| 1.1.4 - MobileIron - Set 'timeout in minutes' for 'Sleep' | MobileIron - CIS Google Android 4 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 2.1.5 - AirWatch - Set the 'timeout' for 'Time without user input before password must be re-entered (in minutes)' | AirWatch - CIS Google Android 4 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 2.1.5 - MobileIron - Set the 'timeout' for 'Time without user input before password must be re-entered (in minutes)' | MobileIron - CIS Google Android 4 v1.0.0 L1 | MDM | ACCESS CONTROL |
| 2.2.2 (L2) Ensure 'Control use of the Web Bluetooth API' is set to 'Enabled: Do not allow any site to request access to Bluetooth devices via the Web Bluetooth API' | CIS Google Chrome L2 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.2.3 (L2) Ensure 'Control use of the WebUSB API' is set to 'Enabled: Do not allow any site to request access to USB devices via the WebUSB API' | CIS Google Chrome L2 v3.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 3.1.4.5 NFS - no root access via NFS exports | CIS IBM AIX 7.1 L1 v2.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 3.11.20.1 (L1) Ensure 'Prevent the computer from joining a homegroup' is set to 'Enabled' | CIS Microsoft Intune for Windows 11 v3.0.1 L1 | Windows | CONFIGURATION MANAGEMENT |
| 5.3.17 Ensure only strong MAC algorithms are used - MACs employing FIPS 140-2 approved cryptographic hash algorithms. | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| 8.4.9 (L2) Ensure Drag and Drop Version Get is disabled | CIS VMware ESXi 7.0 v1.4.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.10 (L2) Ensure Drag and Drop Version Set is disabled | CIS VMware ESXi 7.0 v1.4.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.11 Ensure Shell Action is disabled | CIS VMware ESXi 6.7 v1.3.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.13 (L2) Ensure Trash Folder State is disabled | CIS VMware ESXi 7.0 v1.4.0 L2 | VMware | CONFIGURATION MANAGEMENT |
| 8.4.17 Ensure GetCreds is disabled | CIS VMware ESXi 6.7 v1.3.0 Level 2 | VMware | CONFIGURATION MANAGEMENT |
| 18.2.1 (L1) Ensure LAPS AdmPwd GPO Extension / CSE is installed (MS only) | CIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.2.2 Ensure 'Do not allow password expiration time longer than required by policy' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.2.3 (L1) Ensure 'Enable Local Admin Password Management' is set to 'Enabled' (MS only) | CIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.2.4 (L1) Ensure 'Password Settings: Password Complexity' is set to 'Enabled: Large letters + small letters + numbers + special characters' | CIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.2.5 Ensure 'Password Settings: Password Length' is set to 'Enabled: 15 or more' | CIS Windows 7 Workstation Level 1 v3.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.2.5 Ensure 'Password Settings: Password Length' is set to 'Enabled: 15 or more' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.3.1 (L1) Ensure LAPS AdmPwd GPO Extension / CSE is installed (MS only) | CIS Microsoft Windows Server 2016 v3.0.0 L1 MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.3.1 (L1) Ensure LAPS AdmPwd GPO Extension / CSE is installed (MS only) | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.3.3 (L1) Ensure 'Enable Local Admin Password Management' is set to 'Enabled' (MS only) | CIS Microsoft Windows Server 2016 v3.0.0 L1 MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.3.3 Ensure 'Enable Local Admin Password Management' is set to 'Enabled' (MS only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| 18.3.4 (L1) Ensure 'Password Settings: Password Complexity' is set to 'Enabled: Large letters + small letters + numbers + special characters' (MS only) | CIS Windows Server 2012 R2 MS L1 v3.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.3.4 Ensure 'Password Settings: Password Complexity' is set to 'Enabled: Large letters + small letters + numbers + special characters' (MS only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.3.5 (L1) Ensure 'Password Settings: Password Length' is set to 'Enabled: 15 or more' (MS only) | CIS Windows Server 2012 MS L1 v3.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.3.5 Ensure 'Password Settings: Password Length' is set to 'Enabled: 15 or more' (MS only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 L1 MS | Windows | IDENTIFICATION AND AUTHENTICATION |
