Total Doc STIGs
1784
Pending
1777
Awaiting Review
7
Documented
0
Not Required
0
N/A
0
Documentation Compliance Progress
0% Addressed
7 / 1784 STIGs
Documented
Awaiting Review
Not Required
N/A
Pending
Pending Documentation Review (1777)
These STIGs require documentation - link to a document or mark as N/A
| V-Number | Title | Severity | Benchmark | Action |
|---|---|---|---|---|
| V-204758 | The application server must utilize FIPS 140-2 app... | CAT I | Application Server Security Re... | Set Status |
| V-204766 | The application server must generate a unique sess... | CAT I | Application Server Security Re... | Set Status |
| V-204800 | The application server must accept Personal Identi... | CAT I | Application Server Security Re... | Set Status |
| V-204801 | The application server must electronically verify ... | CAT I | Application Server Security Re... | Set Status |
| V-204812 | The application server must implement cryptographi... | CAT I | Application Server Security Re... | Set Status |
| V-204813 | The application must implement cryptographic mecha... | CAT I | Application Server Security Re... | Set Status |
| V-204816 | The application server must protect the confidenti... | CAT I | Application Server Security Re... | Set Status |
| V-204817 | The application server must remove all export ciph... | CAT I | Application Server Security Re... | Set Status |
| V-205647 | Windows Server 2019 PKI certificates associated wi... | CAT I | Microsoft Windows Server 2019 ... | Set Status |
| V-205750 | Windows Server 2019 Act as part of the operating s... | CAT I | Microsoft Windows Server 2019 ... | Set Status |
| V-205753 | Windows Server 2019 Create a token object user rig... | CAT I | Microsoft Windows Server 2019 ... | Set Status |
| V-205757 | Windows Server 2019 Debug programs: user right mus... | CAT I | Microsoft Windows Server 2019 ... | Set Status |
| V-205907 | Windows Server 2019 must be running Credential Gua... | CAT I | Microsoft Windows Server 2019 ... | Set Status |
| V-206390 | The web server must use cryptographic modules that... | CAT I | Web Server Security Requiremen... | Set Status |
| V-206399 | The web server must generate a unique session iden... | CAT I | Web Server Security Requiremen... | Set Status |
| V-206431 | The web server must encrypt user identifiers and p... | CAT I | Web Server Security Requiremen... | Set Status |
| V-206434 | The web server must employ cryptographic mechanism... | CAT I | Web Server Security Requiremen... | Set Status |
| V-206520 | The DBMS must integrate with an organization-level... | CAT I | Database Security Requirements... | Set Status |
| V-206604 | The DBMS must implement cryptographic mechanisms t... | CAT I | Database Security Requirements... | Set Status |
| V-206605 | The DBMS must implement cryptographic mechanisms p... | CAT I | Database Security Requirements... | Set Status |
| V-213496 | Java permissions must be set for hosted applicatio... | CAT I | JBoss Enterprise Application P... | Set Status |
| V-213701 | When using command-line tools such as db2, users m... | CAT I | IBM DB2 V10.5 LUW Security Tec... | Set Status |
| V-213718 | DB2 must prevent non-privileged users from executi... | CAT I | IBM DB2 V10.5 LUW Security Tec... | Set Status |
| V-213900 | SQL Server databases must integrate with an organi... | CAT I | MS SQL Server 2016 Database Se... | Set Status |
| V-213901 | SQL Server must enforce approved authorizations fo... | CAT I | MS SQL Server 2016 Database Se... | Set Status |
| V-213926 | SQL Server must implement cryptographic mechanisms... | CAT I | MS SQL Server 2016 Database Se... | Set Status |
| V-213927 | SQL Server must implement cryptographic mechanisms... | CAT I | MS SQL Server 2016 Database Se... | Set Status |
| V-213930 | SQL Server must integrate with an organization-lev... | CAT I | MS SQL Server 2016 Instance Se... | Set Status |
| V-213932 | SQL Server must enforce approved authorizations fo... | CAT I | MS SQL Server 2016 Instance Se... | Set Status |
| V-213952 | SQL Server software installation account must be r... | CAT I | MS SQL Server 2016 Instance Se... | Set Status |
| V-213967 | Confidentiality of information during transmission... | CAT I | MS SQL Server 2016 Instance Se... | Set Status |
| V-213972 | SQL Server must protect the confidentiality and in... | CAT I | MS SQL Server 2016 Instance Se... | Set Status |
| V-214045 | When using command-line tools such as SQLCMD in a ... | CAT I | MS SQL Server 2016 Instance Se... | Set Status |
| V-214242 | The Apache web server must provide install options... | CAT I | Apache Server 2.4 UNIX Server ... | Set Status |
| V-214273 | The Apache web server software must be a vendor-su... | CAT I | Apache Server 2.4 UNIX Server ... | Set Status |
| V-214321 | The Apache web server must provide install options... | CAT I | Apache Server 2.4 Windows Serv... | Set Status |
| V-214322 | Apache web server application directories, librar... | CAT I | Apache Server 2.4 Windows Serv... | Set Status |
| V-215204 | IF LDAP is used, AIX LDAP client must use SSL to a... | CAT I | IBM AIX 7.x Security Technical... | Set Status |
| V-216076 | X displays must not be exported to the world. | CAT I | Solaris 11 X86 Security Techni... | Set Status |
| V-216311 | X displays must not be exported to the world. | CAT I | Solaris 11 SPARC Security Tech... | Set Status |
| V-218795 | All IIS 10.0 web server sample code, example appli... | CAT I | Microsoft IIS 10.0 Server Secu... | Set Status |
| V-220341 | MarkLogic Server must enforce approved authorizati... | CAT I | MarkLogic Server v9 Security T... | Set Status |
| V-220372 | MarkLogic Server must protect the confidentiality ... | CAT I | MarkLogic Server v9 Security T... | Set Status |
| V-220387 | MarkLogic Server must implement cryptographic mech... | CAT I | MarkLogic Server v9 Security T... | Set Status |
| V-220388 | MarkLogic Server must implement cryptographic mech... | CAT I | MarkLogic Server v9 Security T... | Set Status |
| V-222425 | The application must enforce approved authorizatio... | CAT I | Application Security and Devel... | Set Status |
| V-222430 | The application must execute without excessive acc... | CAT I | Application Security and Devel... | Set Status |
| V-222522 | The application must uniquely identify and authent... | CAT I | Application Security and Devel... | Set Status |
| V-222536 | The application must enforce a minimum 15-characte... | CAT I | Application Security and Devel... | Set Status |
| V-222542 | The application must only store cryptographic repr... | CAT I | Application Security and Devel... | Set Status |
| V-222543 | The application must transmit only cryptographical... | CAT I | Application Security and Devel... | Set Status |
| V-222550 | The application, when utilizing PKI-based authenti... | CAT I | Application Security and Devel... | Set Status |
| V-222551 | The application, when using PKI-based authenticati... | CAT I | Application Security and Devel... | Set Status |
| V-222555 | The application must use mechanisms meeting the re... | CAT I | Application Security and Devel... | Set Status |
| V-222577 | The application must not expose session IDs. | CAT I | Application Security and Devel... | Set Status |
| V-222578 | The application must destroy the session ID value ... | CAT I | Application Security and Devel... | Set Status |
| V-222585 | The application must fail to a secure state if sys... | CAT I | Application Security and Devel... | Set Status |
| V-222588 | The application must implement approved cryptograp... | CAT I | Application Security and Devel... | Set Status |
| V-222589 | The application must use appropriate cryptography ... | CAT I | Application Security and Devel... | Set Status |
| V-222596 | The application must protect the confidentiality a... | CAT I | Application Security and Devel... | Set Status |
| V-222601 | The application must not store sensitive informati... | CAT I | Application Security and Devel... | Set Status |
| V-222602 | The application must protect from Cross-Site Scrip... | CAT I | Application Security and Devel... | Set Status |
| V-222604 | The application must protect from command injectio... | CAT I | Application Security and Devel... | Set Status |
| V-222607 | The application must not be vulnerable to SQL Inje... | CAT I | Application Security and Devel... | Set Status |
| V-222608 | The application must not be vulnerable to XML-orie... | CAT I | Application Security and Devel... | Set Status |
| V-222609 | The application must not be subject to input handl... | CAT I | Application Security and Devel... | Set Status |
| V-222612 | The application must not be vulnerable to overflow... | CAT I | Application Security and Devel... | Set Status |
| V-222620 | Application web servers must be on a separate netw... | CAT I | Application Security and Devel... | Set Status |
| V-222642 | The application must not contain embedded authenti... | CAT I | Application Security and Devel... | Set Status |
| V-222643 | The application must have the capability to mark s... | CAT I | Application Security and Devel... | Set Status |
| V-222658 | All products must be supported by the vendor or th... | CAT I | Application Security and Devel... | Set Status |
| V-223439 | IBM z/OS must protect dynamic lists in accordance ... | CAT I | IBM z/OS ACF2 Security Technic... | Set Status |
| V-223442 | CA-ACF2 must limit all system PROCLIB data sets to... | CAT I | IBM z/OS ACF2 Security Technic... | Set Status |
| V-223668 | IBM z/OS must protect dynamic lists in accordance ... | CAT I | IBM z/OS RACF Security Technic... | Set Status |
| V-223687 | IBM RACF must limit all system PROCLIB data sets t... | CAT I | IBM z/OS RACF Security Technic... | Set Status |
| V-223915 | CA-TSS must limit all system PROCLIB data sets to ... | CAT I | IBM z/OS TSS Security Technica... | Set Status |
| V-223917 | IBM z/OS must protect dynamic lists in accordance ... | CAT I | IBM z/OS TSS Security Technica... | Set Status |
| V-223967 | The CA-TSS BYPASS attribute must be limited to tru... | CAT I | IBM z/OS TSS Security Technica... | Set Status |
| V-223969 | CA-TSS ACIDs granted the CONSOLE attribute must be... | CAT I | IBM z/OS TSS Security Technica... | Set Status |
| V-224993 | PKI certificates associated with user accounts mus... | CAT I | Microsoft Windows Server 2016 ... | Set Status |
| V-225071 | The Act as part of the operating system user right... | CAT I | Microsoft Windows Server 2016 ... | Set Status |
| V-225079 | The Debug programs user right must only be assigne... | CAT I | Microsoft Windows Server 2016 ... | Set Status |
| V-225091 | The Create a token object user right must not be a... | CAT I | Microsoft Windows Server 2016 ... | Set Status |
| V-228658 | The Palo Alto Networks security platform must term... | CAT I | Palo Alto Networks NDM Securit... | Set Status |
| V-228670 | The Palo Alto Networks security platform must not ... | CAT I | Palo Alto Networks NDM Securit... | Set Status |
| V-230971 | Forescout must only allow authorized administrator... | CAT I | Forescout Network Device Manag... | Set Status |
| V-233096 | For accounts using password authentication, the co... | CAT I | Container Platform Security Re... | Set Status |
| V-233220 | The container platform keystore must implement enc... | CAT I | Container Platform Security Re... | Set Status |
| V-233314 | Forescout must be configured so that all client ma... | CAT I | Forescout Network Access Contr... | Set Status |
| V-233515 | PostgreSQL must integrate with an organization-lev... | CAT I | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233520 | PostgreSQL must enforce approved authorizations fo... | CAT I | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233583 | PostgreSQL must implement NIST FIPS 140-2 or 140-3... | CAT I | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233585 | PostgreSQL must implement NIST FIPS 140-2 or 140-3... | CAT I | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233586 | PostgreSQL must protect the confidentiality and in... | CAT I | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233614 | PostgreSQL must prevent non-privileged users from ... | CAT I | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233619 | PostgreSQL must use NIST FIPS 140-2 or 140-3 valid... | CAT I | Crunchy Data PostgreSQL Securi... | Set Status |
| V-234831 | All SUSE operating system persistent disk partitio... | CAT I | SUSE Linux Enterprise Server 1... | Set Status |
