| 2.3.4.1 (L1) Ensure 'Devices: Allowed to format and eject removable media' is set to 'Administrators and Interactive Users' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 2.3.4.1 Ensure 'Devices: Allowed to format and eject removable media' is set to 'Administrators and Interactive Users' | CIS Microsoft Windows 8.1 v2.4.1 L1 | Windows | MEDIA PROTECTION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY |
| 3.130 - User Account Control - Behavior of elevation prompt for administrators | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.132 - User Account Control - Detect Application Installations | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.134 - User Account Control - Elevate UIAccess applications that are in secure locations | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.135 - User Account Control - Switch to secure desktop | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.136 - User Account Control - Non UAC Compliant Application Virtualization | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.141 - User Account Control - Executable Elevation | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 5.132 - Require username and password to elevate a running application. | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| CD12-00-004000 - PostgreSQL must isolate security functions from non-security functions. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-001620 - Kubernetes Kubelet must enable kernel protection. | DISA STIG Kubernetes v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI485 - Protected Mode must be enforced (Internet zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI490 - Protected Mode must be enforced (Restricted Sites zone). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI490-IE11 - Protected Mode must be enforced (Restricted Sites zone). | DISA STIG IE 11 v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI610 - Internet Explorer Processes for Zone Elevation must be enforced (Reserved). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI610-IE11 - Internet Explorer Processes for Zone Elevation must be enforced (Reserved). | DISA STIG IE 11 v2r5 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTBI614 - Internet Explorer Processes for Zone Elevation must be enforced (IExplore). | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EPAS-00-005800 - The EDB Postgres Advanced Server must isolate security functions from nonsecurity functions. | EnterpriseDB PostgreSQL Advanced Server DB v2r1 | PostgreSQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MYS8-00-006500 - The MySQL Database Server 8.0 must isolate security functions from non-security functions. | DISA Oracle MySQL 8.0 v2r1 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010170 - OL 8 must use a Linux Security Module configured to enforce limits on system services. | DISA Oracle Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010171 - OL 8 must have the 'policycoreutils' package installed. | DISA Oracle Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010421 - OL 8 must clear the page allocator to prevent use-after-free attacks. | DISA Oracle Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010422 - OL 8 must disable virtual syscalls. | DISA Oracle Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010423 - OL 8 must clear SLUB/SLAB objects to prevent use-after-free attacks. | DISA Oracle Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010170 - RHEL 8 must use a Linux Security Module configured to enforce limits on system services. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010171 - RHEL 8 must have policycoreutils package installed. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010421 - RHEL 8 must clear the page allocator to prevent use-after-free attacks. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010422 - RHEL 8 must disable virtual syscalls. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010423 - RHEL 8 must clear SLUB/SLAB objects to prevent use-after-free attacks. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL2-00-021500 - SQL Server must isolate security functions from nonsecurity functions by means of separate security domains. | DISA STIG SQL Server 2012 DB Instance Security v1r20 | MS_SQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-20-010012 - The Ubuntu operating system must ensure only users who need access to security functions are part of sudo group. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-22-432015 - Ubuntu 22.04 LTS must ensure only users who need access to security functions are part of sudo group. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCPG-67-000017 - VMware Postgres must not allow schema access to unauthorized accounts. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCPG-70-000015 - VMware Postgres must not allow schema access to unauthorized accounts. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCTR-67-000051 - The vCenter Server users must have the correct roles assigned. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCWN-06-100005 - The vCenter Server users must have the correct roles assigned. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| WINRG-000003 - Local administrator accounts must have their privileged token filtered to prevent elevated privileges. | DISA Windows Vista STIG v6r41 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-CC-000037 - Local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain systems. | DISA Windows 11 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-CC-000200 - Administrator accounts must not be enumerated during elevation. | DISA Windows 11 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-SO-000250 - User Account Control must prompt administrators for consent on the secure desktop. | DISA Windows 11 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-SO-000260 - User Account Control must be configured to detect application installations and prompt for elevation. | DISA Windows 11 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-SO-000265 - User Account Control must only elevate UIAccess applications that are installed in secure locations. | DISA Windows 11 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-SO-000275 - User Account Control must virtualize file and registry write failures to per-user locations. | DISA Windows 11 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-CC-000240 - Windows Server 2022 administrator accounts must not be enumerated during elevation. | DISA Windows Server 2022 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-MS-000020 - Windows Server 2022 local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain-joined member servers. | DISA Windows Server 2022 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-SO-000390 - Windows Server 2022 UIAccess applications must not be allowed to prompt for elevation without using the secure desktop. | DISA Windows Server 2022 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-SO-000400 - Windows Server 2022 User Account Control (UAC) must, at a minimum, prompt administrators for consent on the secure desktop. | DISA Windows Server 2022 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-SO-000420 - Windows Server 2022 User Account Control (UAC) must be configured to detect application installations and prompt for elevation. | DISA Windows Server 2022 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-SO-000430 - Windows Server 2022 User Account Control (UAC) must only elevate UIAccess applications that are installed in secure locations. | DISA Windows Server 2022 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-SO-000450 - Windows Server 2022 User Account Control (UAC) must virtualize file and registry write failures to per-user locations. | DISA Windows Server 2022 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
