Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-001166
CCI
CCI|CCI-001166
Title
Identify organization-defined unacceptable mobile code.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
ARDC-CL-000005 - Adobe Reader DC must enable Enhanced Security in a Standalone Application.
Windows
DISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000010 - Adobe Reader DC must enable Enhanced Security in a Browser.
Windows
DISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000015 - Adobe Reader DC must enable Protected Mode.
Windows
DISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000020 - Adobe Reader DC must enable Protected View.
Windows
DISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000025 - Adobe Reader DC must Block Websites.
Windows
DISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000030 - Adobe Reader DC must block access to Unknown Websites.
Windows
DISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000035 - Adobe Reader DC must prevent opening files other than PDF or FDF.
Windows
DISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CL-000045 - Adobe Reader DC must block Flash Content.
Windows
DISA STIG Adobe Acrobat Reader DC Classic Track v2r1
ARDC-CN-000005 - Adobe Reader DC must enable Enhanced Security in a Standalone Application.
Windows
DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000010 - Adobe Reader DC must enable Enhanced Security in a Browser.
Windows
DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000015 - Adobe Reader DC must enable Protected Mode.
Windows
DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000020 - Adobe Reader DC must enable Protected View.
Windows
DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000025 - Adobe Reader DC must Block Websites.
Windows
DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000030 - Adobe Reader DC must block access to Unknown Websites.
Windows
DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000035 - Adobe Reader DC must prevent opening files other than PDF or FDF.
Windows
DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
ARDC-CN-000045 - Adobe Reader DC must block Flash Content.
Windows
DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided.
Unix
DISA STIG Apache Server 2.4 Unix Site v2r4
AS24-U2-000030 - The Apache web server must use encryption strength in accordance with the categorization of data hosted by the Apache web server when remote connections are provided.
Unix
DISA STIG Apache Server 2.4 Unix Site v2r4 Middleware
AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLEngine
Windows
DISA STIG Apache Server 2.4 Windows Site v2r1
AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLProtocol
Windows
DISA STIG Apache Server 2.4 Windows Site v2r1
DTBC-0002 - Site tracking users location must be disabled.
Windows
DISA STIG Google Chrome v2r9
DTBC-0038 - Safe Browsing must be enabled.
Windows
DISA STIG Google Chrome v2r9
DTBC-0057 - Safe Browsing Extended Reporting must be disabled.
Windows
DISA STIG Google Chrome v2r9
DTBC-0066 - Anonymized data collection must be disabled.
Windows
DISA STIG Google Chrome v2r9
DTBC-0067 - Collection of WebRTC event logs must be disabled.
Windows
DISA STIG Google Chrome v2r9
DTBC-0069 - Guest Mode must be disabled.
Windows
DISA STIG Google Chrome v2r9
DTBC-0070 - AutoFill for credit cards must be disabled.
Windows
DISA STIG Google Chrome v2r9
DTBC-0071 - AutoFill for addresses must be disabled.
Windows
DISA STIG Google Chrome v2r9
DTBC-0072 - Import AutoFill form data must be disabled.
Windows
DISA STIG Google Chrome v2r9
DTBI590-IE11 - Internet Explorer Processes for MIME handling must be enforced. (Reserved)
Windows
DISA STIG IE 11 v2r5
DTBI592-IE11 - Internet Explorer Processes for MIME handling must be enforced (Explorer).
Windows
DISA STIG IE 11 v2r5
DTBI594-IE11 - Internet Explorer Processes for MIME handling must be enforced (iexplore).
Windows
DISA STIG IE 11 v2r5
DTBI595-IE11 - Internet Explorer Processes for MIME sniffing must be enforced (Reserved).
Windows
DISA STIG IE 11 v2r5
DTBI596-IE11 - Internet Explorer Processes for MIME sniffing must be enforced (Explorer).
Windows
DISA STIG IE 11 v2r5
DTBI597-IE11 - Internet Explorer Processes for MIME sniffing must be enforced (iexplore).
Windows
DISA STIG IE 11 v2r5
DTBI740-IE11 - Managing SmartScreen Filter use must be enforced.
Windows
DISA STIG IE 11 v2r5
IIST-SV-000130 - Java software installed on a production IIS 10.0 web server must be limited to .class files and the Java Virtual Machine.
Windows
DISA IIS 10.0 Server v2r10
IIST-SV-000130 - Java software installed on a production IIS 10.0 web server must be limited to .class files and the Java Virtual Machine.
Windows
DISA IIS 10.0 Server v3r1
IISW-SV-000130 - Java software installed on a production IIS 8.5 web server must be limited to .class files and the Java Virtual Machine.
Windows
DISA IIS 8.5 Server v2r7
JUSX-IP-000008 - The Juniper Networks SRX Series Gateway IDPS must detect, at a minimum, mobile code that is unsigned or exhibiting unusual behavior, has not undergone a risk assessment, or is prohibited for use based on a risk assessment.
Juniper
DISA Juniper SRX Services Gateway IDPS v2r1
OH12-1X-000265 - OHS utilizing mobile code must meet DoD-defined mobile code requirements.
Unix
DISA STIG Oracle HTTP Server 12.1.3 v2r2