| PHTN-67-000004 - The Photon operating system must limit the number of concurrent sessions to 10 for all accounts and/or account types. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL |
| PHTN-67-000014 - The Photon operating system audit log must attempt to log audit failures to syslog - admin_space_left_action | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000019 - The Photon operating system must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000020 - The Photon operating system must generate audit records when successful/unsuccessful attempts to access privileges occur - 64 | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000039 - The Photon operating system must configure sshd to disconnect idle SSH sessions. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-67-000041 - The Photon operating system /var/log directory must be owned by root. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| PHTN-67-000042 - The Photon operating system messages file must be owned by root. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| PHTN-67-000043 - The Photon operating system messages file must have mode 0640 or less permissive. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| PHTN-67-000050 - The Photon operating system audit files and directories must have correct permissions - auditd | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000050 - The Photon operating system audit files and directories must have correct permissions - aureport | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000054 - The Photon operating system must set an inactivity timeout value for non-interactive sessions - duration | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL |
| PHTN-67-000054 - The Photon operating system must set an inactivity timeout value for non-interactive sessions - export | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL |
| PHTN-67-000058 - The Photon operating system must configure auditd to keep five rotated log files. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000065 - The Photon operating system must require users to reauthenticate for privilege escalation. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-67-000071 - The Photon operating system must generate audit records when the sudo command is used. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000072 - The Photon operating system must generate audit records when successful/unsuccessful logon attempts occur - lastlog | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000079 - The Photon operating system must ensure root $PATH entries are appropriate. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000086 - The Photon operating system must configure sshd to perform strict mode checking of home directory configuration files. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000090 - The Photon operating system must configure sshd to disallow compression of the encrypted session stream. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000091 - The Photon operating system must configure sshd to display the last login immediately after authentication. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000093 - The Photon operating system must configure sshd to ignore user-specific known_host files. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000095 - The Photon operating system must be configured so that the x86 Ctrl-Alt-Delete key sequence is disabled on the command line - masked | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000096 - The Photon operating system must be configured so that the /etc/skel default scripts are protected from unauthorized modification - bash_logout | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000097 - The Photon operating system must be configured so that the /root path is protected from unauthorized access. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000098 - The Photon operating system must be configured so that all global initialization scripts are protected from unauthorized modification. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000103 - The Photon operating system must be configured so that all cron paths are protected from unauthorized modification - cron.d | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000111 - The Photon operating system must not perform multicast packet forwarding - net.ipv4.conf.default.mc_forwarding | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000111 - The Photon operating system must not perform multicast packet forwarding - net.ipv4.conf.eth0.mc_forwarding | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000111 - The Photon operating system must not perform multicast packet forwarding - net.ipv6.conf.eth0.mc_forwarding | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000115 - The Photon operating system must be configured to protect the SSH public host key from unauthorized modification. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000117 - The Photon operating system must enforce password complexity on the root account. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000120 - The Photon operating system must protect all sysctl configuration files from unauthorized access. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000123 - The Photon operating system must configure sshd to disallow HostbasedAuthentication. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| VCFL-67-000002 - vSphere Client must limit the number of concurrent connections permitted. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | ACCESS CONTROL |
| VCFL-67-000015 - vSphere Client must not have the Web Distributed Authoring (WebDAV) servlet installed. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCFL-67-000017 - vSphere Client must not have any symbolic links in the web content directory tree. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCFL-67-000030 - vSphere Client must set the secure flag for cookies. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCLD-67-000005 - VAMI must generate log records for system startup and shutdown. | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLD-67-000016 - VAMI must only load allowed server modules - mod_accesslog | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCLD-67-000016 - VAMI must only load allowed server modules - mod_magnet | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCLD-67-000028 - VAMI must set the encoding for all text mime types to UTF-8. | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCPF-67-000026 - Performance Charts must properly configure log sizes and rotation - MaxBackupIndex | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCST-67-000006 - The Security Token Service must generate log records during Java startup and shutdown - handlers | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCST-67-000011 - The Security Token Service must be configured to limit access to internal packages. | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCST-67-000014 - The Security Token Service must not have the Web Distributed Authoring (WebDAV) servlet installed. | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCST-67-000023 - The Security Token Service must not show directory listings. | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCUI-67-000001 - vSphere UI must limit the amount of time that each TCP connection is kept alive. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | ACCESS CONTROL |
| VCUI-67-000012 - vSphere UI must have mappings set for Java servlet pages. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCUI-67-000014 - vSphere UI must be configured with memory leak protection. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | CONFIGURATION MANAGEMENT |
| VCUI-67-000030 - vSphere UI must set the secure flag for cookies. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
