| ARST-ND-000820 - The network device must be configured to conduct backups of system level information contained in the information system when changes occur. | DISA STIG Arista MLS EOS 4.x NDM v2r2 | Arista | CONTINGENCY PLANNING |
| ARST-RT-000030 - The Arista BGP router must be configured to reject inbound route advertisements for any prefixes belonging to the local autonomous system (AS). | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | ACCESS CONTROL |
| ARST-RT-000110 - The Arista perimeter router must be configured to enforce approved authorizations for controlling the flow of information between interconnected networks in accordance with applicable policy. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | ACCESS CONTROL |
| ARST-RT-000120 - The Arista multicast router must be configured to disable Protocol Independent Multicast (PIM) on all interfaces that are not required to support multicast routing. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | ACCESS CONTROL |
| ARST-RT-000130 - The Arista multicast router must be configured to bind a Protocol Independent Multicast (PIM) neighbor filter to interfaces that have PIM enabled. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | ACCESS CONTROL |
| ARST-RT-000530 - The Arista router must be configured to have Internet Control Message Protocol (ICMP) unreachable notifications disabled on all external interfaces. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000540 - The Arista router must be configured to have Internet Control Message Protocol (ICMP) mask replies disabled on all external interfaces. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000650 - The Arista perimeter router must be configured to block all outbound management traffic. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-RT-000391 - The Cisco perimeter switch must be configured to suppress Router Advertisements on all external IPv6-enabled interfaces. | DISA Cisco IOS Switch RTR STIG v3r1 | Cisco | CONFIGURATION MANAGEMENT |
| HONW-13-006300 - Honeywell Android 13 must be configured to lock the display after 15 minutes (or less) of inactivity. | MobileIron - DISA Honeywell Android 13 COBO v1r1 | MDM | ACCESS CONTROL |
| HONW-13-006500 - Honeywell Android 13 must be configured to enforce an application installation policy by specifying one or more authorized application repositories, including [selection: DOD-approved commercial app repository, MDM server, mobile application store]. | MobileIron - DISA Honeywell Android 13 COPE v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-007400 - Honeywell Android 13 must be configured to disable developer modes. | AirWatch - DISA Honeywell Android 13 COPE v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-007800 - Honeywell Android 13 must be configured to generate audit records for the following auditable events: Detected integrity violations. | AirWatch - DISA Honeywell Android 13 COPE v1r1 | MDM | AUDIT AND ACCOUNTABILITY |
| HONW-13-008500 - Honeywell Android 13 must be configured to not allow backup of [all applications, configuration data] to locally connected systems. | AirWatch - DISA Honeywell Android 13 COBO v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| HONW-13-008500 - Honeywell Android 13 must be configured to not allow backup of [all applications, configuration data] to locally connected systems. | MobileIron - DISA Honeywell Android 13 COBO v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| HONW-13-008500 - Honeywell Android 13 must be configured to not allow backup of [all applications, configuration data] to locally connected systems. | MobileIron - DISA Honeywell Android 13 COPE v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| HONW-13-008600 - Honeywell Android 13 must be configured to not allow backup of [all applications, configuration data] to remote systems. | AirWatch - DISA Honeywell Android 13 COPE v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| HONW-13-009000 - Honeywell Android 13 must be configured to disable multiuser modes. | MobileIron - DISA Honeywell Android 13 COBO v1r1 | MDM | ACCESS CONTROL |
| HONW-13-009500 - Honeywell Android 13 must be configured to disable ad hoc wireless client-to-client connection capability. | MobileIron - DISA Honeywell Android 13 COBO v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| HONW-13-009500 - Honeywell Android 13 must be configured to disable ad hoc wireless client-to-client connection capability. | MobileIron - DISA Honeywell Android 13 COPE v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| HONW-13-009900 - Honeywell Android 13 must be configured to enforce that Wi-Fi Sharing is disabled. | MobileIron - DISA Honeywell Android 13 COBO v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-009900 - Honeywell Android 13 must be configured to enforce that Wi-Fi Sharing is disabled. | MobileIron - DISA Honeywell Android 13 COPE v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-010100 - The Honeywell Android 13 work profile must be configured to prevent users from adding personal email accounts to the work email app. | AirWatch - DISA Honeywell Android 13 COBO v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-010200 - The Honeywell Android 13 work profile must be configured to enforce the system application disable list. | AirWatch - DISA Honeywell Android 13 COBO v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-010200 - The Honeywell Android 13 work profile must be configured to enforce the system application disable list. | AirWatch - DISA Honeywell Android 13 COPE v1r1 | MDM | CONFIGURATION MANAGEMENT |
| HONW-13-010600 - Honeywell Android 13 must be configured to disallow configuration of date and time. | MobileIron - DISA Honeywell Android 13 COBO v1r1 | MDM | CONFIGURATION MANAGEMENT |
| UBTU-20-010002 - The Ubuntu operating system must enable the graphical user logon banner to display the Standard Mandatory DoD Notice and Consent Banner before granting local access to the system via a graphical user logon. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | ACCESS CONTROL |
| UBTU-20-010074 - The Ubuntu operating system must be configured so that the script which runs each 30 days or less to check file integrity is the default one. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-20-010134 - The Ubuntu operating system must permit only authorized accounts to own the audit configuration files. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010140 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the ssh-agent command. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010142 - The Ubuntu operating system must generate audit records for any use of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010166 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the apparmor_parser command. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010170 - The Ubuntu operating system must generate audit records for the use and modification of faillog file. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010171 - The Ubuntu operating system must generate audit records for the use and modification of the lastlog file. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010178 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the pam_timestamp_check command. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010181 - The Ubuntu operating system must generate audit records for successful/unsuccessful uses of the delete_module syscall. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010267 - The Ubuntu operating system must generate audit records for any successful/unsuccessful use of unlink, unlinkat, rename, renameat, and rmdir system calls. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010278 - The Ubuntu operating system must generate audit records for the /var/run/utmp file. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010413 - The Ubuntu operating system must disable kernel core dumps so that it can fail to a secure state if system initialization fails, shutdown fails or aborts fail. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-20-010418 - The Ubuntu operating system must configure the /var/log directory to be owned by root. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-20-010421 - The Ubuntu operating system must configure /var/log/syslog file to be owned by syslog. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-20-010451 - The Ubuntu operating system must notify designated personnel if baseline configurations are changed in an unauthorized manner. The file integrity tool must notify the System Administrator when changes to the baseline configuration or anomalies in the operation of any security functions are discovered. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-22-654165 - Ubuntu 22.04 LTS must generate audit records for successful/unsuccessful uses of the creat, open, openat, open_by_handle_at, truncate, and ftruncate system calls. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654180 - Ubuntu 22.04 LTS must generate audit records for any use of the setxattr, fsetxattr, lsetxattr, removexattr, fremovexattr, and lremovexattr system calls. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654215 - Ubuntu 22.04 LTS must generate audit records for the use and modification of the lastlog file. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-22-654220 - Ubuntu 22.04 LTS must generate audit records when successful/unsuccessful attempts to modify the /etc/sudoers file occur. | DISA Canonical Ubuntu 22.04 LTS STIG v2r5 | Unix | AUDIT AND ACCOUNTABILITY |
| WN10-CC-000391 - Internet Explorer must be disabled for Windows 10. | DISA Microsoft Windows 10 STIG v3r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000075 - Only accounts responsible for the backup operations must be members of the Backup Operators group. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000115 - The Telnet Client must not be installed on the system. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000120 - The TFTP Client must not be installed on the system. | DISA Microsoft Windows 11 STIG v2r4 | Windows | CONFIGURATION MANAGEMENT |
