| 1.1 Ensure packages are obtained from authorized repositories | CIS PostgreSQL 11 OS v1.0.0 | Unix | CONFIGURATION MANAGEMENT |
| 1.3 Ensure Installation of Community Packages | CIS PostgreSQL 11 OS v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 1.41 WN19-00-000410 | CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.41 WN19-00-000410 | CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.41 WN22-00-000410 | CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II | Windows | CONFIGURATION MANAGEMENT |
| 1.41 WN22-00-000410 | CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II | Windows | CONFIGURATION MANAGEMENT |
| 2.19 Set 'Require client MAPI encryption' to 'True' | CIS Microsoft Exchange Server 2016 CAS v1.0.0 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| 7 - File system permissions of log files | TNS Best Practice JBoss 7 Linux | Unix | CONFIGURATION MANAGEMENT |
| Adtran : Disable WEP security mode | TNS Adtran AOS Best Practice Audit | Adtran | ACCESS CONTROL |
| Adtran : Enable security mode on virtual access point (VAP) | TNS Adtran AOS Best Practice Audit | Adtran | ACCESS CONTROL |
| AMLS-L2-000130 - The Arista Multilayer Switch must authenticate all endpoint devices before establishing a network connection using bidirectional authentication that is cryptographically based - dot1x system-auth-control | DISA STIG Arista MLS DCS-7000 Series L2S v1r3 | Arista | IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000010 - HTTP management session traffic must be encrypted. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | ACCESS CONTROL |
| JBOS-AS-000015 - HTTPS must be enabled for JBoss web interfaces. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | ACCESS CONTROL |
| JBOS-AS-000035 - The JBoss server must be configured with Role Based Access Controls. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | ACCESS CONTROL |
| JBOS-AS-000045 - Silent Authentication must be removed from the Default Application Security Realm. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | ACCESS CONTROL |
| JBOS-AS-000050 - Silent Authentication must be removed from the Default Management Security Realm. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | ACCESS CONTROL |
| JBOS-AS-000075 - JBoss management interfaces must be secured. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | ACCESS CONTROL |
| JBOS-AS-000080 - The JBoss server must generate log records for access and authentication events to the management interface. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000085 - JBoss must be configured to allow only the ISSM (or individuals or roles appointed by the ISSM) to select which loggable events are to be logged. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000135 - JBoss ROOT logger must be configured to utilize the appropriate logging level. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000165 - File permissions must be configured to protect log information from any type of unauthorized read access. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000170 - File permissions must be configured to protect log information from unauthorized modification. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000175 - File permissions must be configured to protect log information from unauthorized deletion. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000195 - JBoss log records must be off-loaded onto a different system or system component a minimum of every seven days. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000220 - JBoss process owner interactive access must be restricted. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | CONFIGURATION MANAGEMENT |
| JBOS-AS-000225 - Google Analytics must be disabled in EAP Console. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | CONFIGURATION MANAGEMENT |
| JBOS-AS-000230 - JBoss process owner execution permissions must be limited. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | CONFIGURATION MANAGEMENT |
| JBOS-AS-000240 - Remote access to JMX subsystem must be disabled. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | CONFIGURATION MANAGEMENT |
| JBOS-AS-000245 - Welcome Web Application must be disabled - Welcome Web Application must be disabled. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | CONFIGURATION MANAGEMENT |
| JBOS-AS-000285 - The JBoss server must be configured to bind the management interfaces to only management networks. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000290 - JBoss management Interfaces must be integrated with a centralized authentication mechanism that is configured to manage accounts according to DoD policy. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000295 - The JBoss Password Vault must be used for storing passwords or other sensitive configuration information. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000355 - The JBoss server must separate hosted application functionality from application server management functionality. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JBOS-AS-000400 - JBoss file permissions must be configured to protect the confidentiality and integrity of application files. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JBOS-AS-000425 - Access to JBoss log files must be restricted to authorized users. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| JBOS-AS-000475 - The application server must prevent non-privileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | ACCESS CONTROL |
| JBOS-AS-000480 - The JBoss server must be configured to log all admin activity. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | ACCESS CONTROL |
| JBOS-AS-000505 - The JBoss server must be configured to utilize syslog logging. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | AUDIT AND ACCOUNTABILITY |
| JBOS-AS-000545 - Production JBoss servers must not allow automatic application deployment. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | CONFIGURATION MANAGEMENT |
| JBOS-AS-000550 - Production JBoss servers must log when failed application deployments occur. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | CONFIGURATION MANAGEMENT |
| JBOS-AS-000555 - Production JBoss servers must log when successful application deployments occur. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | CONFIGURATION MANAGEMENT |
| JBOS-AS-000650 - JBoss must be configured to use an approved TLS version. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JBOS-AS-000655 - JBoss must be configured to use an approved cryptographic algorithm in conjunction with TLS. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| JBOS-AS-000680 - Production JBoss servers must be supported by the vendor. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| JBOS-AS-000685 - The JRE installed on the JBoss server must be kept up to date. | DISA JBoss Enterprise Application Platform 6.3 STIG v2r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WN12-00-000220 - Windows PowerShell 2.0 must not be installed on Windows 2012/2012 R2. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN12-00-000220 - Windows PowerShell 2.0 must not be installed on Windows 2012/2012 R2. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN19-00-000410 - Windows Server 2019 must not have Windows PowerShell 2.0 installed. | DISA Microsoft Windows Server 2019 STIG v3r7 | Windows | CONFIGURATION MANAGEMENT |
| WN19-00-000410 - Windows Server 2019 must not have Windows PowerShell 2.0 installed. | DISA Microsoft Windows Server 2019 STIG v3r5 | Windows | CONFIGURATION MANAGEMENT |
| WN22-00-000410 - Windows Server 2022 must not have Windows PowerShell 2.0 installed. | DISA Microsoft Windows Server 2022 STIG v2r7 | Windows | CONFIGURATION MANAGEMENT |
