| AIX7-00-003088 - If Stream Control Transmission Protocol (SCTP) must be disabled on AIX. | DISA STIG AIX 7.x v2r9 | Unix | CONFIGURATION MANAGEMENT |
| AOSX-13-000975 - The macOS system must be configured to disable Remote Apple Events. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | CONFIGURATION MANAGEMENT |
| AOSX-14-002022 - The macOS system must be configured to disable Remote Apple Events. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | CONFIGURATION MANAGEMENT |
| AOSX-15-002022 - The macOS system must be configured to disable Remote Apple Events. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | CONFIGURATION MANAGEMENT |
| AS24-U2-000360 - The Apache web server must be configured to use a specified IP address and port. | DISA STIG Apache Server 2.4 Unix Site v2r4 Middleware | Unix | CONFIGURATION MANAGEMENT |
| AS24-W1-000360 - The Apache web server must be configured to use a specified IP address and port - IP or Port Only | DISA STIG Apache Server 2.4 Windows Server v3r1 | Windows | CONFIGURATION MANAGEMENT |
| AS24-W1-000360 - The Apache web server must be configured to use a specified IP address and port - Zero IPs Only | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | CONFIGURATION MANAGEMENT |
| AS24-W1-000360 - The Apache web server must be configured to use a specified IP address and port - Zero IPs Only | DISA STIG Apache Server 2.4 Windows Server v3r1 | Windows | CONFIGURATION MANAGEMENT |
| AS24-W2-000360 - The Apache web server must be configured to use a specified IP address and port - IP or Port Only | DISA STIG Apache Server 2.4 Windows Site v2r1 | Windows | CONFIGURATION MANAGEMENT |
| CISC-ND-000470 - The Cisco router must be configured to be configured to prohibit the use of all unnecessary and nonsecure functions and services. | DISA STIG Cisco IOS-XR Router NDM v3r1 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-ND-000470 - The Cisco router must be configured to prohibit the use of all unnecessary and nonsecure functions and services. | DISA STIG Cisco IOS XE Router NDM v3r1 | Cisco | CONFIGURATION MANAGEMENT |
| DB2X-00-003800 - DB2 must be configured to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments. | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Linux | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-002150 - Docker Enterprise privileged ports must not be mapped within containers. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| DKER-EE-006270 - Docker Enterprise Swarm services must be bound to a specific host interface. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| EP11-00-004100 - The EDB Postgres Advanced Server must be configured to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| IIST-SI-000219 - Each IIS 10.0 website must be assigned a default host header. | DISA IIS 10.0 Site v2r9 | Windows | CONFIGURATION MANAGEMENT |
| JBOS-AS-000255 - JBoss application and management ports must be approved by the PPSM CAL. | DISA RedHat JBoss EAP 6.3 STIG v2r4 | Unix | CONFIGURATION MANAGEMENT |
| JUNI-ND-000470 - The Juniper router must be configured to be configured to prohibit the use of all unnecessary and nonsecure functions and services. | DISA STIG Juniper Router NDM v3r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUSX-DM-000108 - The Juniper SRX Services Gateway must be configured to prohibit the use of unnecessary and/or nonsecure functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments. | DISA Juniper SRX Services Gateway NDM v3r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUSX-DM-000111 - If SNMP is enabled, the Juniper SRX Services Gateway must use and securely configure SNMPv3. | DISA Juniper SRX Services Gateway NDM v3r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUSX-DM-000112 - The Juniper SRX Services Gateway must ensure SSH is disabled for root user logon to prevent remote access using the root account. | DISA Juniper SRX Services Gateway NDM v3r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUSX-DM-000113 - The Juniper SRX Services Gateway must ensure access to start a UNIX-level shell is restricted to only the root account. | DISA Juniper SRX Services Gateway NDM v3r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUSX-DM-000115 - The Juniper SRX Services Gateway must be configured with only one local user account to be used as the account of last resort. | DISA Juniper SRX Services Gateway NDM v3r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUSX-DM-000167 - For nonlocal maintenance sessions, the Juniper SRX Services Gateway must explicitly deny the use of J-Web. | DISA Juniper SRX Services Gateway NDM v3r1 | Juniper | CONFIGURATION MANAGEMENT |