| V-235095 | MySQL Database Server 8.0 must integrate with an o... | CAT I | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235141 | The MySQL Database Server 8.0 must enforce approve... | CAT I | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235192 | The MySQL Database Server 8.0 must implement crypt... | CAT I | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235193 | The MySQL Database Server 8.0 must implement crypt... | CAT I | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-239864 | The Cisco ASA must be configured to implement scan... | CAT I | Cisco ASA Firewall Security Te... | Set Status |
| V-243454 | A Windows PAW used to manage domain controllers an... | CAT I | Microsoft Windows PAW Security... | Set Status |
| V-243482 | Interconnections between DoD directory services of... | CAT I | Active Directory Domain Securi... | Set Status |
| V-243483 | A controlled interface must have interconnections ... | CAT I | Active Directory Domain Securi... | Set Status |
| V-245735 | Protected Distribution System (PDS) Construction -... | CAT I | Traditional Security Checklist | Set Status |
| V-245759 | Foreign National (FN) Systems Access - Local Natio... | CAT I | Traditional Security Checklist | Set Status |
| V-245763 | Foreign National System Access - FN or Immigrant A... | CAT I | Traditional Security Checklist | Set Status |
| V-245764 | Foreign National (FN) System Access - FN or Immigr... | CAT I | Traditional Security Checklist | Set Status |
| V-245765 | Foreign National (FN) Physical Access Control - Ar... | CAT I | Traditional Security Checklist | Set Status |
| V-245767 | Foreign National (FN) Administrative Controls - Pr... | CAT I | Traditional Security Checklist | Set Status |
| V-245788 | Information Assurance - Network Connections - Phys... | CAT I | Traditional Security Checklist | Set Status |
| V-245800 | Information Security (INFOSEC) - Vault Storage/Con... | CAT I | Traditional Security Checklist | Set Status |
| V-245829 | Classified Monitors/Displays (Physical Control of ... | CAT I | Traditional Security Checklist | Set Status |
| V-245830 | Monitor Screens - Disable Access by CAC or Token R... | CAT I | Traditional Security Checklist | Set Status |
| V-250335 | Multifactor authentication for network access to p... | CAT I | IBM WebSphere Liberty Server S... | Set Status |
| V-251040 | SQL Server must use NSA-approved cryptography to p... | CAT I | MS SQL Server 2016 Database Se... | Set Status |
| V-251184 | Redis Enterprise DBMS must integrate with an organ... | CAT I | Redis Enterprise 6.x Security ... | Set Status |
| V-251185 | Redis Enterprise DBMS must enforce approved author... | CAT I | Redis Enterprise 6.x Security ... | Set Status |
| V-251226 | Redis Enterprise DBMS must enforce authorized acce... | CAT I | Redis Enterprise 6.x Security ... | Set Status |
| V-251228 | Redis Enterprise DBMS must obscure feedback of aut... | CAT I | Redis Enterprise 6.x Security ... | Set Status |
| V-251236 | Access to the Redis Enterprise control plane must ... | CAT I | Redis Enterprise 6.x Security ... | Set Status |
| V-251242 | Redis Enterprise DBMS must protect the confidentia... | CAT I | Redis Enterprise 6.x Security ... | Set Status |
| V-251243 | Redis Enterprise DBMS must implement cryptographic... | CAT I | Redis Enterprise 6.x Security ... | Set Status |
| V-251244 | Redis Enterprise DBMS must implement cryptographic... | CAT I | Redis Enterprise 6.x Security ... | Set Status |
| V-251794 | The NSX-T Manager must be running a release that i... | CAT I | VMware NSX-T Manager NDM Secur... | Set Status |
| V-252200 | The HPE Nimble must be running an operating system... | CAT I | HPE Nimble Storage Array NDM S... | Set Status |
| V-253512 | DocAve must use TLS 1.2, at a minimum, to protect ... | CAT I | AvePoint DocAve 6 Security Tec... | Set Status |
| V-253667 | MariaDB must integrate with an organization-level ... | CAT I | MariaDB Enterprise 10.x Securi... | Set Status |
| V-253668 | MariaDB must enforce approved authorizations for l... | CAT I | MariaDB Enterprise 10.x Securi... | Set Status |
| V-253703 | MariaDB must use NIST FIPS 140-2/140-3 validated c... | CAT I | MariaDB Enterprise 10.x Securi... | Set Status |
| V-254414 | Windows Server 2022 PKI certificates associated wi... | CAT I | Microsoft Windows Server 2022 ... | Set Status |
| V-254441 | Windows Server 2022 must be running Credential Gua... | CAT I | Microsoft Windows Server 2022 ... | Set Status |
| V-254492 | Windows Server 2022 Act as part of the operating s... | CAT I | Microsoft Windows Server 2022 ... | Set Status |
| V-254496 | Windows Server 2022 create a token object user rig... | CAT I | Microsoft Windows Server 2022 ... | Set Status |
| V-254500 | Windows Server 2022 debug programs user right must... | CAT I | Microsoft Windows Server 2022 ... | Set Status |
| V-254553 | Rancher RKE2 must protect authenticity of communic... | CAT I | Rancher Government Solutions R... | Set Status |
| V-255301 | Azure SQL Databases must integrate with Azure Acti... | CAT I | Microsoft Azure SQL Database S... | Set Status |
| V-255302 | Azure SQL Database must enforce approved authoriza... | CAT I | Microsoft Azure SQL Database S... | Set Status |
| V-255303 | Azure SQL Database must enforce approved authoriza... | CAT I | Microsoft Azure SQL Database S... | Set Status |
| V-255321 | Azure SQL Database must implement cryptographic me... | CAT I | Microsoft Azure SQL Database S... | Set Status |
| V-255322 | Azure SQL Database must implement cryptographic me... | CAT I | Microsoft Azure SQL Database S... | Set Status |
| V-255827 | The WebSphere Application Server bus security must... | CAT I | IBM WebSphere Traditional V9.x... | Set Status |
| V-255870 | The WebSphere Application Server application secur... | CAT I | IBM WebSphere Traditional V9.x... | Set Status |
| V-255873 | The WebSphere Application Server default keystore ... | CAT I | IBM WebSphere Traditional V9.x... | Set Status |
| V-256841 | Compliance Guardian must use TLS 1.2, at a minimum... | CAT I | AvePoint Compliance Guardian S... | Set Status |
| V-256890 | Connection to the Internet for IBM remote support ... | CAT I | IBM Hardware Management Consol... | Set Status |
| V-257513 | OpenShift role-based access controls (RBAC) must b... | CAT I | Red Hat OpenShift Container Pl... | Set Status |
| V-259867 | For Infrastructure as a Service (IaaS)/Platform as... | CAT I | Cloud Computing Mission Owner ... | Set Status |
| V-259872 | The Mission Owner must configure the customer serv... | CAT I | Cloud Computing Mission Owner ... | Set Status |
| V-259885 | The Mission Owner must select and configure an Imp... | CAT I | Cloud Computing Mission Owner ... | Set Status |
| V-259886 | The Mission Owner must select and configure an Imp... | CAT I | Cloud Computing Mission Owner ... | Set Status |
| V-259887 | The Mission Owners must select and configure a clo... | CAT I | Cloud Computing Mission Owner ... | Set Status |
| V-260650 | Ubuntu 22.04 LTS must implement NIST FIPS-validate... | CAT I | Canonical Ubuntu 22.04 LTS Sec... | Set Status |
| V-261858 | PostgreSQL must integrate with an organization-lev... | CAT I | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261859 | PostgreSQL must enforce approved authorizations fo... | CAT I | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261896 | PostgreSQL must use NIST FIPS 140-2/140-3 validate... | CAT I | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261901 | PostgreSQL must protect the confidentiality and in... | CAT I | Crunchy Data Postgres 16 Secur... | Set Status |
| V-265292 | The NSX Manager must assign users/accounts to orga... | CAT I | VMware NSX 4.x Manager NDM Sec... | Set Status |
| V-265296 | The NSX Manager must be configured to integrate wi... | CAT I | VMware NSX 4.x Manager NDM Sec... | Set Status |
| V-265352 | The NSX Manager must be running a release that is ... | CAT I | VMware NSX 4.x Manager NDM Sec... | Set Status |
| V-265870 | Microsoft SQL Server products must be a version su... | CAT I | MS SQL Server 2016 Instance Se... | Set Status |
| V-265874 | MarkLogic Server must be a version supported by th... | CAT I | MarkLogic Server v9 Security T... | Set Status |
| V-265880 | Redis Enterprise products must be a version suppor... | CAT I | Redis Enterprise 6.x Security ... | Set Status |
| V-265905 | MongoDB must integrate with an organization-level ... | CAT I | MongoDB Enterprise Advanced 7.... | Set Status |
| V-265906 | MongoDB must enforce approved authorizations for l... | CAT I | MongoDB Enterprise Advanced 7.... | Set Status |
| V-265921 | MongoDB must obscure feedback of authentication in... | CAT I | MongoDB Enterprise Advanced 7.... | Set Status |
| V-265922 | MongoDB must use NIST FIPS 140-2 or 140-3 validate... | CAT I | MongoDB Enterprise Advanced 7.... | Set Status |
| V-265926 | MongoDB must protect the confidentiality and integ... | CAT I | MongoDB Enterprise Advanced 7.... | Set Status |
| V-266084 | The F5 BIG-IP appliance must be configured to proh... | CAT I | F5 BIG-IP TMOS NDM Security Te... | Set Status |
| V-266150 | The F5 BIG-IP appliance must be configured to proh... | CAT I | F5 BIG-IP TMOS ALG Security Te... | Set Status |
| V-266255 | The F5 BIG-IP appliance must be configured to use ... | CAT I | F5 BIG-IP TMOS Firewall Securi... | Set Status |
| V-269099 | Windows Server running Active Directory Certificat... | CAT I | Active Directory Forest Securi... | Set Status |
| V-269788 | The Dell OS10 Switch must use FIPS 140-2 approved ... | CAT I | Dell OS10 Switch NDM Security ... | Set Status |
| V-269796 | The Dell OS10 Switch must use FIPS-validated Keyed... | CAT I | Dell OS10 Switch NDM Security ... | Set Status |
| V-269797 | The Dell OS10 Switch must be configured to impleme... | CAT I | Dell OS10 Switch NDM Security ... | Set Status |
| V-270499 | Oracle Database must integrate with an organizatio... | CAT I | Oracle Database 19c Security T... | Set Status |
| V-270513 | Oracle Database products must be a version support... | CAT I | Oracle Database 19c Security T... | Set Status |
| V-270531 | The Oracle Listener must be configured to require ... | CAT I | Oracle Database 19c Security T... | Set Status |
| V-270544 | Database administrator (DBA) OS accounts must be g... | CAT I | Oracle Database 19c Security T... | Set Status |
| V-270564 | Oracle Database must, for password-based authentic... | CAT I | Oracle Database 19c Security T... | Set Status |
| V-270568 | When using command-line tools such as Oracle SQL*P... | CAT I | Oracle Database 19c Security T... | Set Status |
| V-270569 | Oracle Database must use NIST-validated FIPS 140-2... | CAT I | Oracle Database 19c Security T... | Set Status |
| V-270574 | Oracle Database must take steps to protect data at... | CAT I | Oracle Database 19c Security T... | Set Status |
| V-270744 | Ubuntu 24.04 LTS must implement NIST FIPS-validate... | CAT I | Canonical Ubuntu 24.04 LTS Sec... | Set Status |
| V-271118 | SQL Server must integrate with an organization-lev... | CAT I | Microsoft SQL Server 2022 Data... | Set Status |
| V-271119 | SQL Server must enforce approved authorizations fo... | CAT I | Microsoft SQL Server 2022 Data... | Set Status |
| V-271199 | SQL Server must use NSA-approved cryptography to p... | CAT I | Microsoft SQL Server 2022 Data... | Set Status |
| V-271201 | SQL Server must implement cryptographic mechanisms... | CAT I | Microsoft SQL Server 2022 Data... | Set Status |
| V-271264 | SQL Server must be configured to use the most-secu... | CAT I | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271265 | SQL Server must integrate with an organization-lev... | CAT I | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271266 | SQL Server must enforce approved authorizations fo... | CAT I | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271286 | SQL Server software installation account must be r... | CAT I | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271306 | Contained databases must use Windows principals. | CAT I | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271310 | Confidentiality of information during transmission... | CAT I | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271313 | When using command-line tools such as SQLCMD in a ... | CAT I | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271324 | SQL Server must protect the confidentiality and in... | CAT I | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271365 | Microsoft SQL Server products must be a version su... | CAT I | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271927 | The Cisco ACI must be configured to assign appropr... | CAT I | Cisco ACI NDM Security Technic... | Set Status |
| V-274710 | The API must use TLS version 1.2 at a minimum. | CAT I | Application Programming Interf... | Set Status |
