| 3.8 Configure MachineKey Validation Method - .Net 3.5 - Applications | CIS IIS 7 L1 v1.8.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.10 Ensure global .NET trust level is configured | CIS IIS 8.0 v1.5.1 Level 1 | Windows | ACCESS CONTROL |
| 3.10 Ensure global .NET trust level is configured - Applications | CIS IIS 7 L1 v1.8.0 | Windows | ACCESS CONTROL |
| 3.10 Ensure global .NET trust level is configured - Default | CIS IIS 7 L1 v1.8.0 | Windows | ACCESS CONTROL |
| 7.7 (L1) Ensure Virtual Distributed Switch Netflow traffic is sent to an authorized collector | CIS VMware ESXi 7.0 v1.5.0 L1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| AADC-CL-000205 - Adobe Acrobat Pro DC Classic Enhanced Security for standalone mode must be enabled. | DISA STIG Adobe Acrobat Pro DC Classic Track v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AADC-CL-000210 - Adobe Acrobat Pro DC Classic Enhanced Security for browser mode must be enabled. | DISA STIG Adobe Acrobat Pro DC Classic Track v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| AOSX-14-003020 - The macOS system must use multifactor authentication for local and network access to privileged and non-privileged accounts - ChallengeResponseAuthentication | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AOSX-14-003020 - The macOS system must use multifactor authentication for local and network access to privileged and non-privileged accounts - enforceSmartCard | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AOSX-14-003024 - The macOS system must use multifactor authentication in the establishment of nonlocal maintenance and diagnostic sessions - ChallengeResponseAuthentication | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | MAINTENANCE |
| AOSX-14-003024 - The macOS system must use multifactor authentication in the establishment of nonlocal maintenance and diagnostic sessions - PasswordAuthentication | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | MAINTENANCE |
| AOSX-15-003020 - The macOS system must use multifactor authentication for local and network access to privileged and non-privileged accounts, the establishment of nonlocal maintenance and diagnostic sessions, and authentication for remote access to privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access - ChallengeResponseAuthentication | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| AOSX-15-003020 - The macOS system must use multifactor authentication for local and network access to privileged and non-privileged accounts, the establishment of nonlocal maintenance and diagnostic sessions, and authentication for remote access to privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access - enforceSmartCard | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| ARST-RT-000370 - The Arista perimeter router must be configured to filter ingress traffic at the external interface on an inbound direction. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000370 - The Arista perimeter router must be configured to filter ingress traffic at the external interface on an inbound direction. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000380 - The Arista perimeter router must be configured to filter egress traffic at the internal interface on an inbound direction. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000380 - The Arista perimeter router must be configured to filter egress traffic at the internal interface on an inbound direction. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| EP11-00-002300 - The EDB Postgres Advanced Server must by default shut down upon audit failure, to include the unavailability of space for more audit log records; or must be configurable to shut down upon audit failure. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| ESXI-80-000220 - The ESXi host must restrict the use of Virtual Guest Tagging (VGT) on standard switches. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | CONFIGURATION MANAGEMENT |
| GOOG-12-006100 - Google Android 12 must be configured to not allow passwords that include more than two repeating or sequential characters - Alphanumeric | MobileIron - DISA Google Android 12 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-006100 - Google Android 12 must be configured to not allow passwords that include more than two repeating or sequential characters - Alphanumeric | MobileIron - DISA Google Android 12 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-006100 - Google Android 12 must be configured to not allow passwords that include more than two repeating or sequential characters - Characters | AirWatch - DISA Google Android 12 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-006100 - Google Android 12 must be configured to not allow passwords that include more than two repeating or sequential characters - Characters | AirWatch - DISA Google Android 12 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-006100 - Google Android 12 must be configured to not allow passwords that include more than two repeating or sequential characters - Complex Characters | MobileIron - DISA Google Android 12 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-006100 - Google Android 12 must be configured to not allow passwords that include more than two repeating or sequential characters - Numbers | AirWatch - DISA Google Android 12 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-12-006100 - Google Android 12 must be configured to not allow passwords that include more than two repeating or