| JUSX-VN-000017 - The Juniper SRX Services Gateway VPN must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments. | DISA Juniper SRX Services Gateway VPN v3r1 | Juniper | CONFIGURATION MANAGEMENT |
| O121-C2-001700 - The DBMS must support the disabling of network protocols deemed by the organization to be nonsecure. | DISA STIG Oracle 12c v3r1 Windows | Windows | CONFIGURATION MANAGEMENT |
| OL6-00-000125 - The Stream Control Transmission Protocol (SCTP) must be disabled unless required. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000221 - The ypbind service must not be running - PROCESS_CHECK | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000249 - Mail relaying must be restricted. | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000261 - The Automatic Bug Reporting Tool (abrtd) service must not be running - PROCESS_CHECK | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000262 - The atd service must be disabled - CHKCONFIG | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000267 - The qpidd service must not be running - PROCESS_CHECK | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| OL6-00-000268 - The rdisc service must not be running - CHKCONFIG | DISA STIG Oracle Linux 6 v2r7 | Unix | CONFIGURATION MANAGEMENT |
| PANW-NM-000046 - The Palo Alto Networks security platform must be configured to prohibit the use of all unnecessary and/or nonsecure functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments. | DISA STIG Palo Alto NDM v3r1 | Palo_Alto | CONFIGURATION MANAGEMENT |
| PPS9-00-004100 - The EDB Postgres Advanced Server must be configured to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| RHEL-06-000125 - The Stream Control Transmission Protocol (SCTP) must be disabled unless required. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000261 - The Automatic Bug Reporting Tool (abrtd) service must not be running - 'PROCESS_CHECK'. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000266 - The oddjobd service must not be running - 'PROCESS_CHECK'. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-06-000289 - The netconsole service must be disabled unless required - 'CHKCONFIG'. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| SLES-15-010220 - The SUSE operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services as defined in the Ports, Protocols, and Services Management (PPSM) Category Assignments List (CAL) and vulnerability assessments. | DISA SLES 15 STIG v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| SQL6-D0-007600 - SQL Server must be configured to prohibit or restrict the use of organization-defined protocols as defined in the PPSM CAL and vulnerability assessments. | DISA STIG SQL Server 2016 Instance OS Audit v3r1 | Windows | CONFIGURATION MANAGEMENT |
| TCAT-AS-000590 - Applications in privileged mode must be approved by the ISSO. | DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware | Unix | CONFIGURATION MANAGEMENT |
| UBTU-18-010504 - The Ubuntu operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | CONFIGURATION MANAGEMENT |
| WBLC-01-000014 - Oracle WebLogic must support the capability to disable network protocols deemed by the organization to be non-secure except for explicitly identified components in support of specific operational requirements. | Oracle WebLogic Server 12c Linux v2r1 | Unix | CONFIGURATION MANAGEMENT |
| WBLC-01-000014 - Oracle WebLogic must support the capability to disable network protocols deemed by the organization to be non-secure except for explicitly identified components in support of specific operational requirements. | Oracle WebLogic Server 12c Windows v2r1 | Windows | CONFIGURATION MANAGEMENT |
| WBLC-03-000128 - Oracle WebLogic must prohibit or restrict the use of unauthorized functions, ports, protocols, and/or services. | Oracle WebLogic Server 12c Linux v2r1 | Unix | CONFIGURATION MANAGEMENT |
| WBLC-03-000128 - Oracle WebLogic must prohibit or restrict the use of unauthorized functions, ports, protocols, and/or services. | Oracle WebLogic Server 12c Windows v2r1 | Windows | CONFIGURATION MANAGEMENT |
| WN12-SV-000101 - The Microsoft FTP service must not be installed unless required. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-SV-000101 - The Microsoft FTP service must not be installed unless required. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN19-00-000360 - Windows Server 2019 must not have the Telnet Client installed. | DISA Windows Server 2019 STIG v3r1 | Windows | CONFIGURATION MANAGEMENT |
