| GEN000920 - The root account's home directory (other than /) must have mode 0700 - Not Applicable | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN000930 - The root account's home directory must not have an extended ACL. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN001371 - The /etc/nsswitch.conf file must be owned by root - Not Applicable | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN001372 - The /etc/nsswitch.conf file must be group-owned by root, bin, sys, or system - Not Applicable | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN001373 - The /etc/nsswitch.conf file must have mode 0644 or less permissive - Not Applicable | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN001374 - The /etc/nsswitch.conf file must not have an extended ACL. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN001475 - The /etc/group file must not contain any group password hashes. | DISA AIX 5.3 STIG v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN001540 - All files and directories contained in interactive user's home directories must be owned by the home directory's owner. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN001550 - All files and directories in user's home directories must be group-owned by a group the home directory's owner is member. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN001570 - All files and directories contained in user home directories must not have extended ACLs. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN001590 - All run control scripts must have no extended ACLs - '/etc/init.d' | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN001640 - Run control scripts must not execute world-writable programs or scripts. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN001700 - System start-up files must only execute programs owned by a privileged UID or an application. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN001730 - All global initialization files must not have extended ACLs - '/etc/profile' | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN001730 - All global initialization files must not have extended ACLs - '/etc/security/.profile' | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN001810 - Skeleton files must not have extended ACLs - '/etc/security/.profile' | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN001940 - User start-up files must not execute world-writable programs. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN002200 - All shell files must be owned by root or bin. | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002210 - All shell files must be group-owned by root, bin, sys, or system. | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002220 - All shell files must have mode 0755 or less permissive. | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN002280 - Device files and directories must only be writable by users with a system account or as configured by the vendor. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN002520 - All public directories must be owned by root or an application account. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN002540 - All public directories must be group-owned by system or an application group. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN003000 - Cron must not execute group-writable or world-writable programs. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN003020 - Cron must not execute programs in, or subordinate to, world-writable directories. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN003360 - The at daemon must not execute group-writable or world-writable programs. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN003380 - The 'at' daemon must not execute programs in, or subordinate to, world-writable directories. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN003520 - The kernel core dump data directory must be owned by root. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN003521 - The kernel core dump data directory must be group-owned by bin, sys, or system. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN003522 - The kernel core dump data directory must have mode 0700 or less permissive. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN003523 - The kernel core dump data directory must not have an extended ACL. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN004220 - Administrative accounts must not run a web browser, except as needed for local service administration. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN004400 - Files executed through a mail aliases file must be owned by root. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN004410 - Files executed through a mail aliases file must be group-owned by root, bin, sys, or other. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN004420 - Files executed through a mail aliases file must have mode 0755 or less permissive. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN004430 - Files executed through a mail aliases file must not have extended ACLs. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN004900 - The ftpusers file must contain account names not allowed to use FTP. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN005000 - Anonymous FTP accounts must not have a functional shell. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN005120 - The TFTP daemon must be configured to vendor specs including a home directory owned by the TFTP user | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN005120 - The TFTP daemon must be configured to vendor specs including a home directory owned by the TFTP user - 'tftp user exists' | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005120 - The TFTP daemon must be configured to vendor specs including a home directory owned by the TFTP user - 'tftp user shell' | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005140 - Any active TFTP daemon must be authorized and approved in the system accreditation package. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN005200 - X displays must not be exported to the world. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN005240 - The .Xauthority utility must only permit access to authorized hosts. | DISA AIX 5.3 STIG v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN005340 - Management Information Base (MIB) files must have mode 0640 or less permissive. | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005521 - The SSH daemon must restrict login ability to specific users and/or groups. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN005536 - The SSH daemon must perform strict mode checking of home directory configuration files. | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005800 - All NFS-exported system files and system directories must be owned by root. | DISA AIX 5.3 STIG v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN005810 - All NFS-exported system files and system directories must be group-owned by root, bin, sys, or system. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
| GEN005880 - The NFS server must not allow remote root access. | DISA AIX 5.3 STIG v1r2 | Unix | ACCESS CONTROL |
