| ADBP-XI-001315 - Adobe Acrobat Pro XI SharePoint and Office365 Access must be disabled. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | CONFIGURATION MANAGEMENT |
| AIOS-02-080007 - Apple iOS must disable automatic transfer of diagnostic data to an external device other than an enrolled MDM service. | AirWatch - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-011600 - Apple iOS/iPadOS 15 must implement the management setting: not have any Family Members in Family Sharing. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-011600 - Apple iOS/iPadOS 15 must implement the management setting: not have any Family Members in Family Sharing. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-012400 - Apple iOS/iPadOS 15 must not allow unmanaged apps to read contacts from managed contacts accounts. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-013100 - Apple iOS/iPadOS 15 must disable Find My Friends in the Find My app. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-013400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-010900 - Apple iOS/iPadOS 16 must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device for the first time. | MobileIron - DISA Apple iOS/iPadOS 16 v2r1 | MDM | ACCESS CONTROL |
| AIOS-16-711800 - Apple iOS/iPadOS 16 must implement the management setting: force Apple Watch wrist detection. | MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-713400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-001000 - Apple iOS/iPadOS 17 must allow the Administrator (MDM) to perform the following management function: enable/disable VPN protection across the device and [selection: other methods] - MDM to perform the following management function: enable/disable VPN protection across the device and [selection: other methods]. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-010950 - Apple iOS/iPadOS 17 must implement the management setting: require passcode for incoming Airplay connection requests. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | ACCESS CONTROL |
| AIOS-17-012400 - Apple iOS/iPadOS 17 must not allow unmanaged apps to read contacts from managed contacts accounts. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-701000 - Apple iOS/iPadOS 17 must allow the administrator (MDM) to perform the following management function: enable/disable VPN protection across the device - MDM to perform the following management function: enable/disable VPN protection across the device and [selection: other methods]. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-708400 - Apple iOS/iPadOS 17 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1 | MDM | ACCESS CONTROL |
| AIOS-17-711800 - Apple iOS/iPadOS 17 must implement the management setting: force Apple Watch wrist detection. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-712400 - Apple iOS/iPadOS 17 must not allow unmanaged apps to read contacts from managed contacts accounts. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-712400 - Apple iOS/iPadOS 17 must not allow unmanaged apps to read contacts from managed contacts accounts. | MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| APPL-11-002009 - The macOS system must be configured to disable AirDrop. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-12-005055 - The macOS system must be configured to disable prompts to configure ScreenTime. | DISA STIG Apple macOS 12 v1r9 | Unix | CONFIGURATION MANAGEMENT |
| APPL-13-001029 - The macOS system must allocate audit record storage capacity to store at least seven days of audit records when audit records are not immediately sent to a central audit record storage facility. | DISA STIG Apple macOS 13 v1r4 | Unix | AUDIT AND ACCOUNTABILITY |
| APPL-14-001029 - The macOS system must configure audit retention to seven days. | DISA Apple macOS 14 (Sonoma) STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| ARST-RT-000210 - The multicast Rendezvous Point (RP) Arista router must be configured to filter Protocol Independent Multicast (PIM) Register and Join messages received from the Designated Router (DR) for any undesirable multicast groups and sources. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | ACCESS CONTROL |
| ARST-RT-000570 - The Arista BGP router must be configured to limit the prefix size on any inbound route advertisement to /24 or the least significant prefixes issued to the customer. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000600 - The Arista BGP router must be configured to enable the Generalized TTL Security Mechanism (GTSM). | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000770 - The Arista Multicast Source Discovery Protocol (MSDP) router must be configured to use its loopback address as the source address when originating MSDP traffic. | DISA STIG Arista MLS EOS 4.2x Router v2r1 | Arista | CONTINGENCY PLANNING |
| CASA-VN-000010 - The Cisco ASA must be configured to generate log records containing information to establish what type of VPN events occurred - vpnfo | DISA STIG Cisco ASA VPN v2r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CASA-VN-000010 - The Cisco ASA must be configured to generate log records containing information to establish what type of VPN events occurred - webfo | DISA STIG Cisco ASA VPN v2r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CASA-VN-000020 - The Cisco ASA must be configured to generate log records containing information to establish when the events occurred. | DISA STIG Cisco ASA VPN v2r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CASA-VN-000520 - The Cisco ASA remote access VPN server must be configured to generate log records containing information to establish the source of the events - svc | DISA STIG Cisco ASA VPN v2r1 | Cisco | AUDIT AND ACCOUNTABILITY |
| CISC-RT-000236 - The Cisco router must be configured to advertise a hop limit of at least 32 in Router Advertisement messages for IPv6 stateless auto-configuration deployments. | DISA STIG Cisco IOS Router RTR v3r1 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-RT-000236 - The Cisco switch must be configured to advertise a hop limit of at least 32 in Switch Advertisement messages for IPv6 stateless auto-configuration deployments. | DISA STIG Cisco IOS XE Switch RTR v3r1 | Cisco | CONFIGURATION MANAGEMENT |
| CISC-RT-000236 - The Cisco switch must be configured to advertise a hop limit of at least 32 in Switch Advertisement messages for IPv6 stateless auto-configuration deployments. | DISA STIG Cisco IOS Switch RTR v3r1 | Cisco | CONFIGURATION MANAGEMENT |
| EX19-MB-000158 The Exchange receive connector timeout must be limited. | DISA Microsoft Exchange 2019 Mailbox Server STIG v2r1 | Windows | ACCESS CONTROL |
| KNOX-07-017800 - The Samsung Android 7 with Knox must be configured to Disable Bixby. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| OL08-00-010376 - OL 8 must prevent kernel profiling by unprivileged users. | DISA Oracle Linux 8 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010541 - OL 8 must use a separate file system for '/var/log'. | DISA Oracle Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010542 - OL 8 must use a separate file system for the system audit data path. | DISA Oracle Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-040024 - OL 8 must disable the transparent inter-process communication (TIPC) protocol. | DISA Oracle Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-040026 - OL 8 must disable IEEE 1394 (FireWire) Support. | DISA Oracle Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-040300 - The OL 8 file integrity tool must be configured to verify extended attributes. | DISA Oracle Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010541 - RHEL 8 must use a separate file system for /var/log. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-020024 - RHEL 8 must limit the number of concurrent sessions to ten for all accounts and/or account types. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | ACCESS CONTROL |
| RHEL-08-030063 - RHEL 8 must resolve audit information before writing to disk. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040024 - RHEL 8 must disable the transparent inter-process communication (TIPC) protocol. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040026 - RHEL 8 must disable IEEE 1394 (FireWire) Support. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-412075 - RHEL 9 must display the date and time of the last successful account logon upon logon. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-20-010401 - The Ubuntu operating system must restrict access to the kernel message buffer. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-20-010453 - The Ubuntu operating system must display the date and time of the last successful account logon upon logon. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | ACCESS CONTROL |
| UBTU-22-653035 - Ubuntu 22.04 LTS must allocate audit record storage capacity to store at least one weeks' worth of audit records, when audit records are not immediately sent to a central audit record storage facility. | DISA STIG Canonical Ubuntu 22.04 LTS v2r2 | Unix | AUDIT AND ACCOUNTABILITY |