| V-275735 | Ubuntu OS must implement NIST FIPS-validated crypt... | CAT I | Riverbed NetIM OS Security Tec... | Set Status |
| V-276225 | Azure SQL Managed Instances must integrate with Mi... | CAT I | Microsoft Azure SQL Managed In... | Set Status |
| V-276226 | Azure SQL Managed Instance must enforce approved a... | CAT I | Microsoft Azure SQL Managed In... | Set Status |
| V-276293 | Azure SQL Managed Instance must enforce approved a... | CAT I | Microsoft Azure SQL Managed In... | Set Status |
| V-276323 | When using command-line tools with Azure SQL Serve... | CAT I | Microsoft Azure SQL Managed In... | Set Status |
| V-277185 | The macOS system must install security-relevant so... | CAT I | Apple macOS 26 (Tahoe) Securit... | Set Status |
| V-278161 | Windows Server 2025 PKI certificates associated wi... | CAT I | Microsoft Windows Server 2025 ... | Set Status |
| V-278190 | Windows Server 2025 must be running Credential Gua... | CAT I | Microsoft Windows Server 2025 ... | Set Status |
| V-278242 | The Windows Server 2025 "Act as part of the operat... | CAT I | Microsoft Windows Server 2025 ... | Set Status |
| V-278246 | The Windows Server 2025 "Create a token object" us... | CAT I | Microsoft Windows Server 2025 ... | Set Status |
| V-278250 | The Windows Server 2025 "Debug programs" user righ... | CAT I | Microsoft Windows Server 2025 ... | Set Status |
| V-279332 | MongoDB must integrate with an organization-level ... | CAT I | MongoDB Enterprise Advanced 8.... | Set Status |
| V-279333 | MongoDB must enforce approved authorizations for l... | CAT I | MongoDB Enterprise Advanced 8.... | Set Status |
| V-279353 | MongoDB must obscure feedback of authentication in... | CAT I | MongoDB Enterprise Advanced 8.... | Set Status |
| V-279354 | MongoDB must use NIST FIPS 140-2/140-3 validated c... | CAT I | MongoDB Enterprise Advanced 8.... | Set Status |
| V-279361 | MongoDB must protect the confidentiality and integ... | CAT I | MongoDB Enterprise Advanced 8.... | Set Status |
| V-279387 | MongoDB must implement cryptographic mechanisms to... | CAT I | MongoDB Enterprise Advanced 8.... | Set Status |
| xccdf_mil.disa.stig_group_V-218795 | All IIS 10.0 web server sample code, example appli... | CAT I | Microsoft IIS 10.0 Server Secu... | Set Status |
| xccdf_mil.disa.stig_group_V-254414 | Windows Server 2022 PKI certificates associated wi... | CAT I | Microsoft Windows Server 2022 ... | Set Status |
| xccdf_mil.disa.stig_group_V-254441 | Windows Server 2022 must be running Credential Gua... | CAT I | Microsoft Windows Server 2022 ... | Set Status |
| V-202077 | The network device must generate unique session id... | CAT II | Network Device Management Secu... | Set Status |
| V-202137 | The network device must support organizational req... | CAT II | Network Device Management Secu... | Set Status |
| V-204708 | The application server must limit the number of co... | CAT II | Application Server Security Re... | Set Status |
| V-204710 | The application server must implement cryptography... | CAT II | Application Server Security Re... | Set Status |
| V-204711 | The application server must ensure remote sessions... | CAT II | Application Server Security Re... | Set Status |
| V-204712 | The application server must enforce approved autho... | CAT II | Application Server Security Re... | Set Status |
| V-204714 | The application server management interface must r... | CAT II | Application Server Security Re... | Set Status |
| V-204715 | The application server must protect against an ind... | CAT II | Application Server Security Re... | Set Status |
| V-204717 | The application server must generate log records f... | CAT II | Application Server Security Re... | Set Status |
| V-204718 | The application server must allow only the ISSM (o... | CAT II | Application Server Security Re... | Set Status |
| V-204719 | The application server must generate log records w... | CAT II | Application Server Security Re... | Set Status |
| V-204720 | The application server must initiate session loggi... | CAT II | Application Server Security Re... | Set Status |
| V-204724 | The application server must produce log records co... | CAT II | Application Server Security Re... | Set Status |
| V-204725 | The application server must produce log records th... | CAT II | Application Server Security Re... | Set Status |
| V-204726 | The application server must generate log records c... | CAT II | Application Server Security Re... | Set Status |
| V-204727 | The application server must generate log records c... | CAT II | Application Server Security Re... | Set Status |
| V-204735 | The application server must protect log tools from... | CAT II | Application Server Security Re... | Set Status |
| V-204736 | The application server must protect log tools from... | CAT II | Application Server Security Re... | Set Status |
| V-204737 | The application server must protect log tools from... | CAT II | Application Server Security Re... | Set Status |
| V-204739 | The application server must use cryptographic mech... | CAT II | Application Server Security Re... | Set Status |
| V-204740 | The application server must prevent the installati... | CAT II | Application Server Security Re... | Set Status |
| V-204741 | The application server must limit privileges to ch... | CAT II | Application Server Security Re... | Set Status |
| V-204742 | The application server must be capable of revertin... | CAT II | Application Server Security Re... | Set Status |
| V-204743 | The application server must adhere to the principl... | CAT II | Application Server Security Re... | Set Status |
| V-204744 | The application server must prohibit or restrict t... | CAT II | Application Server Security Re... | Set Status |
| V-204745 | The application server must use an approved DOD en... | CAT II | Application Server Security Re... | Set Status |
| V-204748 | The application server must authenticate users ind... | CAT II | Application Server Security Re... | Set Status |
| V-204749 | The application server must provide security exten... | CAT II | Application Server Security Re... | Set Status |
| V-204750 | The application server must disable identifiers (i... | CAT II | Application Server Security Re... | Set Status |
| V-204751 | The application server must for password-based aut... | CAT II | Application Server Security Re... | Set Status |
| V-204752 | The application server must transmit only encrypte... | CAT II | Application Server Security Re... | Set Status |
| V-204753 | The application server must utilize encryption whe... | CAT II | Application Server Security Re... | Set Status |
| V-204754 | The application server must perform RFC 5280-compl... | CAT II | Application Server Security Re... | Set Status |
| V-204755 | Only authenticated system administrators or the de... | CAT II | Application Server Security Re... | Set Status |
| V-204756 | The application server must map the authenticated ... | CAT II | Application Server Security Re... | Set Status |
| V-204757 | The application server must obscure feedback of au... | CAT II | Application Server Security Re... | Set Status |
| V-204759 | The application server must provide a log reductio... | CAT II | Application Server Security Re... | Set Status |
| V-204761 | The application server must separate hosted applic... | CAT II | Application Server Security Re... | Set Status |
| V-204762 | The application server must be configured to mutua... | CAT II | Application Server Security Re... | Set Status |
| V-204767 | The application server must be configured to perfo... | CAT II | Application Server Security Re... | Set Status |
| V-204768 | The application server must provide a clustering c... | CAT II | Application Server Security Re... | Set Status |
| V-204769 | The application server must fail to a secure state... | CAT II | Application Server Security Re... | Set Status |
| V-204770 | The application server must protect the confidenti... | CAT II | Application Server Security Re... | Set Status |
| V-204774 | The application server must only generate error me... | CAT II | Application Server Security Re... | Set Status |
| V-204775 | The application server must restrict error message... | CAT II | Application Server Security Re... | Set Status |
| V-204777 | The application server must automatically terminat... | CAT II | Application Server Security Re... | Set Status |
| V-204778 | The application server management interface must p... | CAT II | Application Server Security Re... | Set Status |
| V-204779 | The application server management interface must d... | CAT II | Application Server Security Re... | Set Status |
| V-204780 | The application server must associate organization... | CAT II | Application Server Security Re... | Set Status |
| V-204781 | The application server must associate organization... | CAT II | Application Server Security Re... | Set Status |
| V-204782 | The application server must control remote access ... | CAT II | Application Server Security Re... | Set Status |
| V-204783 | The application server must provide the capability... | CAT II | Application Server Security Re... | Set Status |
| V-204784 | The application server must prevent non-privileged... | CAT II | Application Server Security Re... | Set Status |
| V-204785 | The application server must provide access logging... | CAT II | Application Server Security Re... | Set Status |
| V-204788 | The application server must allocate log record st... | CAT II | Application Server Security Re... | Set Status |
| V-204792 | The application server must compare internal appli... | CAT II | Application Server Security Re... | Set Status |
| V-204793 | The application server must synchronize internal a... | CAT II | Application Server Security Re... | Set Status |
| V-204794 | The application server must record time stamps for... | CAT II | Application Server Security Re... | Set Status |
| V-204795 | The application server must record time stamps for... | CAT II | Application Server Security Re... | Set Status |
| V-204796 | The application server must enforce access restric... | CAT II | Application Server Security Re... | Set Status |
| V-204797 | The application server must log the enforcement ac... | CAT II | Application Server Security Re... | Set Status |
| V-204798 | The application server must require users to reaut... | CAT II | Application Server Security Re... | Set Status |
| V-204804 | The application server must prohibit the use of ca... | CAT II | Application Server Security Re... | Set Status |
| V-204805 | The application server, for PKI-based authenticati... | CAT II | Application Server Security Re... | Set Status |
| V-204806 | The application server must accept Personal Identi... | CAT II | Application Server Security Re... | Set Status |
| V-204807 | The application server must electronically verify ... | CAT II | Application Server Security Re... | Set Status |
| V-204808 | The application server must accept Federal Identit... | CAT II | Application Server Security Re... | Set Status |
| V-204809 | The application server must conform to Federal Ide... | CAT II | Application Server Security Re... | Set Status |
| V-204811 | The application server must only allow the use of ... | CAT II | Application Server Security Re... | Set Status |
| V-204814 | The application server, when a MAC I system, must ... | CAT II | Application Server Security Re... | Set Status |
| V-204815 | The application server must protect against or lim... | CAT II | Application Server Security Re... | Set Status |
| V-204818 | The application server must employ approved crypto... | CAT II | Application Server Security Re... | Set Status |
| V-204819 | The application server must maintain the confident... | CAT II | Application Server Security Re... | Set Status |
| V-204822 | The application server must remove organization-de... | CAT II | Application Server Security Re... | Set Status |
| V-204823 | The application server must install security-relev... | CAT II | Application Server Security Re... | Set Status |
| V-204824 | The application server must generate log records w... | CAT II | Application Server Security Re... | Set Status |
| V-204825 | The application server must generate log records w... | CAT II | Application Server Security Re... | Set Status |
| V-204826 | The application server must generate log records w... | CAT II | Application Server Security Re... | Set Status |
| V-204827 | The application server must generate log records f... | CAT II | Application Server Security Re... | Set Status |
| V-204828 | The application must generate log records showing ... | CAT II | Application Server Security Re... | Set Status |
