| 3.042 - Outgoing secure channel traffic is not signed when possible. | DISA Windows 7 STIG v1r32 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.043 - Outgoing secure channel traffic is not encrypted when possible. | DISA Windows Server 2008 MS STIG v6r46 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.045 - The Windows SMB client will be enabled to perform SMB packet signing when possible. | DISA Windows Server 2008 R2 DC STIG v1r34 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.046 - The Windows SMB server will perform SMB packet signing when possible. | DISA Windows Server 2008 R2 MS STIG v1r33 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.114 - The Windows SMB client is not enabled to always perform SMB packet signing. | DISA Windows 7 STIG v1r32 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 3.115 - The Windows Server SMB server is not enabled to always perform SMB packet signing. | DISA Windows Server 2008 MS STIG v6r46 | Windows | IDENTIFICATION AND AUTHENTICATION |
| 4.044 - The system is not configured to require a strong session key. | DISA Windows Server 2008 DC STIG v6r47 | Windows | IDENTIFICATION AND AUTHENTICATION |
| AOSX-15-002062 - The macOS system must be configured with Bluetooth turned off unless approved by the organization - DisableBluetooth | DISA STIG Apple Mac OSX 10.15 v1r8 | Unix | |
| AS24-U1-000870 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to prohibit client-side scripts from reading the cookie data - Session | DISA STIG Apache Server 2.4 Unix Server v2r6 Middleware | Unix | |
| AS24-U1-000870 - Cookies exchanged between the Apache web server and the client, such as session cookies, must have cookie properties set to prohibit client-side scripts from reading the cookie data - SessionCookieName | DISA STIG Apache Server 2.4 Unix Server v2r6 Middleware | Unix | |
| Catalina - Disable Bluetooth When no Approved Device is Connected | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Disable Bluetooth When no Approved Device is Connected | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Disable Bluetooth When no Approved Device is Connected | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Disable Bluetooth When no Approved Device is Connected | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-06-000051 - The system must protect the confidentiality and integrity of transmitted information. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-06-000052 - The system must protect the confidentiality and integrity of transmitted information by utilizing different TCP/IP stacks where possible. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| ESXI-65-000048 - The ESXi host must protect the confidentiality and integrity of transmitted information by isolating vMotion traffic. | DISA STIG VMware vSphere ESXi 6.5 v2r2 | VMware | |
| ESXI-65-000050 - The ESXi host must protect the confidentiality and integrity of transmitted information by protecting IP based management traffic. | DISA STIG VMware vSphere ESXi 6.5 v2r3 | VMware | |
| ESXI-65-000052 - The ESXi host must protect the confidentiality and integrity of transmitted information by utilizing different TCP/IP stacks where possible. | DISA STIG VMware vSphere ESXi 6.5 v2r2 | VMware | |
| ESXI-65-000052 - The ESXi host must protect the confidentiality and integrity of transmitted information by utilizing different TCP/IP stacks where possible. | DISA STIG VMware vSphere ESXi 6.5 v2r3 | VMware | |
| EX13-CA-000150 - Exchange OWA must use https - External | DISA Microsoft Exchange 2013 Client Access Server STIG v2r1 | Windows | |
| EX16-ED-000660 - Exchange must provide redundancy. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r4 | Windows | |
| EX16-ED-000690 - Exchange internal Send connectors must require encryption - RequireTLS | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r4 | Windows | |
| IIST-SI-000244 - IIS 10.0 website session IDs must be sent to the client using TLS. | DISA IIS 10.0 Site v2r8 | Windows | |
| IIST-SI-000246 - Cookies exchanged between the IIS 10.0 website and the client must have cookie properties set to prohibit client-side scripts from reading the cookie data - compressionEnabled | DISA IIS 10.0 Site v2r7 | Windows | |