sequential characters - Numbers | AirWatch - DISA Google Android 12 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-006100 - Google Android 13 must be configured to not allow passwords that include more than four repeating or sequential characters - Alphanumeric | MobileIron - DISA Google Android 13 COBO v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-006100 - Google Android 13 must be configured to not allow passwords that include more than four repeating or sequential characters - Alphanumeric | MobileIron - DISA Google Android 13 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-006100 - Google Android 13 must be configured to not allow passwords that include more than four repeating or sequential characters - Characters | AirWatch - DISA Google Android 13 COBO v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-006100 - Google Android 13 must be configured to not allow passwords that include more than four repeating or sequential characters - Complex Characters | MobileIron - DISA Google Android 13 COBO v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-13-006100 - Google Android 13 must be configured to not allow passwords that include more than four repeating or sequential characters - Complex Characters | MobileIron - DISA Google Android 13 COPE v2r2 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-14-006100 - Google Android 14 must be configured to not allow passwords that include more than four repeating or sequential characters - Alphanumeric | MobileIron - DISA Google Android 14 COPE v2r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-14-006100 - Google Android 14 must be configured to not allow passwords that include more than four repeating or sequential characters - Characters | AirWatch - DISA Google Android 14 COPE v2r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-14-006100 - Google Android 14 must be configured to not allow passwords that include more than four repeating or sequential characters - Complex Characters | MobileIron - DISA Google Android 14 COPE v2r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-14-006100 - Google Android 14 must be configured to not allow passwords that include more than four repeating or sequential characters - Numbers | AirWatch - DISA Google Android 14 COBO v2r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-15-006100 - Google Android 15 must be configured to not allow passwords that include more than four repeating or sequential characters - Alphanumeric | MobileIron - DISA Google Android 15 COBO v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-15-006100 - Google Android 15 must be configured to not allow passwords that include more than four repeating or sequential characters - Alphanumeric | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-15-006100 - Google Android 15 must be configured to not allow passwords that include more than four repeating or sequential characters - Complex Characters | MobileIron - DISA Google Android 15 COPE v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| GOOG-15-006100 - Google Android 15 must be configured to not allow passwords that include more than four repeating or sequential characters - Numbers | AirWatch - DISA Google Android 15 COBO v1r2 | MDM | IDENTIFICATION AND AUTHENTICATION |
| HONW-13-006100 - Honeywell Android 13 must be configured to not allow passwords that include more than four repeating or sequential characters - Numbers | AirWatch - DISA Honeywell Android 13 COPE v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| JUEX-RT-000420 - The Juniper perimeter router must be configured to filter egress traffic at the internal interface on an inbound direction. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000490 - The Juniper router must be configured to only permit management traffic that ingresses and egresses the OOBM interface. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000750 - The Juniper perimeter router must be configured to have Link Layer Discovery Protocols (LLDPs) disabled on all external interfaces. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000330 - The Juniper perimeter router must be configured to filter ingress traffic at the external interface on an inbound direction. | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000340 - The Juniper perimeter router must be configured to filter egress traffic at the internal interface on an inbound direction. | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUNI-RT-000382 - The Juniper perimeter router must be configured drop IPv6 packets with a Routing Header type 0, 1, or 3255. | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUSX-IP-000017 - The Juniper Networks SRX Series Gateway IDPS must protect against or limit the effects of known and unknown types of Denial of Service (DoS) attacks by employing rate-based attack prevention behavior analysis. | DISA Juniper SRX Services Gateway IDPS v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL07-00-010339 - The Oracle Linux operating system must specify the default 'include' directory for the /etc/sudoers file - include directory for the /etc/sudoers file. | DISA Oracle Linux 7 STIG v3r3 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010379 - OL 8 must specify the default "include" directory for the /etc/sudoers file. | DISA Oracle Linux 8 STIG v2r5 | Unix | CONFIGURATION MANAGEMENT |
| OL09-00-002393 - OL 9 must disable virtual system calls. | DISA Oracle Linux 9 STIG v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