| V-204829 | The application server must generate log records w... | CAT II | Application Server Security Re... | Set Status |
| V-204830 | The application server must generate log records f... | CAT II | Application Server Security Re... | Set Status |
| V-204834 | The application server must be configured in accor... | CAT II | Application Server Security Re... | Set Status |
| V-204944 | The ALG must be configured to prohibit or restrict... | CAT II | Application Layer Gateway Secu... | Set Status |
| V-205459 | The Mainframe Product must provide audit record ge... | CAT II | Mainframe Product Security Req... | Set Status |
| V-205487 | The Mainframe Product must be configured to disabl... | CAT II | Mainframe Product Security Req... | Set Status |
| V-205524 | The Mainframe Product must generate error messages... | CAT II | Mainframe Product Security Req... | Set Status |
| V-205525 | The Mainframe Product must reveal full-text detail... | CAT II | Mainframe Product Security Req... | Set Status |
| V-205543 | The Mainframe Product must enforce organization-de... | CAT II | Mainframe Product Security Req... | Set Status |
| V-205591 | The Mainframe Product performing organization-defi... | CAT II | Mainframe Product Security Req... | Set Status |
| V-205592 | The Mainframe Product must perform verification of... | CAT II | Mainframe Product Security Req... | Set Status |
| V-205622 | The Mainframe Product must be configured in accord... | CAT II | Mainframe Product Security Req... | Set Status |
| V-205643 | Windows Server 2019 Manage auditing and security l... | CAT II | Microsoft Windows Server 2019 ... | Set Status |
| V-205648 | Windows Server 2019 must have the DoD Root Certifi... | CAT II | Microsoft Windows Server 2019 ... | Set Status |
| V-205665 | Windows Server 2019 Access this computer from the ... | CAT II | Microsoft Windows Server 2019 ... | Set Status |
| V-205671 | Windows Server 2019 "Access this computer from the... | CAT II | Microsoft Windows Server 2019 ... | Set Status |
| V-205676 | Windows Server 2019 Allow log on locally user righ... | CAT II | Microsoft Windows Server 2019 ... | Set Status |
| V-205699 | Windows Server 2019 shared user accounts must not ... | CAT II | Microsoft Windows Server 2019 ... | Set Status |
| V-205747 | Windows Server 2019 must restrict remote calls to ... | CAT II | Microsoft Windows Server 2019 ... | Set Status |
| V-205751 | Windows Server 2019 Back up files and directories ... | CAT II | Microsoft Windows Server 2019 ... | Set Status |
| V-205754 | Windows Server 2019 Create global objects user rig... | CAT II | Microsoft Windows Server 2019 ... | Set Status |
| V-205759 | Windows Server 2019 Generate security audits user ... | CAT II | Microsoft Windows Server 2019 ... | Set Status |
| V-205760 | Windows Server 2019 Impersonate a client after aut... | CAT II | Microsoft Windows Server 2019 ... | Set Status |
| V-205761 | Windows Server 2019 Increase scheduling priority: ... | CAT II | Microsoft Windows Server 2019 ... | Set Status |
| V-205763 | Windows Server 2019 Lock pages in memory user righ... | CAT II | Microsoft Windows Server 2019 ... | Set Status |
| V-205767 | Windows Server 2019 Restore files and directories ... | CAT II | Microsoft Windows Server 2019 ... | Set Status |
| V-205768 | Windows Server 2019 Take ownership of files or oth... | CAT II | Microsoft Windows Server 2019 ... | Set Status |
| V-205818 | Windows Server 2019 must use separate, NSA-approve... | CAT II | Microsoft Windows Server 2019 ... | Set Status |
| V-206350 | The web server must limit the number of allowed si... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206351 | The web server must perform server-side session ma... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206352 | The web server must use encryption strength in acc... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206353 | The web server must use cryptography to protect th... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206354 | The web server must generate information to be use... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206356 | The web server must generate, at a minimum, log re... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206357 | The web server must initiate session logging upon ... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206359 | The web server must produce log records containing... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206360 | The web server must produce log records containing... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206361 | The web server must produce log records containing... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206362 | The web server must produce log records containing... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206363 | A web server, behind a load balancer or proxy serv... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206364 | The web server must produce log records that conta... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206365 | The web server must produce log records containing... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206366 | The web server must use a logging mechanism that i... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206367 | The web server must use the internal system clock ... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206368 | Web server log files must only be accessible by pr... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206369 | The log information from the web server must be pr... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206370 | The log information from the web server must be pr... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206371 | The log data and records from the web server must ... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206372 | All web server files must be verified for their in... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206373 | Expansion modules must be fully reviewed, tested, ... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206374 | The web server must not perform user management fo... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206375 | The web server must only contain services and func... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206376 | The web server must not be a proxy server. | CAT II | Web Server Security Requiremen... | Set Status |
| V-206377 | The web server must provide install options to exc... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206378 | Web server accounts not utilized by installed feat... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206379 | The web server must provide install options to exc... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206380 | The web server must have Multipurpose Internet Mai... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206381 | The web server must allow the mappings to unused a... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206382 | The web server must have resource mappings set to ... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206383 | The web server must have Web Distributed Authoring... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206384 | The web server must protect system resources and p... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206385 | Users and scripts running on behalf of users must ... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206386 | The web server must be configured to use a specifi... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206387 | The web server must encrypt passwords during trans... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206388 | The web server must perform RFC 5280-compliant cer... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206389 | Only authenticated system administrators or the de... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206391 | The web server must use cryptographic modules that... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206392 | A web server utilizing mobile code must meet DoD-d... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206393 | Web server accounts accessing the directory tree, ... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206394 | Anonymous user access to the web server applicatio... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206395 | The web server must separate the hosted applicatio... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206396 | The web server must invalidate session identifiers... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206397 | Cookies exchanged between the web server and clien... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206398 | The web server must accept only system-generated s... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206400 | The web server must generate unique session identi... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206401 | The web server must generate a session ID long eno... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206402 | The web server must generate a session ID using as... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206403 | The web server must generate unique session identi... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206404 | The web server must augment re-creation to a stabl... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206405 | The web server must be built to fail to a known sa... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206406 | The web server must provide a clustering capabilit... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206407 | Information at rest must be encrypted using a DOD-... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206408 | The web server document directory must be in a sep... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206409 | The web server must restrict the ability of users ... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206410 | The web server must limit the character set used f... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206411 | The web server must display a default hosted appli... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206412 | Warning and error messages displayed to clients mu... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206413 | Debugging and trace information used to diagnose t... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206415 | The web server must set an inactive timeout for se... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206416 | Remote access to the web server must follow access... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206418 | The web server must provide the capability to imme... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206419 | Non-privileged accounts on the hosting system must... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206421 | The web server must use a logging mechanism that i... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206422 | The web server must not impede the ability to writ... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206423 | The web server must be configurable to integrate w... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206424 | The web server must use a logging mechanism that i... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206425 | The web server must generate log records that can ... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206426 | The web server must record time stamps for log rec... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206427 | The web server application, libraries, and configu... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206428 | The web server must prohibit or restrict the use o... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206432 | The web server must be protected from being stoppe... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206433 | The web server must be tuned to handle the operati... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206435 | Web server session IDs must be sent to the client ... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206436 | Web server cookies, such as session cookies, sent ... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206437 | Cookies exchanged between the web server and the c... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206438 | Cookies exchanged between the web server and the c... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206439 | A web server must maintain the confidentiality of ... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206440 | The web server must remove all export ciphers to p... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206441 | The web server must maintain the confidentiality a... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206444 | All accounts installed with the web server softwar... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206445 | The web server must be configured in accordance wi... | CAT II | Web Server Security Requiremen... | Set Status |
