Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-002530
CCI
CCI|CCI-002530
Title
Maintain a separate execution domain for each executing system process.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
AADC-CL-000205 - Adobe Acrobat Pro DC Classic Enhanced Security for standalone mode must be enabled.
Windows
DISA STIG Adobe Acrobat Pro DC Classic Track v2r1
AADC-CL-000210 - Adobe Acrobat Pro DC Classic Enhanced Security for browser mode must be enabled.
Windows
DISA STIG Adobe Acrobat Pro DC Classic Track v2r1
AADC-CL-001010 - Adobe Acrobat Pro DC Classic Protected Mode must be enabled.
Windows
DISA STIG Adobe Acrobat Pro DC Classic Track v2r1
AADC-CL-001015 - Adobe Acrobat Pro DC Classic Protected View must be enabled.
Windows
DISA STIG Adobe Acrobat Pro DC Classic Track v2r1
AADC-CN-000205 - Adobe Acrobat Pro DC Continuous Enhanced Security for standalone mode must be enabled.
Windows
DISA STIG Adobe Acrobat Pro DC Continuous Track v2r1
AADC-CN-000210 - Adobe Acrobat Pro DC Continuous Enhanced Security for browser mode must be enabled.
Windows
DISA STIG Adobe Acrobat Pro DC Continuous Track v2r1
AADC-CN-001010 - Adobe Acrobat Pro DC Continuous Protected Mode must be enabled.
Windows
DISA STIG Adobe Acrobat Pro DC Continuous Track v2r1
AADC-CN-001015 - Adobe Acrobat Pro DC Continuous Protected View must be enabled.
Windows
DISA STIG Adobe Acrobat Pro DC Continuous Track v2r1
ADBP-XI-000205 - Adobe Acrobat Pro XI Enhanced Security for standalone mode must be enabled.
Windows
DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2
ADBP-XI-000210 - Adobe Acrobat Pro XI Enhanced Security for browser mode must be enabled.
Windows
DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2
ADBP-XI-001010 - Adobe Acrobat Pro XI Protected Mode must be enabled.
Windows
DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2
ADBP-XI-001015 - Adobe Acrobat Pro XI Protected View must be enabled.
Windows
DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2
AIOS-15-009700 - Apple iOS/iPadOS 15 must not allow non-DoD applications to access DoD data.
MDM
MobileIron - DISA Apple iOS/iPadOS 14 v1r4
AIOS-15-009700 - Apple iOS/iPadOS 15 must not allow non-DoD applications to access DoD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 14 v1r4
AIOS-16-009700 - Apple iOS/iPadOS 16 must not allow non-DoD applications to access DoD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 16 v2r1
AIOS-16-009700 - Apple iOS/iPadOS 16 must not allow non-DoD applications to access DoD data.
MDM
MobileIron - DISA Apple iOS/iPadOS 16 v2r1
AIOS-16-709700 - Apple iOS/iPadOS 16 must not allow non-DOD applications to access DOD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r1
AIOS-16-709700 - Apple iOS/iPadOS 16 must not allow non-DOD applications to access DOD data.
MDM
MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r1
AIOS-16-714900 - Apple iOS/iPadOS 16 must not allow DOD applications to access non-DOD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r1
AIOS-16-714900 - Apple iOS/iPadOS 16 must not allow DOD applications to access non-DOD data.
MDM
MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r1
AIOS-17-009700 - Apple iOS/iPadOS 17 must not allow non-DOD applications to access DOD data.
MDM
MobileIron - DISA Apple iOS/iPadOS 17 v2r1
AIOS-17-009700 - Apple iOS/iPadOS 17 must not allow non-DOD applications to access DOD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 17 v2r1
AIOS-17-709700 - Apple iOS/iPadOS 17 must not allow non-DOD applications to access DOD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1
AIOS-17-709700 - Apple iOS/iPadOS 17 must not allow non-DOD applications to access DOD data.
MDM
MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1
AIOS-17-714900 - Apple iOS/iPadOS 17 must not allow DOD applications to access non-DOD data.
MDM
MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1
AIOS-17-714900 - Apple iOS/iPadOS 17 must not allow DOD applications to access non-DOD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1
AIOS-18-009700 - Apple iOS/iPadOS 18 must not allow non-DOD applications to access DOD data.
MDM
MobileIron - DISA Apple iOS/iPadOS 18 v1r1
AIOS-18-009700 - Apple iOS/iPadOS 18 must not allow non-DOD applications to access DOD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 18 v1r1
APPNET0065 - Trust must be established prior to enabling the loading of remote code in .Net 4.
