| AIOS-15-003400 - Apple iOS/iPadOS 15 must not allow backup to remote systems (My Photo Stream). | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-15-003700 - Apple iOS/iPadOS 15 must not allow backup to remote systems (enterprise books). | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-15-006700 - Apple iOS/iPadOS 15 must be configured to enable a screen-lock policy that will lock the display after a period of inactivity. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | ACCESS CONTROL |
| AIOS-15-010700 - Apple iOS/iPadOS 15 must implement the management setting: Encrypt iTunes backups/Encrypt local backup. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-012000 - A managed photo app must be used to take and store work-related photos. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-012600 - Apple iOS/iPadOS 15 must implement the management setting: disable paired Apple Watch. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-013500 - Apple iOS must implement the management setting: not allow a user to remove Apple iOS configuration profiles that enforce DoD security requirements. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-014400 - Apple iOS/iPadOS 15 must disable connections to Siri servers for the purpose of dictation. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-006600 - Apple iOS/iPadOS 16 must be configured to not allow passwords that include more than four repeating or sequential characters. | AirWatch - DISA Apple iOS/iPadOS 16 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-007200 - Apple iOS/iPadOS 16 must not include applications with the following characteristics: access to Siri when the device is locked. | MobileIron - DISA Apple iOS/iPadOS 16 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-010200 - Apple iOS/iPadOS 16 must be configured to disable ad hoc wireless client-to-client connection capability. | MobileIron - DISA Apple iOS/iPadOS 16 v2r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-16-011100 - Apple iOS/iPadOS 16 must implement the management setting: Disable Allow Shared Albums. | MobileIron - DISA Apple iOS/iPadOS 16 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-706800 - Apple iOS/iPadOS 16 must be configured to lock the display after 15 minutes (or less) of inactivity - or less of inactivity. | AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r1 | MDM | ACCESS CONTROL |
| AIOS-16-706900 - Apple iOS/iPadOS 16 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r1 | MDM | ACCESS CONTROL |
| AIOS-17-011300 - Apple iOS/iPadOS 17 must implement the management setting: use SSL for Exchange ActiveSync. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| AIOS-17-011700 - Apple iOS/iPadOS 17 must implement the management setting: not share location data through iCloud. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | ACCESS CONTROL |
| AIOS-17-706700 - Apple iOS/iPadOS 17 must be configured to enable a screen-lock policy that will lock the display after a period of inactivity. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | ACCESS CONTROL |
| AIOS-17-706700 - Apple iOS/iPadOS 17 must be configured to enable a screen-lock policy that will lock the display after a period of inactivity. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1 | MDM | ACCESS CONTROL |
| AIOS-17-706800 - Apple iOS/iPadOS 17 must be configured to lock the display after 15 minutes (or less) of inactivity - or less of inactivity. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | ACCESS CONTROL |
| AIOS-17-706900 - Apple iOS/iPadOS 17 must be configured to not allow more than 10 consecutive failed authentication attempts. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | ACCESS CONTROL |
| AIOS-17-707000 - Apple iOS/iPadOS 17 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DOD-approved commercial app repository, MDM server, mobile application store]. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-711300 - Apple iOS/iPadOS 17 must implement the management setting: use SSL for Exchange ActiveSync. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| AIOS-17-711300 - Apple iOS/iPadOS 17 must implement the management setting: use SSL for Exchange ActiveSync. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| AIOS-17-714700 - Apple iOS/iPadOS 17 must have DOD root and intermediate PKI certificates installed. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | CONFIGURATION MANAGEMENT |
| APPL-11-000001 - The macOS system must be configured to prevent Apple Watch from terminating a session lock. | DISA STIG Apple macOS 11 v1r8 | Unix | ACCESS CONTROL |
| APPL-11-000022 - The macOS system must enforce the limit of three consecutive invalid logon attempts by a user before the user account is locked - maxFailedAttempts | DISA STIG Apple macOS 11 v1r5 | Unix | ACCESS CONTROL |
| APPL-11-000052 - The macOS system must be configured with the SSH daemon ClientAliveCountMax option set to 0. | DISA STIG Apple macOS 11 v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-11-000052 - The macOS system must be configured with the SSH daemon ClientAliveCountMax option set to 0. | DISA STIG Apple macOS 11 v1r8 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-11-001014 - The macOS system must be configured with audit log files group-owned by wheel. | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001015 - The macOS system must be configured with audit log folders group-owned by wheel. | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-001016 - The macOS system must be configured with audit log files set to mode 440 or less permissive. | DISA STIG Apple macOS 11 v1r8 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-11-002001 - The macOS system must be configured to disable SMB File Sharing unless it is required. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002003 - The macOS system must be configured to disable the Network File System (NFS) daemon unless it is required. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002008 - The macOS system must be configured to disable Web Sharing. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002036 - The macOS system must be configured to disable the Privacy Setup services. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002050 - The macOS system must disable the Screen Sharing feature. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002050 - The macOS system must disable the Screen Sharing feature. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002068 - The macOS system must set permissions on user home directories to prevent users from having access to read or modify another user's files - User directory groups | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002068 - The macOS system must set permissions on user home directories to prevent users from having access to read or modify another user's files - User directory permissions | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002068 - The macOS system must set permissions on user home directories to prevent users from having access to read or modify another user's files - User subdirectory Access Control Lists | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002068 - The macOS system must set permissions on user home directories to prevent users from having access to read or modify another user's files - User subdirectory permissions | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002068 - The macOS system must set permissions on user home directories to prevent users from having access to read or modify another user's files - User subdirectory Public Access Control Lists | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002068 - The macOS system must set permissions on user home directories to prevent users from having access to read or modify another user's files - User subdirectory Public permissions | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002069 - The macOS system must authenticate peripherals before establishing a connection. | DISA STIG Apple macOS 11 v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-11-003012 - The macOS system must be configured to prevent displaying password hints. | DISA STIG Apple macOS 11 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-003051 - The macOS system must be configured so that the su command requires smart card authentication. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-004001 - The macOS system must be configured with system log files owned by root and group-owned by wheel or admin - asl | DISA STIG Apple macOS 11 v1r8 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| APPL-11-004002 - The macOS system must be configured with system log files set to mode 640 or less permissive - newsyslog | DISA STIG Apple macOS 11 v1r5 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OL07-00-010339 - The Oracle Linux operating system must specify the default 'include' directory for the /etc/sudoers file. | DISA Oracle Linux 7 STIG v2r14 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-010090 - The Red Hat Enterprise Linux operating system must have the screen package installed. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
