| AMLS-NM-000130 - The Arista Multilayer Switch must automatically audit account modification. | DISA STIG Arista MLS DCS-7000 Series NDM v1r4 | Arista | ACCESS CONTROL |
| AMLS-NM-000150 - The Arista Multilayer Switch must automatically audit account removal actions. | DISA STIG Arista MLS DCS-7000 Series NDM v1r4 | Arista | ACCESS CONTROL |
| CISC-ND-000090 - The Cisco router must be configured to automatically audit account creation. | DISA STIG Cisco IOS Router NDM v3r1 | Cisco | ACCESS CONTROL |
| CISC-ND-000090 - The Cisco switch must be configured to automatically audit account creation. | DISA STIG Cisco IOS Switch NDM v3r1 | Cisco | ACCESS CONTROL |
| CISC-ND-000090 - The Cisco switch must be configured to automatically audit account creation. | DISA STIG Cisco IOS XE Switch NDM v3r2 | Cisco | ACCESS CONTROL |
| CISC-ND-000100 - The Cisco router must be configured to automatically audit account modification. | DISA STIG Cisco IOS XE Router NDM v3r1 | Cisco | ACCESS CONTROL |
| CISC-ND-000110 - The Cisco router must be configured to automatically audit account disabling actions. | DISA STIG Cisco IOS Router NDM v3r1 | Cisco | ACCESS CONTROL |
| CISC-ND-000110 - The Cisco switch must be configured to automatically audit account disabling actions. | DISA STIG Cisco NX-OS Switch NDM v3r1 | Cisco | ACCESS CONTROL |
| CISC-ND-000120 - The Cisco router must be configured to automatically audit account removal actions. | DISA STIG Cisco IOS XE Router NDM v3r1 | Cisco | ACCESS CONTROL |
| CISC-ND-000120 - The Cisco switch must be configured to automatically audit account removal actions. | DISA STIG Cisco NX-OS Switch NDM v3r1 | Cisco | ACCESS CONTROL |
| CISC-ND-000880 - The Cisco router must be configured to automatically audit account enabling actions. | DISA STIG Cisco IOS Router NDM v3r1 | Cisco | ACCESS CONTROL |
| CISC-ND-000880 - The Cisco switch must be configured to automatically audit account enabling actions. | DISA STIG Cisco IOS Switch NDM v3r1 | Cisco | ACCESS CONTROL |
| CISC-ND-000880 - The Cisco switch must be configured to automatically audit account enabling actions. | DISA STIG Cisco IOS XE Switch NDM v3r2 | Cisco | ACCESS CONTROL |
| EX16-MB-000010 - Exchange must have Administrator audit logging enabled. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | ACCESS CONTROL |
| F5BI-DM-000021 - The BIG-IP appliance must automatically audit account modification. | DISA F5 BIG-IP Device Management STIG v2r3 | F5 | ACCESS CONTROL |
| F5BI-DM-000023 - The BIG-IP appliance must automatically audit account-disabling actions. | DISA F5 BIG-IP Device Management STIG v2r3 | F5 | ACCESS CONTROL |
| F5BI-DM-000157 - The BIG-IP appliance must be configured to generate alerts that can be forwarded to the administrators and Information System Security Officer (ISSO) when accounts are modified. | DISA F5 BIG-IP Device Management STIG v2r3 | F5 | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| F5BI-DM-000159 - The BIG-IP appliance must be configured to generate alerts that can be forwarded to the administrators and Information System Security Officer (ISSO) when accounts are disabled. | DISA F5 BIG-IP Device Management STIG v2r3 | F5 | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| JUNI-ND-000090 - The Juniper router must be configured to automatically audit account creation. | DISA STIG Juniper Router NDM v3r1 | Juniper | ACCESS CONTROL |
| JUNI-ND-000110 - The Juniper router must be configured to automatically audit account disabling actions. | DISA STIG Juniper Router NDM v3r1 | Juniper | ACCESS CONTROL |
| JUSX-DM-000017 - For local accounts created on the device, the Juniper SRX Services Gateway must automatically generate log records for account disabling events. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | ACCESS CONTROL |
| JUSX-DM-000018 - For local accounts created on the device, the Juniper SRX Services Gateway must automatically generate log records for account removal events. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | ACCESS CONTROL |
| JUSX-DM-000023 - The Juniper SRX Services Gateway must automatically generate a log event when accounts are enabled. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | ACCESS CONTROL |
| OL6-00-000174 - The operating system must automatically audit account creation - '/etc/shadow' | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000175 - The operating system must automatically audit account modification - '/etc/passwd' | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000176 - The operating system must automatically audit account disabling actions - '/etc/group' | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000176 - The operating system must automatically audit account disabling actions - '/etc/passwd' | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000176 - The operating system must automatically audit account disabling actions - '/etc/shadow' | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000177 - The operating system must automatically audit account termination - '/etc/gshadow' | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL6-00-000177 - The operating system must automatically audit account termination - '/etc/passwd' | DISA STIG Oracle Linux 6 v2r7 | Unix | ACCESS CONTROL |
| OL07-00-030872 - The Oracle Linux operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL |
| PHTN-40-000107 The Photon operating system must audit the execution of privileged functions. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| PHTN-40-000204 The Photon operating system must audit all account modifications. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| RHEL-06-000174 - The operating system must automatically audit account creation - /etc/passwd | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000174 - The operating system must automatically audit account creation - /etc/security/opasswd | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000175 - The operating system must automatically audit account modification - /etc/passwd | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000176 - The operating system must automatically audit account disabling actions - /etc/group. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000176 - The operating system must automatically audit account disabling actions - /etc/gshadow. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000176 - The operating system must automatically audit account disabling actions - /etc/passwd. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000177 - The operating system must automatically audit account termination - /etc/group. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| RHEL-06-000177 - The operating system must automatically audit account termination - /etc/passwd. | DISA Red Hat Enterprise Linux 6 STIG v2r2 | Unix | ACCESS CONTROL |
| SLES-15-030040 - The SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow. | DISA SLES 15 STIG v2r2 | Unix | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| VCSA-70-000123 - The vCenter Server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, on every Single Sign-On (SSO) account action. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | ACCESS CONTROL |
| WBLC-01-000018 - Oracle WebLogic must automatically audit account creation - Auditing Provider | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | ACCESS CONTROL |
| WBLC-01-000018 - Oracle WebLogic must automatically audit account creation - Auditing Provider | Oracle WebLogic Server 12c Windows v2r1 | Windows | ACCESS CONTROL |
| WBLC-01-000018 - Oracle WebLogic must automatically audit account creation - Configuration Audit Type | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | ACCESS CONTROL |
| WBLC-01-000019 - Oracle WebLogic must automatically audit account modification - Auditing Provider | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | ACCESS CONTROL |
| WBLC-01-000019 - Oracle WebLogic must automatically audit account modification - Configuration Audit Type | Oracle WebLogic Server 12c Linux v2r1 | Unix | ACCESS CONTROL |
| WBLC-01-000019 - Oracle WebLogic must automatically audit account modification - Configuration Audit Type | Oracle WebLogic Server 12c Windows v2r1 | Windows | ACCESS CONTROL |
| WBLC-01-000019 - Oracle WebLogic must automatically audit account modification - Configuration Audit Type | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | ACCESS CONTROL |
