| ADBP-XI-001315 - Adobe Acrobat Pro XI SharePoint and Office365 Access must be disabled. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | CONFIGURATION MANAGEMENT |
| AIOS-02-080007 - Apple iOS must disable automatic transfer of diagnostic data to an external device other than an enrolled MDM service. | AirWatch - DISA Apple iOS 10 v1r3 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-011600 - Apple iOS/iPadOS 15 must implement the management setting: not have any Family Members in Family Sharing. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-011600 - Apple iOS/iPadOS 15 must implement the management setting: not have any Family Members in Family Sharing. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-012400 - Apple iOS/iPadOS 15 must not allow unmanaged apps to read contacts from managed contacts accounts. | AirWatch - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-013100 - Apple iOS/iPadOS 15 must disable Find My Friends in the Find My app. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-15-013400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-010900 - Apple iOS/iPadOS 16 must implement the management setting: require the user to enter a password when connecting to an AirPlay-enabled device for the first time. | MobileIron - DISA Apple iOS/iPadOS 16 v2r1 | MDM | ACCESS CONTROL |
| AIOS-16-711800 - Apple iOS/iPadOS 16 must implement the management setting: force Apple Watch wrist detection. | MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r1 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-16-713400 - The Apple iOS must be configured to disable automatic transfer of diagnostic data to an external device other than an MDM service with which the device has enrolled. | AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r1 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-18-008400 - Apple iOS/iPadOS 18 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | ACCESS CONTROL |
| AIOS-18-010500 - Apple iOS/iPadOS 18 must implement the management setting: limit Ad Tracking. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-18-010600 - Apple iOS/iPadOS 18 must implement the management setting: not allow automatic completion of Safari browser passcodes. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-010800 - Apple iOS/iPadOS 18 must implement the management setting: not allow use of Handoff. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-010800 - Apple iOS/iPadOS 18 must implement the management setting: not allow use of Handoff. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-010850 - Apple iOS/iPadOS 18 must implement the management setting: not allow use of iPhone widgets on Mac. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-010850 - Apple iOS/iPadOS 18 must implement the management setting: not allow use of iPhone widgets on Mac. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-012400 - Apple iOS/iPadOS 18 must not allow unmanaged apps to read contacts from managed contacts accounts. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-013100 - Apple iOS/iPadOS 18 must disable 'Find My Friends' in the 'Find My' app - Find My app. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-016100 - Apple iOS/iPadOS 18 must disable the use of voice assistant (Siri) unless required to meet Section 508 compliance requirements. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-016300 - Apple iOS/iPadOS 18 must disable the use of voice assistant (Siri suggestions) unless required to meet Section 508 compliance requirements. | MobileIron - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-016800 - Apple iOS/iPadOS 18 must disable AirPrint: Allow storage of AirPrint credentials in Keychain. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-017100 - Apple iOS/iPadOS 18 must disable Allowed Content Ratings (TV Shows). | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-18-017200 - Apple iOS/iPadOS 18 must disable the Apple Intelligence feature: Image Wand. | AirWatch - DISA Apple iOS/iPadOS 18 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| APPL-11-002009 - The macOS system must be configured to disable AirDrop. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-13-002009 - The macOS system must be configured to disable AirDrop. | DISA STIG Apple macOS 13 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-14-004050 The macOS system must configure install.log retention to 365. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| ARST-RT-000210 - The multicast Rendezvous Point (RP) Arista router must be configured to filter Protocol Independent Multicast (PIM) Register and Join messages received from the Designated Router (DR) for any undesirable multicast groups and sources. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | ACCESS CONTROL |
| ARST-RT-000520 - The Arista router must be configured to have IP directed broadcast disabled on all interfaces. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000570 - The Arista BGP router must be configured to limit the prefix size on any inbound route advertisement to /24 or the least significant prefixes issued to the customer. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | SYSTEM AND COMMUNICATIONS PROTECTION |
| ARST-RT-000700 - The MPLS router must be configured to use its loopback address as the source address for LDP peering sessions. | DISA STIG Arista MLS EOS 4.x Router v2r2 | Arista | CONTINGENCY PLANNING |
| F5BI-AP-000236 - The F5 BIG-IP appliance must be configured to limit authenticated client sessions to initial session source IP. | DISA F5 BIG-IP Access Policy Manager STIG v2r4 | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| FFOX-00-000021 - Firefox autoplay must be disabled. | DISA STIG Mozilla Firefox Windows v6r6 | Windows | CONFIGURATION MANAGEMENT |
| GOOG-15-007700 - Google Android 15 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device. | AirWatch - DISA Google Android 15 COBO v1r2 | MDM | ACCESS CONTROL |
| HONW-13-007700 - Honeywell Android 13 must be configured to display the DOD advisory warning message at startup or each time the user unlocks the device. | AirWatch - DISA Honeywell Android 13 COPE v1r1 | MDM | ACCESS CONTROL |
| HONW-13-010900 - Android 13 devices must be configured to disable the use of third-party keyboards. | MobileIron - DISA Honeywell Android 13 COBO v1r1 | MDM | CONFIGURATION MANAGEMENT |
| JUEX-L2-000160 - The Juniper EX switch must be configured to enable IGMP or MLD Snooping on all VLANs. | DISA Juniper EX Series Layer 2 Switch v2r3 | Juniper | CONFIGURATION MANAGEMENT |
| JUEX-L2-000250 - The Juniper EX switch must not have any access interfaces assigned to a VLAN configured as native for any trunked interface. | DISA Juniper EX Series Layer 2 Switch v2r3 | Juniper | CONFIGURATION MANAGEMENT |
| JUEX-RT-000660 - The Juniper BGP router must be configured to limit the prefix size on any inbound route advertisement to /24 or the least significant prefixes issued to the customer. | DISA Juniper EX Series Router v2r1 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-RT-000980 - The Juniper Multicast Source Discovery Protocol (MSDP) router must be configured to use its loopback address as the source address when originating MSDP traffic. | DISA Juniper EX Series Router v2r1 | Juniper | CONFIGURATION MANAGEMENT |
| KNOX-07-004300 - The Samsung must be configured to display the DoD advisory warning message at start-up or when the user unlocks the device. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | ACCESS CONTROL |
| KNOX-07-018000 - The Samsung Android 7 with Knox must be configured to Disable Smart Call. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| OL09-00-002330 - OL 9 must enable Linux audit logging for the USBGuard daemon. | DISA Oracle Linux 9 STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-20-010215 - The Ubuntu operating system must allocate audit record storage capacity to store at least one weeks' worth of audit records, when audit records are not immediately sent to a central audit record storage facility. | DISA Canonical Ubuntu 20.04 LTS STIG v2r3 | Unix | AUDIT AND ACCOUNTABILITY |
| UBTU-24-100010 - Ubuntu 24.04 LTS must not have the "systemd-timesyncd" package installed. | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-24-901220 - Ubuntu 24.04 LTS must record time stamps for audit records that can be mapped to Coordinated Universal Time (UTC) or Greenwich Mean Time (GMT). | DISA Canonical Ubuntu 24.04 LTS STIG v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000380 - The WebSphere Application Server must generate log records when attempts to access subject privileges occur. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000640 - The WebSphere Application Server must alert the SA and ISSO, in the event of a log processing failure - enabled | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-000740 - The WebSphere Application Server must be configured to protect log information from any type of unauthorized read access. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| WBSP-AS-001580 - The WebSphere Application Server memory session settings must be defined according to application load requirements. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