| IIST-SI-000246 - Cookies exchanged between the IIS 10.0 website and the client must have cookie properties set to prohibit client-side scripts from reading the cookie data - requireSSL | DISA IIS 10.0 Site v2r5 | Windows | |
| IIST-SV-000153 - An IIS 10.0 web server must maintain the confidentiality of controlled information during transmission through the use of an approved Transport Layer Security (TLS) version - TLS 1.0 | DISA IIS 10.0 Server v2r8 | Windows | |
| IIST-SV-000153 - An IIS 10.0 web server must maintain the confidentiality of controlled information during transmission through the use of an approved Transport Layer Security (TLS) version - TLS 1.1 | DISA IIS 10.0 Server v2r8 | Windows | |
| IIST-SV-000154 - The IIS 10.0 web server must maintain the confidentiality of controlled information during transmission through the use of an approved Transport Layer Security (TLS) version. | DISA IIS 10.0 Server v2r5 | Windows | |
| IIST-SV-000154 - The IIS 10.0 web server must maintain the confidentiality of controlled information during transmission through the use of an approved Transport Layer Security (TLS) version. | DISA IIS 10.0 Server v2r1 | Windows | |
| IISW-SI-000244 - IIS 8.5 website session IDs must be sent to the client using TLS. | DISA IIS 8.5 Site v2r7 | Windows | |
| IISW-SV-000152 - IIS 8.5 web server session IDs must be sent to the client using TLS. | DISA IIS 8.5 Server v2r6 | Windows | |
| IISW-SV-000153 - An IIS 8.5 web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version | DISA IIS 8.5 Server v2r6 | Windows | |
| IISW-SV-000153 - An IIS 8.5 web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSL 2.0 | DISA IIS 8.5 Server v2r3 | Windows | |
| IISW-SV-000153 - An IIS 8.5 web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - TLS 1.1 | DISA IIS 8.5 Server v2r5 | Windows | |
| IISW-SV-000154 - A web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version. | DISA IIS 8.5 Server v2r5 | Windows | |
| JBOS-AS-000650 - JBoss must be configured to use an approved TLS version. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | |
| OH12-1X-000308 - OHS must have the LoadModule ossl_module directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r1 | Unix | |
| OH12-1X-000311 - OHS must have the SSLCipherSuite directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r1 | Unix | |
| OH12-1X-000312 - If using the WebLogic Web Server Proxy Plugin and configuring end-to-end SSL, OHS must have the SecureProxy directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r1 | Unix | |
| OH12-1X-000314 - If using the WebLogic Web Server Proxy Plugin and configuring end-to-end SSL, OHS must have the WebLogicSSLVersion directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r1 | Unix | |
| OH12-1X-000315 - If using the WebLogic Web Server Proxy Plugin and configuring SSL termination at OHS, OHS must have the WLProxySSL directive enabled to prevent unauthorized disclosure of information during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r1 | Unix | |
| OH12-1X-000321 - OHS must have the SSLFIPS directive enabled to maintain the confidentiality of controlled information during transmission through the use of an approved TLS version. | DISA STIG Oracle HTTP Server 12.1.3 v2r1 | Unix | |
| OH12-1X-000323 - OHS must have the SSLCipherSuite directive enabled to maintain the confidentiality of controlled information during transmission through the use of an approved TLS version. | DISA STIG Oracle HTTP Server 12.1.3 v2r1 | Unix | |
| SOL-11.1-060100 - The operating system must protect the confidentiality of transmitted information. | DISA STIG Solaris 11 SPARC v2r9 | Unix | |
| SOL-11.1-060190 - The operating system must protect the integrity of transmitted information. | DISA STIG Solaris 11 SPARC v2r8 | Unix | |
| SOL-11.1-060190 - The operating system must protect the integrity of transmitted information. | DISA STIG Solaris 11 X86 v2r10 | Unix | |
| UBTU-18-010521 - The Ubuntu operating system must disable all wireless network adapters. | DISA STIG Ubuntu 18.04 LTS v2r11 | Unix | |
| UBTU-18-010521 - The Ubuntu operating system must disable all wireless network adapters. | DISA STIG Ubuntu 18.04 LTS v2r10 | Unix | |
| UBTU-18-010521 - The Ubuntu operating system must disable all wireless network adapters. | DISA STIG Ubuntu 18.04 LTS v2r7 | Unix | |
