| 1.4.1 Ensure bootloader password is set - password efi grub | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 1.4.1 Ensure bootloader password is set - password efi user | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 1.4.1 Ensure bootloader password is set - superusers grub | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| EP11-00-000800 - The EDB Postgres Advanced Server must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | ACCESS CONTROL |
| EX13-CA-000020 - Exchange must have authenticated access set to Integrated Windows Authentication only. | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | ACCESS CONTROL |
| EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - BasicAuthEnabled | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | ACCESS CONTROL |
| EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - ExternalAuthenticationMethods | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | ACCESS CONTROL |
| EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - InternalAuthenticationMethods | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | ACCESS CONTROL |
| EX13-MB-000010 - Exchange Servers must use approved DoD certificates. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | ACCESS CONTROL |
| EX16-ED-000020 - Exchange servers must use approved DoD certificates. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5 | Windows | ACCESS CONTROL |
| JBOS-AS-000025 - Java permissions must be set for hosted applications. | DISA RedHat JBoss EAP 6.3 STIG v2r4 | Unix | ACCESS CONTROL |
| JBOS-AS-000030 - The Java Security Manager must be enabled for the JBoss application server. | DISA RedHat JBoss EAP 6.3 STIG v2r4 | Unix | ACCESS CONTROL |
| JBOS-AS-000040 - Users in JBoss Management Security Realms must be in the appropriate role. | DISA RedHat JBoss EAP 6.3 STIG v2r4 | Unix | ACCESS CONTROL |
| JUSX-DM-000025 - The Juniper SRX Services Gateway must enforce the assigned privilege level for each administrator and authorizations for access to all commands by assigning a login class to all AAA-authenticated users. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | ACCESS CONTROL |
| O112-C2-002700 - The DBMS must enforce approved authorizations for logical access to the system in accordance with applicable policy. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | ACCESS CONTROL |
| OL6-00-000069 - The system must require authentication upon booting into single-user and maintenance modes. | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000070 - The system must not permit interactive boot. | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL07-00-010481 - The Oracle Linux operating system must require authentication upon booting into single-user and maintenance modes. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL |
| OL07-00-010482 - Oracle Linux operating systems version 7.2 or newer with a Basic Input/Output System (BIOS) must require authentication upon booting into single-user and maintenance modes - BIOS must require authentication upon booting into single-user and maintenance modes. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL |
| OL07-00-010491 - Oracle Linux operating systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes - UEFI must require authentication upon booting into single-user and maintenance modes. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL |
| PPS9-00-000800 - The EDB Postgres Advanced Server must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | ACCESS CONTROL |
| RHEL-06-000069 - The system must require authentication upon booting into single-user and maintenance modes. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000070 - The system must not permit interactive boot. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-07-010481 - The Red Hat Enterprise Linux operating system must require authentication upon booting into single-user and maintenance modes. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL |
| SLES-12-010440 - SUSE operating systems with Unified Extensible Firmware Interface (UEFI) implemented must require authentication upon booting into single-user mode and maintenance. | DISA SLES 12 STIG v2r13 | Unix | ACCESS CONTROL |
| SQL4-00-002000 - SQL Server must enforce approved authorizations for logical access to information and database-level system resources in accordance with applicable access control policies. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | ACCESS CONTROL |
| SQL6-D0-000300 - SQL Server must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | DISA STIG SQL Server 2016 Database Audit v3r1 | MS_SQLDB | ACCESS CONTROL |
| SQL6-D0-016200 - The SQL Server default account [sa] must be disabled. | DISA STIG SQL Server 2016 Instance DB Audit v3r1 | MS_SQLDB | ACCESS CONTROL |
| TCAT-AS-000070 - Cookies must have secure flag set. | DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware | Unix | ACCESS CONTROL |
| TCAT-AS-000080 - Cookies must have http-only flag set. | DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware | Unix | ACCESS CONTROL |
| TCAT-AS-000100 - Connectors must be secured. | DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware | Unix | ACCESS CONTROL |
| TCAT-AS-000110 - The Java Security Manager must be enabled. | DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware | Unix | ACCESS CONTROL |
