest-path tree (SPT) threshold or set it to infinity to minimalize source-group (S, G) state within the multicast topology where Any Source Multicast (ASM) is deployed. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000750 - The PE router must be configured to have each VRF with the appropriate Route Distinguisher (RD). | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | CONTINGENCY PLANNING |
