| 1.6.2 Configure a Time Zone | CIS Cisco NX-OS v1.2.0 L1 | Cisco | AUDIT AND ACCOUNTABILITY |
| 2.2.39 Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (STIG MS only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.2.43 Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (STIG MS only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.2.44 Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (STIG MS only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG MS | Windows | ACCESS CONTROL |
| 2.3.14.2 Ensure 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.3.14.2 Ensure 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing' is set to 'Enabled' (STIG only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.5.1.7 Ensure password expiration is 60 Day maximum for new users | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 5.5.1.8 Ensure password expiration is 60 Day maximum for existing passwords | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | IDENTIFICATION AND AUTHENTICATION |
| 7.7 Ensure Virtual Disributed Switch Netflow traffic is sent to an authorized collector | CIS VMware ESXi 6.7 v1.3.0 Level 1 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| 20.4 Ensure 'Active Directory Domain Controllers Organizational Unit (OU) object is configured with proper audit settings' (STIG DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 20.4 Ensure 'Active Directory Domain Controllers Organizational Unit (OU) object is configured with proper audit settings' (STIG DC only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 20.4 Ensure 'Active Directory Domain Controllers Organizational Unit (OU) object is configured with proper audit settings' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | AUDIT AND ACCOUNTABILITY |
| 20.41 Ensure 'Only administrators responsible for the Domain Controller to have Administrator rights on the system' (STIG DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 STIG DC | Windows | ACCESS CONTROL |
| 20.41 Ensure 'Only administrators responsible for the Domain Controller to have Administrator rights on the system' (STIG DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| 20.41 Ensure 'Only administrators responsible for the Domain Controller to have Administrator rights on the system' (STIG DC only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 STIG DC | Windows | ACCESS CONTROL |
| AMLS-NM-000220 - The Arista Multilayer Switch must use multifactor authentication for local access to privileged accounts. | DISA STIG Arista MLS DCS-7000 Series NDM v1r4 | Arista | IDENTIFICATION AND AUTHENTICATION |
| APPL-15-001002 - The macOS system must be configured to audit all login and logout events. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, MAINTENANCE |
| GOOG-11-000200 - Google Android 11 must be configured to not allow passwords that include more than two repeating or sequential characters - Characters | AirWatch - DISA Google Android 11 COPE v2r1 | MDM | CONFIGURATION MANAGEMENT |
| GOOG-11-000200 - Google Android 11 must be configured to not allow passwords that include more than two repeating or sequential characters - Numbers | AirWatch - DISA Google Android 11 COBO v2r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-09-000200 - The Honeywell Mobility Edge Android Pie device must be configured to not allow passwords that include more than two repeating or sequential characters - Minimum complex characters | MobileIron - DISA Honeywell Android 9.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| HONW-09-000200 - The Honeywell Mobility Edge Android Pie device must be configured to not allow passwords that include more than two repeating or sequential characters - Type | MobileIron - DISA Honeywell Android 9.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| JUNI-RT-000270 - The Juniper perimeter router must be configured to block inbound packets with source Bogon IP address prefixes - filter | DISA STIG Juniper Router RTR v3r2 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| MSFT-11-000200 - Microsoft Android 11 must be configured to not allow passwords that include more than two repeating or sequential characters - Characters | AirWatch - DISA Microsoft Android 11 COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MSFT-11-000200 - Microsoft Android 11 must be configured to not allow passwords that include more than two repeating or sequential characters - Minimum complex characters | MobileIron - DISA Microsoft Android 11 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| OL08-00-010422 - OL 8 must disable virtual syscalls. | DISA Oracle Linux 8 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-431025 - RHEL 9 must have policycoreutils package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r4 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCFL-67-000027 - Rsyslog must be configured to monitor and ship vSphere Client log files - runtime | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| VCSA-80-000302 - The vCenter Server must reset port configuration when virtual machines are disconnected. | DISA VMware vSphere 8.0 vCenter STIG v2r2 | VMware | CONFIGURATION MANAGEMENT |
| VCST-67-000027 - Rsyslog must be configured to monitor and ship Security Token Service log files - vmidentity | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| WBLC-05-000150 - Oracle WebLogic must uniquely identify and authenticate users (or processes acting on behalf of users). | Oracle WebLogic Server 12c Linux v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000150 - Oracle WebLogic must uniquely identify and authenticate users (or processes acting on behalf of users). | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000168 - Oracle WebLogic must encrypt passwords during transmission. | Oracle WebLogic Server 12c Windows v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000174 - Oracle WebLogic must map the PKI-based authentication identity to the user account. | Oracle WebLogic Server 12c Windows v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000174 - Oracle WebLogic must map the PKI-based authentication identity to the user account. | Oracle WebLogic Server 12c Linux v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000174 - Oracle WebLogic must map the PKI-based authentication identity to the user account. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WN10-00-000170 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN10-CC-000035 - The system must be configured to ignore NetBIOS name release requests except from WINS servers. | DISA Microsoft Windows 10 STIG v3r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-00-000170 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client. | DISA Microsoft Windows 11 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT |
| WN11-UR-000085 - The 'Deny log on locally' user right on workstations must be configured to prevent access from highly privileged domain accounts on domain systems and unauthenticated access on all systems. | DISA Microsoft Windows 11 STIG v2r3 | Windows | ACCESS CONTROL |
| WN16-00-000412 - The Server Message Block (SMB) v1 protocol must be disabled on the SMB client. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | CONFIGURATION MANAGEMENT |
| WN16-CC-000040 - Internet Protocol version 6 (IPv6) source routing must be configured to the highest protection level to prevent IP source routing. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | CONFIGURATION MANAGEMENT |
| WN19-00-000400 - Windows Server 2019 must have the Server Message Block (SMB) v1 protocol disabled on the SMB client. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN19-CC-000030 - Windows Server 2019 Internet Protocol version 6 (IPv6) source routing must be configured to the highest protection level to prevent IP source routing. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN19-CC-000040 - Windows Server 2019 source routing must be configured to the highest protection level to prevent Internet Protocol (IP) source routing. | DISA Microsoft Windows Server 2019 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000400 - Windows Server 2022 must have the Server Message Block (SMB) v1 protocol disabled on the SMB client. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000030 - Windows Server 2022 Internet Protocol version 6 (IPv6) source routing must be configured to the highest protection level to prevent IP source routing. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000040 - Windows Server 2022 source routing must be configured to the highest protection level to prevent Internet Protocol (IP) source routing. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN22-CC-000060 - Windows Server 2022 must be configured to ignore NetBIOS name release requests except from WINS servers. | DISA Microsoft Windows Server 2022 STIG v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ZEBR-10-000200 - Zebra Android 10 must be configured to not allow passwords that include more than two repeating or sequential characters - Numbers | AirWatch - DISA Zebra Android 10 COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| ZEBR-11-000200 - Zebra Android 11 must be configured to not allow passwords that include more than four repeating or sequential characters. | AirWatch - DISA Zebra Android 11 COBO v1r3 | MDM | CONFIGURATION MANAGEMENT |