| V-206451 | Where multiple log servers are installed in the en... | CAT II | Central Log Server Security Re... | Set Status |
| V-206519 | The DBMS must limit the number of concurrent sessi... | CAT II | Database Security Requirements... | Set Status |
| V-206522 | The DBMS must protect against a user falsely repud... | CAT II | Database Security Requirements... | Set Status |
| V-206524 | The DBMS must allow only the ISSM (or individuals ... | CAT II | Database Security Requirements... | Set Status |
| V-206525 | The DBMS must be able to generate audit records wh... | CAT II | Database Security Requirements... | Set Status |
| V-206526 | The DBMS must be able to generate audit records wh... | CAT II | Database Security Requirements... | Set Status |
| V-206527 | The DBMS must initiate session auditing upon start... | CAT II | Database Security Requirements... | Set Status |
| V-206534 | The DBMS must include additional, more detailed, o... | CAT II | Database Security Requirements... | Set Status |
| V-206537 | The DBMS must use system clocks to generate time s... | CAT II | Database Security Requirements... | Set Status |
| V-206547 | Database objects (including but not limited to tab... | CAT II | Database Security Requirements... | Set Status |
| V-206549 | Default demonstration and sample databases, databa... | CAT II | Database Security Requirements... | Set Status |
| V-206550 | Unused database components, DBMS software, and dat... | CAT II | Database Security Requirements... | Set Status |
| V-206553 | The DBMS must be configured to prohibit or restric... | CAT II | Database Security Requirements... | Set Status |
| V-206564 | The DBMS must separate user functionality (includi... | CAT II | Database Security Requirements... | Set Status |
| V-206565 | The DBMS must invalidate session identifiers upon ... | CAT II | Database Security Requirements... | Set Status |
| V-206566 | The DBMS must recognize only system-generated sess... | CAT II | Database Security Requirements... | Set Status |
| V-206567 | The DBMS must maintain the authenticity of communi... | CAT II | Database Security Requirements... | Set Status |
| V-206568 | The DBMS must fail to a secure state if system ini... | CAT II | Database Security Requirements... | Set Status |
| V-206575 | The DBMS must check the validity of all data input... | CAT II | Database Security Requirements... | Set Status |
| V-206577 | The DBMS and associated applications, when making ... | CAT II | Database Security Requirements... | Set Status |
| V-206580 | The DBMS must automatically terminate a user sessi... | CAT II | Database Security Requirements... | Set Status |
| V-206581 | The DBMS must provide logout functionality to allo... | CAT II | Database Security Requirements... | Set Status |
| V-206585 | The DBMS must enforce discretionary access control... | CAT II | Database Security Requirements... | Set Status |
| V-206586 | The DBMS must prevent non-privileged users from ex... | CAT II | Database Security Requirements... | Set Status |
| V-206587 | Execution of software modules (to include stored p... | CAT II | Database Security Requirements... | Set Status |
| V-206595 | The DBMS must generate time stamps, for audit reco... | CAT II | Database Security Requirements... | Set Status |
| V-206597 | The DBMS must enforce access restrictions associat... | CAT II | Database Security Requirements... | Set Status |
| V-206598 | The DBMS must produce audit records of its enforce... | CAT II | Database Security Requirements... | Set Status |
| V-206600 | The DBMS must require users to reauthenticate when... | CAT II | Database Security Requirements... | Set Status |
| V-206609 | When invalid inputs are received, the DBMS must be... | CAT II | Database Security Requirements... | Set Status |
| V-206612 | The DBMS must be able to generate audit records wh... | CAT II | Database Security Requirements... | Set Status |
| V-206613 | The DBMS must generate audit records when unsucces... | CAT II | Database Security Requirements... | Set Status |
| V-206614 | The DBMS must generate audit records when categori... | CAT II | Database Security Requirements... | Set Status |
| V-206615 | The DBMS must generate audit records when unsucces... | CAT II | Database Security Requirements... | Set Status |
| V-206616 | The DBMS must generate audit records when privileg... | CAT II | Database Security Requirements... | Set Status |
| V-206617 | The DBMS must generate audit records when unsucces... | CAT II | Database Security Requirements... | Set Status |
| V-206618 | The DBMS must generate audit records when privileg... | CAT II | Database Security Requirements... | Set Status |
| V-206619 | The DBMS must generate audit records when unsucces... | CAT II | Database Security Requirements... | Set Status |
| V-206620 | The DBMS must generate audit records when security... | CAT II | Database Security Requirements... | Set Status |
| V-206621 | The DBMS must generate audit records when unsucces... | CAT II | Database Security Requirements... | Set Status |
| V-206622 | The DBMS must generate audit records when categori... | CAT II | Database Security Requirements... | Set Status |
| V-206623 | The DBMS must generate audit records when unsucces... | CAT II | Database Security Requirements... | Set Status |
| V-206624 | The DBMS must generate audit records when privileg... | CAT II | Database Security Requirements... | Set Status |
| V-206625 | The DBMS must generate audit records when unsucces... | CAT II | Database Security Requirements... | Set Status |
| V-206626 | The DBMS must generate audit records when security... | CAT II | Database Security Requirements... | Set Status |
| V-206627 | The DBMS must generate audit records when unsucces... | CAT II | Database Security Requirements... | Set Status |
| V-206628 | The DBMS must generate audit records when categori... | CAT II | Database Security Requirements... | Set Status |
| V-206629 | The DBMS must generate audit records when unsucces... | CAT II | Database Security Requirements... | Set Status |
| V-206632 | The DBMS must generate audit records for all privi... | CAT II | Database Security Requirements... | Set Status |
| V-206633 | The DBMS must generate audit records when unsucces... | CAT II | Database Security Requirements... | Set Status |
| V-206636 | The DBMS must be able to generate audit records wh... | CAT II | Database Security Requirements... | Set Status |
| V-206637 | The DBMS must generate audit records when unsucces... | CAT II | Database Security Requirements... | Set Status |
| V-206642 | The DBMS must off-load audit data to a separate lo... | CAT II | Database Security Requirements... | Set Status |
| V-206643 | The DBMS must be configured in accordance with the... | CAT II | Database Security Requirements... | Set Status |
| V-206650 | The layer 2 switch must be configured to fail secu... | CAT II | Layer 2 Switch Security Requir... | Set Status |
| V-206690 | The firewall must disable or remove unnecessary ne... | CAT II | Firewall Security Requirements... | Set Status |
| V-206698 | In the event of a system failure of the firewall f... | CAT II | Firewall Security Requirements... | Set Status |
| V-206703 | The firewall must apply ingress filters to traffic... | CAT II | Firewall Security Requirements... | Set Status |
| V-206704 | The firewall must apply egress filters to traffic ... | CAT II | Firewall Security Requirements... | Set Status |
| V-207171 | The router must be configured to fail securely in ... | CAT II | Router Security Requirements G... | Set Status |
| V-207185 | The Remote Access VPN Gateway and/or client must d... | CAT II | Virtual Private Network (VPN) ... | Set Status |
| V-207186 | The Remote Access VPN Gateway and/or client must e... | CAT II | Virtual Private Network (VPN) ... | Set Status |
| V-207690 | The Palo Alto Networks security platform must capt... | CAT II | Palo Alto Networks IDPS Securi... | Set Status |
| V-207698 | The Palo Alto Networks security platform must bloc... | CAT II | Palo Alto Networks IDPS Securi... | Set Status |
| V-213332 | The Trellix Application Control Options Advanced T... | CAT II | Trellix Application Control 8.... | Set Status |
| V-213337 | The Trellix Application Control Options policy End... | CAT II | Trellix Application Control 8.... | Set Status |
| V-213513 | File permissions must be configured to protect log... | CAT II | JBoss Enterprise Application P... | Set Status |
| V-213514 | File permissions must be configured to protect log... | CAT II | JBoss Enterprise Application P... | Set Status |
| V-213515 | File permissions must be configured to protect log... | CAT II | JBoss Enterprise Application P... | Set Status |
| V-213517 | mgmt-users.properties file permissions must be set... | CAT II | JBoss Enterprise Application P... | Set Status |
| V-213524 | Any unapproved applications must be removed. | CAT II | JBoss Enterprise Application P... | Set Status |
| V-213531 | JBoss KeyStore and Truststore passwords must not b... | CAT II | JBoss Enterprise Application P... | Set Status |
| V-213546 | The JBoss server, when hosting mission critical ap... | CAT II | JBoss Enterprise Application P... | Set Status |
| V-213556 | JBoss must be configured to generate log records w... | CAT II | JBoss Enterprise Application P... | Set Status |
| V-213670 | DB2 must limit the number of concurrent sessions t... | CAT II | IBM DB2 V10.5 LUW Security Tec... | Set Status |
| V-213695 | Unused database components, DBMS software, and dat... | CAT II | IBM DB2 V10.5 LUW Security Tec... | Set Status |
| V-213710 | DB2 must check the validity of all data inputs exc... | CAT II | IBM DB2 V10.5 LUW Security Tec... | Set Status |
| V-213712 | DB2 and associated applications, when making use o... | CAT II | IBM DB2 V10.5 LUW Security Tec... | Set Status |
| V-213729 | DB2 must implement cryptographic mechanisms to pre... | CAT II | IBM DB2 V10.5 LUW Security Tec... | Set Status |
| V-213730 | DB2 must implement and/or support cryptographic me... | CAT II | IBM DB2 V10.5 LUW Security Tec... | Set Status |
| V-213733 | When invalid inputs are received, DB2 must behave ... | CAT II | IBM DB2 V10.5 LUW Security Tec... | Set Status |
| V-213737 | DB2 must generate audit records when categorized i... | CAT II | IBM DB2 V10.5 LUW Security Tec... | Set Status |
| V-213738 | DB2 must generate audit records when unsuccessful ... | CAT II | IBM DB2 V10.5 LUW Security Tec... | Set Status |
| V-213745 | DB2 must generate audit records when categorized i... | CAT II | IBM DB2 V10.5 LUW Security Tec... | Set Status |
| V-213746 | DB2 must generate audit records when unsuccessful ... | CAT II | IBM DB2 V10.5 LUW Security Tec... | Set Status |
| V-213755 | DB2 must generate audit records for all privileged... | CAT II | IBM DB2 V10.5 LUW Security Tec... | Set Status |
| V-213756 | DB2 must generate audit records when unsuccessful ... | CAT II | IBM DB2 V10.5 LUW Security Tec... | Set Status |
| V-213904 | SQL Server must protect against a user falsely rep... | CAT II | MS SQL Server 2016 Database Se... | Set Status |
| V-213905 | SQL Server must allow only the ISSM (or individual... | CAT II | MS SQL Server 2016 Database Se... | Set Status |
| V-213906 | SQL Server must limit privileges to change softwar... | CAT II | MS SQL Server 2016 Database Se... | Set Status |
| V-213907 | SQL Server must limit privileges to change softwar... | CAT II | MS SQL Server 2016 Database Se... | Set Status |
| V-213908 | Database objects (including but not limited to tab... | CAT II | MS SQL Server 2016 Database Se... | Set Status |
| V-213909 | The role(s)/group(s) used to modify database struc... | CAT II | MS SQL Server 2016 Database Se... | Set Status |
| V-213911 | The Database Master Key encryption password must m... | CAT II | MS SQL Server 2016 Database Se... | Set Status |
| V-213916 | SQL Server must check the validity of all data inp... | CAT II | MS SQL Server 2016 Database Se... | Set Status |
| V-213922 | Execution of stored procedures and functions that ... | CAT II | MS SQL Server 2016 Database Se... | Set Status |
| V-213923 | SQL Server must prohibit user installation of logi... | CAT II | MS SQL Server 2016 Database Se... | Set Status |
