| APPL-13-000004 - The macOS system must initiate a session lock after a 15-minute period of inactivity. | DISA STIG Apple macOS 13 v1r5 | Unix | ACCESS CONTROL |
| APPL-13-000052 - The macOS system must be configured with the SSH daemon ClientAliveCountMax option set to 1. | DISA STIG Apple macOS 13 v1r5 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| APPL-13-001012 - The macOS system must be configured with audit log files owned by root. | DISA STIG Apple macOS 13 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-13-001015 - The macOS system must be configured with audit log folders group-owned by wheel. | DISA STIG Apple macOS 13 v1r5 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-13-004022 - The macOS system must require users to reauthenticate for privilege escalation when using the "sudo" command. | DISA STIG Apple macOS 13 v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-13-005052 - The macOS system logon window must be configured to prompt for username and password. | DISA STIG Apple macOS 13 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| EX19-MB-000115 - Exchange mailboxes must be retained until backups are complete. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX19-MB-000116 - Exchange email forwarding must be restricted. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX19-MB-000229 - The Exchange email application must not share a partition with another application. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX19-MB-000230 - Exchange must not send delivery reports to remote domains. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX19-MB-000232 - The Exchange SMTP automated banner response must not reveal server details. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL07-00-010063 - The Oracle Linux operating system must disable the login screen user list for graphical user interfaces. | DISA Oracle Linux 7 STIG v3r2 | Unix | CONFIGURATION MANAGEMENT |
| OL07-00-010339 - The Oracle Linux operating system must specify the default 'include' directory for the /etc/sudoers file - include directory for the /etc/sudoers file. | DISA Oracle Linux 7 STIG v3r2 | Unix | CONFIGURATION MANAGEMENT |
| OL07-00-010483 - Oracle Linux operating systems version 7.2 or newer booted with a BIOS must have a unique name for the grub superusers account when booting into single-user and maintenance modes. | DISA Oracle Linux 7 STIG v3r2 | Unix | ACCESS CONTROL |
| OL07-00-020029 - The Oracle Linux operating system must use a file integrity tool to verify correct operation of all security functions. | DISA Oracle Linux 7 STIG v3r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| SHPT-00-000430 - SharePoint must protect audit information from unauthorized access to the usage and health logs. | DISA STIG SharePoint 2010 v1r9 | Windows | AUDIT AND ACCOUNTABILITY |
| UBTU-24-100120 - Ubuntu 24.04 LTS must be configured so that the script which runs each 30 days or less to check file integrity is the default one. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-24-300016 - Ubuntu 24.04 LTS must be configured so that when passwords are changed or new passwords are established, pwquality must be used. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-300021 - Ubuntu 24.04 LTS must require users to reauthenticate for privilege escalation or when changing roles. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-500050 - Ubuntu 24.04 LTS must use strong authenticators in establishing nonlocal maintenance and diagnostic sessions. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | MAINTENANCE |
| UBTU-24-700020 - Ubuntu 24.04 LTS must generate system journal entries without revealing information that could be exploited by adversaries. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-24-700140 - Ubuntu 24.04 LTS must configure /var/log/syslog file to be owned by syslog. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-24-900080 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the chfn command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900140 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the chown, fchown, fchownat, and lchown system calls. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900160 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate system calls. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900240 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the chacl command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900250 - Ubuntu 24.04 LTS must generate audit records for the use and modification of faillog file. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900260 - Ubuntu 24.04 LTS must generate audit records for the use and modification of the lastlog file. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900300 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the chage command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-900310 - Ubuntu 24.04 LTS must generate audit records for successful/unsuccessful uses of the usermod command. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-901270 - Ubuntu 24.04 LTS must have directories that contain system commands owned by root. | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VCPG-67-000018 - Data from the vPostgres database must be protected from unauthorized transfer. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-00-000010 - Windows Server 2022 users with Administrative privileges must have separate accounts for administrative duties and normal operational tasks. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000090 - Windows Server 2022 domain-joined systems must have a Trusted Platform Module (TPM) enabled and ready for use. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000100 - Windows Server 2022 must be maintained at a supported servicing level. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000230 - Windows Server 2022 nonsystem-created file shares must limit access to groups that require it. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-00-000360 - Windows Server 2022 must not have the Telnet Client installed. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000380 - Windows Server 2022 must not the Server Message Block (SMB) v1 protocol installed. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000390 - Windows Server 2022 must have the Server Message Block (SMB) v1 protocol disabled on the SMB server. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-AC-000020 - Windows Server 2022 must have the number of allowed bad logon attempts configured to three or less. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | ACCESS CONTROL |
| WN22-AU-000130 - Windows Server 2022 must be configured to audit Detailed Tracking - Plug and Play Events successes. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-AU-000230 - Windows Server 2022 must be configured to audit Object Access - Other Object Access Events failures. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-AU-000250 - Windows Server 2022 must be configured to audit Object Access - Removable Storage failures. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | AUDIT AND ACCOUNTABILITY |
| WN22-CC-000150 - Windows Server 2022 downloading print driver packages over HTTP must be turned off. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000160 - Windows Server 2022 printing over HTTP must be turned off. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000440 - Windows Server 2022 users must be notified if a web-based program attempts to install software. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000450 - Windows Server 2022 must disable automatically signing in the last interactive user after a system-initiated restart. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-DC-000330 - Windows Server 2022 domain controllers must be configured to allow reset of machine account passwords. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-MS-000020 - Windows Server 2022 local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain-joined member servers. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-MS-000050 - Windows Server 2022 must limit the caching of logon credentials to four or less on domain-joined member servers. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