Windows
DISA STIG for Microsoft Dot Net Framework 4.0 v2r4
APPNET0070 - Software utilizing .Net 4.0 must be identified and relevant access controls configured.
Windows
DISA STIG for Microsoft Dot Net Framework 4.0 v2r4
CNTR-R2-000970 Rancher RKE2 runtime must maintain separate execution domains for each container by assigning each container a separate address space to prevent unauthorized and unintended information transfer via shared system resources.
Unix
DISA Rancher Government Solutions RKE2 STIG v2r2
EX13-CA-000140 - Exchange software must be installed on a separate partition from the OS.
Windows
DISA Microsoft Exchange 2013 Client Access Server STIG v2r2
EX13-EG-000310 - Exchange software must be installed on a separate partition from the OS.
Windows
DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6
EX13-MB-000310 - The Exchange Email application must not share a partition with another application.
Windows
DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3
EX16-ED-000620 - Exchange software must be installed on a separate partition from the OS.
Windows
DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r5
EX16-MB-000620 - The Exchange Email application must not share a partition with another application.
Windows
DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6
EX19-ED-000230 - Exchange software must be installed on a separate partition from the OS.
Windows
DISA Microsoft Exchange 2019 Edge Server STIG v2r1
EX19-MB-000229 - The Exchange email application must not share a partition with another application.
Windows
DISA Microsoft Exchange 2019 Mailbox Server STIG v2r2
GOOG-12-008900 - Google Android 12 must be configured to disable exceptions to the access control policy that prevent [selection: application processes, groups of application processes] from accessing [selection: all, private] data stored by other [selection: application processes, groups of application processes].
MDM
AirWatch - DISA Google Android 12 COPE v1r2
GOOG-12-008900 - Google Android 12 must be configured to disable exceptions to the access control policy that prevent [selection: application processes, groups of application processes] from accessing [selection: all, private] data stored by other [selection: application processes, groups of application processes].
MDM
MobileIron - DISA Google Android 12 COPE v1r2
GOOG-13-008900 - Google Android 13 must be configured to disable exceptions to the access control policy that prevent [selection: application processes, groups of application processes] from accessing [selection: all, private] data stored by other [selection: application processes, groups of application processes].
MDM
AirWatch - DISA Google Android 13 COPE v2r1
GOOG-13-708900 - Google Android 13 must be configured to disable exceptions to the access control policy that prevent [selection: application processes, groups of application processes] from accessing [selection: all, private] data stored by other [selection: application processes, groups of application processes].
MDM
AirWatch - DISA Google Android 13 BYOD v1r2
GOOG-13-708900 - Google Android 13 must be configured to disable exceptions to the access control policy that prevent [selection: application processes, groups of application processes] from accessing [selection: all, private] data stored by other [selection: application processes, groups of application processes].
MDM
MobileIron - DISA Google Android 13 BYOD v1r2
GOOG-14-008900 - Google Android 14 must be configured to disable exceptions to the access control policy that prevent [selection: application processes, groups of application processes] from accessing [selection: all, private] data stored by other [selection: application processes, groups of application processes].
MDM
AirWatch - DISA Google Android 14 COPE v2r1
GOOG-14-708900 - Google Android 14 must be configured to disable exceptions to the access control policy that prevent [selection: application processes, groups of application processes] from accessing [selection: all, private] data stored by other [selection: application processes, groups of application processes].
MDM
AirWatch - DISA Google Android 14 BYOAD v1r1
MSFT-11-004500 - Microsoft Android 11 must be configured to disable exceptions to the access control policy that prevent application processes from accessing all data stored by other application processes - Copy/Paste
MDM
MobileIron - DISA Microsoft Android 11 COPE v1r2
MSFT-11-004500 - Microsoft Android 11 must be configured to disable exceptions to the access control policy that prevent application processes from accessing all data stored by other application processes - Sharing data into the profile
MDM
MobileIron - DISA Microsoft Android 11 COPE v1r2
MSFT-11-004500 - Microsoft Android 11 must be configured to disable exceptions to the access control policy that prevent application processes from accessing all data stored by other application processes.
MDM
AirWatch - DISA Microsoft Android 11 COPE v1r2
SQL6-D0-012300 - SQL Server must maintain a separate execution domain for each executing process.
MS_SQLDB
DISA STIG SQL Server 2016 Instance DB Audit v3r2
SQL6-D0-012400 - SQL Server services must be configured to run under unique dedicated user accounts.
MS_SQLDB
DISA STIG SQL Server 2016 Instance DB Audit v3r2