| V-213929 | SQL Server must limit the number of concurrent ses... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213931 | SQL Server must be configured to utilize the most-... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213933 | SQL Server must protect against a user falsely rep... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213936 | SQL Server must be configured to generate audit re... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213937 | SQL Server must allow only the ISSM (or individual... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213939 | SQL Server must generate audit records when attemp... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213941 | SQL Server must include additional, more detailed,... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213942 | SQL Server must by default shut down upon audit fa... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213943 | SQL Server must be configurable to overwrite audit... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213948 | SQL Server must protect its audit configuration fr... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213950 | SQL Server must limit privileges to change softwar... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213951 | SQL Server must limit privileges to change softwar... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213954 | Default demonstration and sample databases, databa... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213955 | Unused database components, DBMS software, and dat... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213956 | Unused database components that are integrated in ... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213957 | Access to xp_cmdshell must be disabled, unless spe... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213958 | Access to CLR code must be disabled or restricted,... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213959 | Access to Non-Standard extended stored procedures ... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213960 | Access to linked servers must be disabled or restr... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213962 | SQL Server must be configured to prohibit or restr... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213965 | Contained databases must use Windows principals. | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213970 | SQL Server must uniquely identify and authenticate... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213975 | SQL Server must prevent unauthorized and unintende... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213976 | SQL Server must prevent unauthorized and unintende... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213978 | SQL Server must reveal detailed error messages onl... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213979 | SQL Server must prevent non-privileged users from ... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213980 | Use of credentials and proxies must be restricted ... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213983 | SQL Server must allocate audit record storage capa... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213987 | SQL Server must enforce access restrictions associ... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213988 | Windows must enforce access restrictions associate... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213990 | SQL Server must disable network functions, ports, ... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213991 | SQL Server must maintain a separate execution doma... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213992 | SQL Server services must be configured to run unde... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213993 | When updates are applied to SQL Server software, a... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213995 | SQL Server must be able to generate audit records ... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-213998 | SQL Server must generate audit records when succes... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214006 | SQL Server must generate audit records when succes... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214012 | SQL Server must generate audit records when succes... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214015 | SQL Server must generate audit records for all pri... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214016 | SQL Server must generate audit records when unsucc... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214020 | SQL Server must generate audit records when succes... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214021 | SQL Server must generate audit records for all dir... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214024 | SQL Server must implement NIST FIPS 140-2 or 140-3... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214025 | The system SQL Server must off-load audit data to ... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214026 | SQL Server must configure Customer Feedback and Er... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214027 | SQL Server must configure SQL Server Usage and Err... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214030 | Execution of startup stored procedures must be res... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214033 | SQL Server execute permissions to access the regis... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214034 | Filestream must be disabled, unless specifically r... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214035 | Ole Automation Procedures feature must be disabled... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214036 | SQL Server User Options feature must be disabled, ... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214037 | Remote Access feature must be disabled, unless spe... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214038 | Hadoop Connectivity feature must be disabled, unle... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214039 | Allow Polybase Export feature must be disabled, un... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214040 | Remote Data Archive feature must be disabled, unle... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214041 | SQL Server External Scripts Enabled feature must b... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214043 | SQL Server Replication Xps feature must be disable... | CAT II | MS SQL Server 2016 Instance Se... | Set Status |
| V-214229 | The Apache web server must perform server-side ses... | CAT II | Apache Server 2.4 UNIX Server ... | Set Status |
| V-214236 | The log information from the Apache web server mus... | CAT II | Apache Server 2.4 UNIX Server ... | Set Status |
| V-214239 | The Apache web server must not perform user manage... | CAT II | Apache Server 2.4 UNIX Server ... | Set Status |
| V-214240 | The Apache web server must only contain services a... | CAT II | Apache Server 2.4 UNIX Server ... | Set Status |
| V-214247 | Apache web server accounts accessing the directory... | CAT II | Apache Server 2.4 UNIX Server ... | Set Status |
| V-214249 | The Apache web server must separate the hosted app... | CAT II | Apache Server 2.4 UNIX Server ... | Set Status |
| V-214251 | Cookies exchanged between the Apache web server an... | CAT II | Apache Server 2.4 UNIX Server ... | Set Status |
| V-214252 | The Apache web server must generate a session ID l... | CAT II | Apache Server 2.4 UNIX Server ... | Set Status |
| V-214254 | The Apache web server must be built to fail to a k... | CAT II | Apache Server 2.4 UNIX Server ... | Set Status |
| V-214260 | The Apache web server must be configured to immedi... | CAT II | Apache Server 2.4 UNIX Server ... | Set Status |
| V-214265 | The Apache web server must generate log records th... | CAT II | Apache Server 2.4 UNIX Server ... | Set Status |
| V-214267 | The Apache web server must be protected from being... | CAT II | Apache Server 2.4 UNIX Server ... | Set Status |
| V-214277 | The Apache web server must perform server-side ses... | CAT II | Apache Server 2.4 UNIX Site Se... | Set Status |
| V-214280 | The Apache web server must not perform user manage... | CAT II | Apache Server 2.4 UNIX Site Se... | Set Status |
| V-214286 | The Apache web server must perform RFC 5280-compli... | CAT II | Apache Server 2.4 UNIX Site Se... | Set Status |
| V-214289 | The Apache web server must augment re-creation to ... | CAT II | Apache Server 2.4 UNIX Site Se... | Set Status |
| V-214307 | The Apache web server must perform server-side ses... | CAT II | Apache Server 2.4 Windows Serv... | Set Status |
| V-214318 | The Apache web server must not perform user manage... | CAT II | Apache Server 2.4 Windows Serv... | Set Status |
| V-214329 | Apache web server accounts accessing the directory... | CAT II | Apache Server 2.4 Windows Serv... | Set Status |
| V-214330 | The Apache web server must separate the hosted app... | CAT II | Apache Server 2.4 Windows Serv... | Set Status |
| V-214336 | The Apache web server must be built to fail to a k... | CAT II | Apache Server 2.4 Windows Serv... | Set Status |
| V-214344 | The Apache web server must be configured to immedi... | CAT II | Apache Server 2.4 Windows Serv... | Set Status |
| V-214351 | The Apache web server must generate log records th... | CAT II | Apache Server 2.4 Windows Serv... | Set Status |
| V-214353 | The Apache web server must be protected from being... | CAT II | Apache Server 2.4 Windows Serv... | Set Status |
| V-214365 | The Apache web server must not perform user manage... | CAT II | Apache Server 2.4 Windows Site... | Set Status |
| V-214372 | Apache web server accounts accessing the directory... | CAT II | Apache Server 2.4 Windows Site... | Set Status |
| V-214374 | The Apache web server must separate the hosted app... | CAT II | Apache Server 2.4 Windows Site... | Set Status |
| V-214380 | The Apache web server must augment re-creation to ... | CAT II | Apache Server 2.4 Windows Site... | Set Status |
| V-214390 | The Apache web server must prohibit or restrict th... | CAT II | Apache Server 2.4 Windows Site... | Set Status |
| V-214523 | The Juniper SRX Services Gateway Firewall must dis... | CAT II | Juniper SRX Services Gateway A... | Set Status |
| V-214534 | The Juniper SRX Services Gateway Firewall must be ... | CAT II | Juniper SRX Services Gateway A... | Set Status |
| V-214671 | The Juniper SRX Services Gateway VPN device also f... | CAT II | Juniper SRX Services Gateway V... | Set Status |
| V-214682 | The Juniper SRX Services Gateway must disable or r... | CAT II | Juniper SRX Services Gateway V... | Set Status |
| V-214694 | The Juniper SRX Services Gateway VPN must only all... | CAT II | Juniper SRX Services Gateway V... | Set Status |
| V-215329 | The AIX ldd command must be disabled. | CAT II | IBM AIX 7.x Security Technical... | Set Status |
| V-215418 | NIS maps must be protected through hard-to-guess d... | CAT II | IBM AIX 7.x Security Technical... | Set Status |
| V-216192 | Reserved UIDs 0-99 must only be used by system acc... | CAT II | Solaris 11 X86 Security Techni... | Set Status |
| V-216225 | The operating system must conduct backups of user-... | CAT II | Solaris 11 X86 Security Techni... | Set Status |
| V-216226 | The operating system must conduct backups of syste... | CAT II | Solaris 11 X86 Security Techni... | Set Status |
| V-216227 | The operating system must conduct backups of opera... | CAT II | Solaris 11 X86 Security Techni... | Set Status |
| V-216429 | Reserved UIDs 0-99 must only be used by system acc... | CAT II | Solaris 11 SPARC Security Tech... | Set Status |
| V-216461 | The operating system must conduct backups of user-... | CAT II | Solaris 11 SPARC Security Tech... | Set Status |
| V-216462 | The operating system must conduct backups of syste... | CAT II | Solaris 11 SPARC Security Tech... | Set Status |
| V-216463 | The operating system must conduct backups of opera... | CAT II | Solaris 11 SPARC Security Tech... | Set Status |
| V-217099 | The JBoss server must be configured to bind the ma... | CAT II | JBoss Enterprise Application P... | Set Status |
| V-218764 | The IIS 10.0 website must provide the capability t... | CAT II | Microsoft IIS 10.0 Site Securi... | Set Status |
| V-218792 | The IIS 10.0 web server must not perform user mana... | CAT II | Microsoft IIS 10.0 Server Secu... | Set Status |
| V-218793 | The IIS 10.0 web server must only contain function... | CAT II | Microsoft IIS 10.0 Server Secu... | Set Status |
| V-218796 | The accounts created by uninstalled features (i.e.... | CAT II | Microsoft IIS 10.0 Server Secu... | Set Status |
