| AS24-U1-000360 - The Apache web server must be configured to use a specified IP address and port. | DISA STIG Apache Server 2.4 Unix Server v3r1 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| AS24-U1-000360 - The Apache web server must be configured to use a specified IP address and port. | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| DKER-EE-001050 - TCP socket binding for all Docker Engine - Enterprise nodes in a Universal Control Plane (UCP) cluster must be disabled. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN003602 - The system must not process Internet Control Message Protocol (ICMP) timestamp requests - 'timestamp-reply -j DROP' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003602 - The system must not process Internet Control Message Protocol (ICMP) timestamp requests - 'timestamp-request -j DROP' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003603 - The system must not respond to Internet Control Message Protocol v4 (ICMPv4) echoes sent to a broadcast address. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003604 - The system must not respond to Internet Control Message Protocol (ICMP) timestamp requests sent to a broadcast address. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003607 - The system must not accept source-routed IPv4 packets - 'net.ipv4.conf.all.accept_source_route' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003607 - The system must not accept source-routed IPv4 packets - 'net.ipv4.conf.default.accept_source_route' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003609 - The system must ignore IPv4 Internet Control Message Protocol (ICMP) redirect messages - 'net.ipv4.conf.all.accept_redirects' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003609 - The system must ignore IPv4 Internet Control Message Protocol (ICMP) redirect messages - 'net.ipv4.conf.default.accept_redirects' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003610 - The system must not send IPv4 Internet Control Message Protocol (ICMP) redirects - 'net.ipv4.conf.all.send_redirects' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003610 - The system must not send IPv4 Internet Control Message Protocol (ICMP) redirects - 'net.ipv4.conf.default.send_redirects' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN007860 - The system must ignore IPv6 ICMP redirect messages. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN007920 - The system must not forward IPv6 source-routed packets - 'net.ipv6.conf.all.forwarding' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN007920 - The system must not forward IPv6 source-routed packets - 'net.ipv6.conf.default.forwarding' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| MD3X-00-000290 - Unused database components that are integrated in MongoDB and cannot be uninstalled must be disabled. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | CONFIGURATION MANAGEMENT |
| OL07-00-040100 - The Oracle Linux operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the Ports, Protocols, and Services Management Component Local Service Assessment (PPSM CLSA) and vulnerability assessments - PPSM CLSA and vulnerability assessments. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| PGS9-00-000100 - PostgreSQL must be configured to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services, as defined in the PPSM CAL and vulnerability assessments. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | CONFIGURATION MANAGEMENT |
| RHEL-07-040100 - The Red Hat Enterprise Linux operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services, as defined in the Ports, Protocols, and Services Management Component Local Service Assessment (PPSM CLSA) and vulnerability assessments. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| RHEL-09-251010 - RHEL 9 must have the firewalld package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| RHEL-09-251015 - The firewalld service on RHEL 9 must be active. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| SLES-12-030030 - The SUSE operating system must be configured to prohibit or restrict the use of functions, ports, protocols, and/or services as defined in the Ports, Protocols, and Services Management (PPSM) Category Assignments List (CAL) and vulnerability assessments. | DISA SLES 12 STIG v2r13 | Unix | ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT |
| SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception). | DISA STIG Solaris 11 X86 v3r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| SOL-11.1-050240 - The boundary protection system (firewall) must be configured to deny network traffic by default and must allow network traffic by exception (i.e., deny all, permit by exception). | DISA STIG Solaris 11 SPARC v3r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, MAINTENANCE |
| VCSA-70-000009 - The vCenter Server must use TLS 1.2, at a minimum, to protect the confidentiality of sensitive data during electronic dissemination using remote access. | DISA STIG VMware vSphere 7.0 vCenter v1r3 | VMware | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCSA-80-000009 The vCenter Server must use DOD-approved encryption to protect the confidentiality of network sessions. | DISA VMware vSphere 8.0 vCenter STIG v2r1 | VMware | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