| 18.6.8.6 (L1) Ensure 'Mandate the minimum version of SMB' is set to 'Enabled: 3.1.1' | CIS Microsoft Windows 11 Enterprise v4.0.0 L2 BitLocker | Windows | CONFIGURATION MANAGEMENT |
| 18.6.8.6 (L1) Ensure 'Mandate the minimum version of SMB' is set to 'Enabled: 3.1.1' | CIS Microsoft Windows Server 2025 v1.0.0 L1 MS | Windows | CONFIGURATION MANAGEMENT |
| 18.6.8.7 (L1) Ensure 'Require Encryption' is set to 'Enabled' | CIS Microsoft Windows 11 Enterprise v4.0.0 L1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 18.9.35.1 Ensure 'Prevent the computer from joining a homegroup' is set to 'Enabled' | CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0 | Windows | CONFIGURATION MANAGEMENT |
| 18.10.34.1 (L1) Ensure 'Disable Internet Explorer 11 as a standalone browser' is set to 'Enabled: Always' | CIS Microsoft Windows 10 Enterprise v3.0.0 L1 + BL | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| CIS_AIX_7.1_Benchmark_v2.1.0_Level_2.audit from CIS AIX 7.1 Benchmark v2.1.0 Level 2 Benchmark | CIS IBM AIX 7.1 L2 v2.1.0 | Unix | |
| DG0025-ORACLE11 - DBMS cryptography must be NIST FIPS 140-2 validated - '%ORACLE_HOME%\NETWORK\ADMIN\SQLNET.ora SQLNET.SSLFIPS_140 = TRUE' | DISA STIG Oracle 11 Installation v9r1 Windows | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-06-000010 - The VMM must use DoD-approved encryption to protect the confidentiality of remote access sessions. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | ACCESS CONTROL |
| GEN000500-2 - The graphical desktop environment must set the idle timeout to no more than 15 minutes. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| HONW-09-008400 - On all Honeywell Mobility Edge Android Pie devices, cryptography must be configured to be in FIPS 140-2 validated mode. | AirWatch - DISA Honeywell Android 9.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| HONW-09-008400 - On all Honeywell Mobility Edge Android Pie devices, cryptography must be configured to be in FIPS 140-2 validated mode. | MobileIron - DISA Honeywell Android 9.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| HONW-09-008400 - On all Honeywell Mobility Edge Android Pie devices, cryptography must be configured to be in FIPS 140-2 validated mode. | AirWatch - DISA Honeywell Android 9.x COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| HONW-09-008400 - On all Honeywell Mobility Edge Android Pie devices, cryptography must be configured to be in FIPS 140-2 validated mode. | MobileIron - DISA Honeywell Android 9.x COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MADB-10-012100 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to provision digital signatures. | DISA MariaDB Enterprise 10.x v2r2 OS Linux | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MADB-10-012100 - MariaDB must implement NIST FIPS 140-2 validated cryptographic modules to provision digital signatures. | DISA MariaDB Enterprise 10.x v2r2 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| O365-WD-000008 - Open/Save of Word 2 and earlier binary documents and templates must be blocked. | DISA STIG Microsoft Office 365 ProPlus v3r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010159 - The OL 8 'pam_unix.so' module must be configured in the system-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication. | DISA Oracle Linux 8 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL08-00-010160 - The OL 8 'pam_unix.so' module must be configured in the password-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication. | DISA Oracle Linux 8 STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-40-000059 The Photon operating system must use mechanisms meeting the requirements of applicable federal laws, Executive orders, directives, policies, regulations, standards, and guidance for authentication to a cryptographic module. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-010159 - The RHEL 8 pam_unix.so module must be configured in the system-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-08-010160 - The RHEL 8 pam_unix.so module must be configured in the password-auth file to use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-16-010180 - The pam_unix.so module must use a FIPS 140-2 approved cryptographic hashing algorithm for system authentication. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCFL-67-000005 - vSphere Client must be configured with FIPS 140-2 compliant ciphers for HTTPS connections. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