| V-218806 | The IIS 10.0 web server must augment re-creation t... | CAT II | Microsoft IIS 10.0 Server Secu... | Set Status |
| V-218813 | The IIS 10.0 web server must provide the capabilit... | CAT II | Microsoft IIS 10.0 Server Secu... | Set Status |
| V-218816 | Access to web administration tools must be restric... | CAT II | Microsoft IIS 10.0 Server Secu... | Set Status |
| V-218819 | The IIS 10.0 web server must be tuned to handle th... | CAT II | Microsoft IIS 10.0 Server Secu... | Set Status |
| V-218822 | The IIS 10.0 web server must maintain the confiden... | CAT II | Microsoft IIS 10.0 Server Secu... | Set Status |
| V-219984 | The operating system must protect the integrity of... | CAT II | Solaris 11 SPARC Security Tech... | Set Status |
| V-219986 | The operating system must synchronize internal inf... | CAT II | Solaris 11 SPARC Security Tech... | Set Status |
| V-220012 | The operating system must protect the integrity of... | CAT II | Solaris 11 X86 Security Techni... | Set Status |
| V-220014 | The operating system must synchronize internal inf... | CAT II | Solaris 11 X86 Security Techni... | Set Status |
| V-220340 | MarkLogic Server must integrate with an organizati... | CAT II | MarkLogic Server v9 Security T... | Set Status |
| V-220344 | MarkLogic Server must allow only the ISSM (or indi... | CAT II | MarkLogic Server v9 Security T... | Set Status |
| V-220345 | MarkLogic Server must be able to generate audit re... | CAT II | MarkLogic Server v9 Security T... | Set Status |
| V-220356 | MarkLogic Server software installation account mus... | CAT II | MarkLogic Server v9 Security T... | Set Status |
| V-220358 | MarkLogic Server objects (including but not limite... | CAT II | MarkLogic Server v9 Security T... | Set Status |
| V-220362 | MarkLogic Server must be configured to prohibit or... | CAT II | MarkLogic Server v9 Security T... | Set Status |
| V-220373 | Access to MarkLogic Server files must be limited t... | CAT II | MarkLogic Server v9 Security T... | Set Status |
| V-220375 | MarkLogic Server must associate organization-defin... | CAT II | MarkLogic Server v9 Security T... | Set Status |
| V-220376 | MarkLogic Server must associate organization-defin... | CAT II | MarkLogic Server v9 Security T... | Set Status |
| V-220377 | MarkLogic Server must prevent non-privileged users... | CAT II | MarkLogic Server v9 Security T... | Set Status |
| V-220410 | MarkLogic Server must generate audit records for a... | CAT II | MarkLogic Server v9 Security T... | Set Status |
| V-220411 | MarkLogic Server must generate audit records when ... | CAT II | MarkLogic Server v9 Security T... | Set Status |
| V-220418 | MarkLogic Server must be configured in accordance ... | CAT II | MarkLogic Server v9 Security T... | Set Status |
| V-220701 | Windows 10 must employ automated mechanisms to det... | CAT II | Microsoft Windows 10 Security ... | Set Status |
| V-220903 | The DoD Root CA certificates must be installed in ... | CAT II | Microsoft Windows 10 Security ... | Set Status |
| V-220933 | Remote calls to the Security Account Manager (SAM)... | CAT II | Microsoft Windows 10 Security ... | Set Status |
| V-220957 | The Access this computer from the network user rig... | CAT II | Microsoft Windows 10 Security ... | Set Status |
| V-221202 | Exchange must limit the Receive connector timeout. | CAT II | Microsoft Exchange 2016 Edge T... | Set Status |
| V-221255 | The Exchange software baseline copy must exist. | CAT II | Microsoft Exchange 2016 Edge T... | Set Status |
| V-222387 | The application must provide a capability to limit... | CAT II | Application Security and Devel... | Set Status |
| V-222388 | The application must clear temporary storage and c... | CAT II | Application Security and Devel... | Set Status |
| V-222393 | The application must associate organization-define... | CAT II | Application Security and Devel... | Set Status |
| V-222394 | The application must associate organization-define... | CAT II | Application Security and Devel... | Set Status |
| V-222395 | The application must associate organization-define... | CAT II | Application Security and Devel... | Set Status |
| V-222396 | The application must implement DoD-approved encryp... | CAT II | Application Security and Devel... | Set Status |
| V-222397 | The application must implement cryptographic mecha... | CAT II | Application Security and Devel... | Set Status |
| V-222398 | Applications with SOAP messages requiring integrit... | CAT II | Application Security and Devel... | Set Status |
| V-222407 | The application must provide automated mechanisms ... | CAT II | Application Security and Devel... | Set Status |
| V-222408 | Shared/group account credentials must be terminate... | CAT II | Application Security and Devel... | Set Status |
| V-222409 | The application must automatically remove or disab... | CAT II | Application Security and Devel... | Set Status |
| V-222412 | Unnecessary application accounts must be disabled,... | CAT II | Application Security and Devel... | Set Status |
| V-222413 | The application must automatically audit account c... | CAT II | Application Security and Devel... | Set Status |
| V-222414 | The application must automatically audit account m... | CAT II | Application Security and Devel... | Set Status |
| V-222415 | The application must automatically audit account d... | CAT II | Application Security and Devel... | Set Status |
| V-222416 | The application must automatically audit account r... | CAT II | Application Security and Devel... | Set Status |
| V-222421 | The application must automatically audit account e... | CAT II | Application Security and Devel... | Set Status |
| V-222423 | Application data protection requirements must be i... | CAT II | Application Security and Devel... | Set Status |
| V-222424 | The application must utilize organization-defined ... | CAT II | Application Security and Devel... | Set Status |
| V-222426 | The application must enforce organization-defined ... | CAT II | Application Security and Devel... | Set Status |
| V-222427 | The application must enforce approved authorizatio... | CAT II | Application Security and Devel... | Set Status |
| V-222428 | The application must enforce approved authorizatio... | CAT II | Application Security and Devel... | Set Status |
| V-222438 | The application must protect against an individual... | CAT II | Application Security and Devel... | Set Status |
| V-222439 | For applications providing audit record aggregatio... | CAT II | Application Security and Devel... | Set Status |
| V-222443 | The application must provide audit record generati... | CAT II | Application Security and Devel... | Set Status |
| V-222445 | The application must provide audit record generati... | CAT II | Application Security and Devel... | Set Status |
| V-222447 | The application must provide audit record generati... | CAT II | Application Security and Devel... | Set Status |
| V-222448 | The application must provide audit record generati... | CAT II | Application Security and Devel... | Set Status |
| V-222450 | The application must generate audit records when s... | CAT II | Application Security and Devel... | Set Status |
| V-222451 | The application must generate audit records when s... | CAT II | Application Security and Devel... | Set Status |
| V-222452 | The application must generate audit records when s... | CAT II | Application Security and Devel... | Set Status |
| V-222453 | The application must generate audit records when s... | CAT II | Application Security and Devel... | Set Status |
| V-222454 | The application must generate audit records when s... | CAT II | Application Security and Devel... | Set Status |
| V-222455 | The application must generate audit records when s... | CAT II | Application Security and Devel... | Set Status |
| V-222456 | The application must generate audit records when s... | CAT II | Application Security and Devel... | Set Status |
| V-222457 | The application must generate audit records when s... | CAT II | Application Security and Devel... | Set Status |
| V-222458 | The application must generate audit records when s... | CAT II | Application Security and Devel... | Set Status |
| V-222459 | The application must generate audit records when s... | CAT II | Application Security and Devel... | Set Status |
| V-222460 | The application must generate audit records when s... | CAT II | Application Security and Devel... | Set Status |
| V-222461 | The application must generate audit records when s... | CAT II | Application Security and Devel... | Set Status |
| V-222465 | The application must generate audit records when s... | CAT II | Application Security and Devel... | Set Status |
| V-222466 | The application must generate audit records for al... | CAT II | Application Security and Devel... | Set Status |
| V-222467 | The application must generate audit records for al... | CAT II | Application Security and Devel... | Set Status |
| V-222468 | The application must initiate session auditing upo... | CAT II | Application Security and Devel... | Set Status |
| V-222470 | The application must log destination IP addresses. | CAT II | Application Security and Devel... | Set Status |
| V-222475 | When using centralized logging; the application mu... | CAT II | Application Security and Devel... | Set Status |
| V-222476 | The application must produce audit records that co... | CAT II | Application Security and Devel... | Set Status |
| V-222477 | The application must generate audit records contai... | CAT II | Application Security and Devel... | Set Status |
| V-222478 | The application must generate audit records contai... | CAT II | Application Security and Devel... | Set Status |
| V-222479 | The application must implement transaction recover... | CAT II | Application Security and Devel... | Set Status |
| V-222480 | The application must provide centralized managemen... | CAT II | Application Security and Devel... | Set Status |
| V-222481 | The application must off-load audit records onto a... | CAT II | Application Security and Devel... | Set Status |
| V-222482 | The application must be configured to write applic... | CAT II | Application Security and Devel... | Set Status |
| V-222483 | The application must provide an immediate warning ... | CAT II | Application Security and Devel... | Set Status |
| V-222484 | Applications categorized as having a moderate or h... | CAT II | Application Security and Devel... | Set Status |
| V-222485 | The application must alert the ISSO and SA (at a m... | CAT II | Application Security and Devel... | Set Status |
| V-222486 | The application must shut down by default upon aud... | CAT II | Application Security and Devel... | Set Status |
| V-222487 | The application must provide the capability to cen... | CAT II | Application Security and Devel... | Set Status |
| V-222488 | The application must provide the capability to fil... | CAT II | Application Security and Devel... | Set Status |
| V-222489 | The application must provide an audit reduction ca... | CAT II | Application Security and Devel... | Set Status |
| V-222490 | The application must provide an audit reduction ca... | CAT II | Application Security and Devel... | Set Status |
| V-222491 | The application must provide an audit reduction ca... | CAT II | Application Security and Devel... | Set Status |
| V-222492 | The application must provide a report generation c... | CAT II | Application Security and Devel... | Set Status |
| V-222493 | The application must provide a report generation c... | CAT II | Application Security and Devel... | Set Status |
| V-222494 | The application must provide a report generation c... | CAT II | Application Security and Devel... | Set Status |
| V-222495 | The application must provide an audit reduction ca... | CAT II | Application Security and Devel... | Set Status |
| V-222496 | The application must provide a report generation c... | CAT II | Application Security and Devel... | Set Status |
| V-222497 | The applications must use internal system clocks t... | CAT II | Application Security and Devel... | Set Status |
| V-222498 | The application must record time stamps for audit ... | CAT II | Application Security and Devel... | Set Status |
| V-222499 | The application must record time stamps for audit ... | CAT II | Application Security and Devel... | Set Status |
| V-222500 | The application must protect audit information fro... | CAT II | Application Security and Devel... | Set Status |
| V-222501 | The application must protect audit information fro... | CAT II | Application Security and Devel... | Set Status |
| V-222502 | The application must protect audit information fro... | CAT II | Application Security and Devel... | Set Status |