| WN10-UR-000025 - The Allow log on locally user right must only be assigned to the Administrators and Users groups. | DISA Windows 10 STIG v3r2 | Windows | ACCESS CONTROL |
| WN10-UR-000070 - The Deny access to this computer from the network user right on workstations must be configured to prevent access from highly privileged domain accounts and local accounts on domain systems and unauthenticated access on all systems. | DISA Windows 10 STIG v3r2 | Windows | ACCESS CONTROL |
| WN10-UR-000075 - The 'Deny log on as a batch job' user right on domain-joined workstations must be configured to prevent access from highly privileged domain accounts. | DISA Windows 10 STIG v3r2 | Windows | ACCESS CONTROL |
| WN10-UR-000085 - The Deny log on locally user right on workstations must be configured to prevent access from highly privileged domain accounts on domain systems and unauthenticated access on all systems. | DISA Windows 10 STIG v3r2 | Windows | ACCESS CONTROL |
| WN12-UR-000002-MS - The Access this computer from the network user right must only be assigned to the Administrators and Authenticated Users groups on member servers. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-UR-000005 - The Allow log on locally user right must only be assigned to the Administrators group. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-UR-000018-DC - The Deny log on as a batch job user right on domain controllers must be configured to prevent unauthenticated access. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL |
| WN12-UR-000020-DC - The Deny log on locally user right on domain controllers must be configured to prevent unauthenticated access. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | ACCESS CONTROL |
| WN16-DC-000340 - The Access this computer from the network user right must only be assigned to the Administrators, Authenticated Users, and Enterprise Domain Controllers groups on domain controllers. | DISA Windows Server 2016 STIG v2r9 | Windows | ACCESS CONTROL |
| WN16-DC-000380 - The Deny log on as a batch job user right on domain controllers must be configured to prevent unauthenticated access. | DISA Windows Server 2016 STIG v2r9 | Windows | ACCESS CONTROL |
| WN16-DC-000390 - The Deny log on as a service user right must be configured to include no accounts or groups (blank) on domain controllers. | DISA Windows Server 2016 STIG v2r9 | Windows | ACCESS CONTROL |
| WN16-MS-000340 - The 'Access this computer from the network' user right must only be assigned to the Administrators and Authenticated Users groups on member servers - Access this computer from the network user right must only be assigned to the Administrators and Authenticated Users groups on member servers. | DISA Windows Server 2016 STIG v2r9 | Windows | ACCESS CONTROL |
| WN16-MS-000370 - The 'Deny access to this computer from the network' user right on member servers must be configured to prevent access from highly privileged domain accounts and local accounts on domain systems and from unauthenticated access on all systems - Deny access to this computer from the network user right on member servers must be configured to prevent access from highly privileged domain accounts and local accounts on domain systems and from unauthenticated access on all systems. | DISA Windows Server 2016 STIG v2r9 | Windows | ACCESS CONTROL |
| WN16-MS-000380 - The 'Deny log on as a batch job' user right on member servers must be configured to prevent access from highly privileged domain accounts on domain systems and from unauthenticated access on all systems - Deny log on as a batch job user right on member servers must be configured to prevent access from highly privileged domain accounts on domain systems and from unauthenticated access on all systems. | DISA Windows Server 2016 STIG v2r9 | Windows | ACCESS CONTROL |
| WN16-MS-000390 - The 'Deny log on as a service' user right on member servers must be configured to prevent access from highly privileged domain accounts on domain systems. No other groups or accounts must be assigned this right - Deny log on as a service user right on member servers must be configured to prevent access from highly privileged domain accounts on domain systems. No other groups or accounts must be assigned this right. | DISA Windows Server 2016 STIG v2r9 | Windows | ACCESS CONTROL |
| WN16-MS-000400 - The 'Deny log on locally' user right on member servers must be configured to prevent access from highly privileged domain accounts on domain systems and from unauthenticated access on all systems - Deny log on locally user right on member servers must be configured to prevent access from highly privileged domain accounts on domain systems and from unauthenticated access on all systems. | DISA Windows Server 2016 STIG v2r9 | Windows | ACCESS CONTROL |
| WN16-UR-000050 - The Allow log on locally user right must only be assigned to the Administrators group. | DISA Windows Server 2016 STIG v2r9 | Windows | ACCESS CONTROL |
| WN19-DC-000340 - Windows Server 2019 Access this computer from the network user right must only be assigned to the Administrators, Authenticated Users, and Enterprise Domain Controllers groups on domain controllers. | DISA Windows Server 2019 STIG v3r2 | Windows | ACCESS CONTROL |