| V-222503 | The application must protect audit tools from unau... | CAT II | Application Security and Devel... | Set Status |
| V-222504 | The application must protect audit tools from unau... | CAT II | Application Security and Devel... | Set Status |
| V-222505 | The application must protect audit tools from unau... | CAT II | Application Security and Devel... | Set Status |
| V-222506 | The application must back up audit records at leas... | CAT II | Application Security and Devel... | Set Status |
| V-222507 | The application must use cryptographic mechanisms ... | CAT II | Application Security and Devel... | Set Status |
| V-222508 | Application audit tools must be cryptographically ... | CAT II | Application Security and Devel... | Set Status |
| V-222509 | The integrity of the audit tools must be validated... | CAT II | Application Security and Devel... | Set Status |
| V-222510 | The application must prohibit user installation of... | CAT II | Application Security and Devel... | Set Status |
| V-222511 | The application must enforce access restrictions a... | CAT II | Application Security and Devel... | Set Status |
| V-222512 | The application must audit who makes configuration... | CAT II | Application Security and Devel... | Set Status |
| V-222513 | The application must have the capability to preven... | CAT II | Application Security and Devel... | Set Status |
| V-222514 | The applications must limit privileges to change t... | CAT II | Application Security and Devel... | Set Status |
| V-222515 | An application vulnerability assessment must be co... | CAT II | Application Security and Devel... | Set Status |
| V-222516 | The application must prevent program execution in ... | CAT II | Application Security and Devel... | Set Status |
| V-222517 | The application must employ a deny-all, permit-by-... | CAT II | Application Security and Devel... | Set Status |
| V-222518 | The application must be configured to disable non-... | CAT II | Application Security and Devel... | Set Status |
| V-222519 | The application must be configured to use only fun... | CAT II | Application Security and Devel... | Set Status |
| V-222523 | The application must use multifactor (Alt. Token) ... | CAT II | Application Security and Devel... | Set Status |
| V-222524 | The application must accept Personal Identity Veri... | CAT II | Application Security and Devel... | Set Status |
| V-222525 | The application must electronically verify Persona... | CAT II | Application Security and Devel... | Set Status |
| V-222526 | The application must use multifactor (e.g., CAC, A... | CAT II | Application Security and Devel... | Set Status |
| V-222527 | The application must use multifactor (Alt. Token) ... | CAT II | Application Security and Devel... | Set Status |
| V-222528 | The application must use multifactor (e.g., CAC, A... | CAT II | Application Security and Devel... | Set Status |
| V-222529 | The application must ensure users are authenticate... | CAT II | Application Security and Devel... | Set Status |
| V-222530 | The application must implement replay-resistant au... | CAT II | Application Security and Devel... | Set Status |
| V-222531 | The application must implement replay-resistant au... | CAT II | Application Security and Devel... | Set Status |
| V-222532 | The application must utilize mutual authentication... | CAT II | Application Security and Devel... | Set Status |
| V-222533 | The application must authenticate all network conn... | CAT II | Application Security and Devel... | Set Status |
| V-222534 | Service-Oriented Applications handling non-releasa... | CAT II | Application Security and Devel... | Set Status |
| V-222535 | The application must disable device identifiers af... | CAT II | Application Security and Devel... | Set Status |
| V-222537 | The application must enforce password complexity b... | CAT II | Application Security and Devel... | Set Status |
| V-222538 | The application must enforce password complexity b... | CAT II | Application Security and Devel... | Set Status |
| V-222539 | The application must enforce password complexity b... | CAT II | Application Security and Devel... | Set Status |
| V-222540 | The application must enforce password complexity b... | CAT II | Application Security and Devel... | Set Status |
| V-222541 | The application must require the change of at leas... | CAT II | Application Security and Devel... | Set Status |
| V-222544 | The application must enforce 24 hours/1 day as the... | CAT II | Application Security and Devel... | Set Status |
| V-222545 | The application must enforce a 60-day maximum pass... | CAT II | Application Security and Devel... | Set Status |
| V-222546 | The application must prohibit password reuse for a... | CAT II | Application Security and Devel... | Set Status |
| V-222547 | The application must allow the use of a temporary ... | CAT II | Application Security and Devel... | Set Status |
| V-222548 | The application password must not be changeable by... | CAT II | Application Security and Devel... | Set Status |
| V-222549 | The application must terminate existing user sessi... | CAT II | Application Security and Devel... | Set Status |
| V-222552 | The application must map the authenticated identit... | CAT II | Application Security and Devel... | Set Status |
| V-222553 | The application, for PKI-based authentication, mus... | CAT II | Application Security and Devel... | Set Status |
| V-222556 | The application must uniquely identify and authent... | CAT II | Application Security and Devel... | Set Status |
| V-222557 | The application must accept Personal Identity Veri... | CAT II | Application Security and Devel... | Set Status |
| V-222558 | The application must electronically verify Persona... | CAT II | Application Security and Devel... | Set Status |
| V-222559 | The application must accept Federal Identity, Cred... | CAT II | Application Security and Devel... | Set Status |
| V-222560 | The application must conform to Federal Identity, ... | CAT II | Application Security and Devel... | Set Status |
| V-222561 | Applications used for non-local maintenance sessio... | CAT II | Application Security and Devel... | Set Status |
| V-222562 | Applications used for non-local maintenance sessio... | CAT II | Application Security and Devel... | Set Status |
| V-222563 | Applications used for non-local maintenance sessio... | CAT II | Application Security and Devel... | Set Status |
| V-222564 | Applications used for non-local maintenance sessio... | CAT II | Application Security and Devel... | Set Status |
| V-222565 | The application must employ strong authenticators ... | CAT II | Application Security and Devel... | Set Status |
| V-222566 | The application must terminate all sessions and ne... | CAT II | Application Security and Devel... | Set Status |
| V-222567 | The application must not be vulnerable to race con... | CAT II | Application Security and Devel... | Set Status |
| V-222568 | The application must terminate all network connect... | CAT II | Application Security and Devel... | Set Status |
| V-222570 | The application must utilize FIPS-validated crypto... | CAT II | Application Security and Devel... | Set Status |
| V-222571 | The application must utilize FIPS-validated crypto... | CAT II | Application Security and Devel... | Set Status |
| V-222572 | The application must utilize FIPS-validated crypto... | CAT II | Application Security and Devel... | Set Status |
| V-222573 | Applications making SAML assertions must use FIPS-... | CAT II | Application Security and Devel... | Set Status |
| V-222574 | The application user interface must be either phys... | CAT II | Application Security and Devel... | Set Status |
| V-222575 | The application must set the HTTPOnly flag on sess... | CAT II | Application Security and Devel... | Set Status |
| V-222576 | The application must set the secure flag on sessio... | CAT II | Application Security and Devel... | Set Status |
| V-222579 | Applications must use system-generated session ide... | CAT II | Application Security and Devel... | Set Status |
| V-222580 | Applications must validate session identifiers. | CAT II | Application Security and Devel... | Set Status |
| V-222581 | Applications must not use URL embedded session IDs... | CAT II | Application Security and Devel... | Set Status |
| V-222582 | The application must not re-use or recycle session... | CAT II | Application Security and Devel... | Set Status |
| V-222583 | The application must generate a unique session ide... | CAT II | Application Security and Devel... | Set Status |
| V-222584 | The application must only allow the use of DoD-app... | CAT II | Application Security and Devel... | Set Status |
| V-222586 | In the event of a system failure, applications mus... | CAT II | Application Security and Devel... | Set Status |
| V-222587 | The application must protect the confidentiality a... | CAT II | Application Security and Devel... | Set Status |
| V-222590 | The application must isolate security functions fr... | CAT II | Application Security and Devel... | Set Status |
| V-222591 | The application must maintain a separate execution... | CAT II | Application Security and Devel... | Set Status |
| V-222592 | Applications must prevent unauthorized and uninten... | CAT II | Application Security and Devel... | Set Status |
| V-222593 | XML-based applications must mitigate DoS attacks b... | CAT II | Application Security and Devel... | Set Status |
| V-222594 | The application must restrict the ability to launc... | CAT II | Application Security and Devel... | Set Status |
| V-222595 | The web service design must include redundancy mec... | CAT II | Application Security and Devel... | Set Status |
| V-222597 | The application must implement cryptographic mecha... | CAT II | Application Security and Devel... | Set Status |
| V-222598 | The application must maintain the confidentiality ... | CAT II | Application Security and Devel... | Set Status |
| V-222599 | The application must maintain the confidentiality ... | CAT II | Application Security and Devel... | Set Status |
| V-222600 | The application must not disclose unnecessary info... | CAT II | Application Security and Devel... | Set Status |
| V-222603 | The application must protect from Cross-Site Reque... | CAT II | Application Security and Devel... | Set Status |
| V-222605 | The application must protect from canonical repres... | CAT II | Application Security and Devel... | Set Status |
| V-222606 | The application must validate all input. | CAT II | Application Security and Devel... | Set Status |
| V-222610 | The application must generate error messages that ... | CAT II | Application Security and Devel... | Set Status |
| V-222611 | The application must reveal error messages only to... | CAT II | Application Security and Devel... | Set Status |
| V-222613 | The application must remove organization-defined s... | CAT II | Application Security and Devel... | Set Status |
| V-222614 | Security-relevant software updates and patches mus... | CAT II | Application Security and Devel... | Set Status |
| V-222615 | The application performing organization-defined se... | CAT II | Application Security and Devel... | Set Status |
| V-222616 | The application must perform verification of the c... | CAT II | Application Security and Devel... | Set Status |
| V-222618 | Unsigned Category 1A mobile code must not be used ... | CAT II | Application Security and Devel... | Set Status |
| V-222622 | The ISSO must review audit trails periodically bas... | CAT II | Application Security and Devel... | Set Status |
| V-222625 | Execution flow diagrams and design documents must ... | CAT II | Application Security and Devel... | Set Status |
| V-222626 | The designer must ensure the application does not ... | CAT II | Application Security and Devel... | Set Status |
| V-222627 | The ISSO must ensure if a DoD STIG or NSA guide is... | CAT II | Application Security and Devel... | Set Status |
| V-222628 | New IP addresses, data services, and associated po... | CAT II | Application Security and Devel... | Set Status |
| V-222630 | The Configuration Management (CM) repository must ... | CAT II | Application Security and Devel... | Set Status |
| V-222631 | Access privileges to the Configuration Management ... | CAT II | Application Security and Devel... | Set Status |
| V-222632 | A Software Configuration Management (SCM) plan des... | CAT II | Application Security and Devel... | Set Status |
| V-222633 | A Configuration Control Board (CCB) that meets at ... | CAT II | Application Security and Devel... | Set Status |
| V-222645 | Application files must be cryptographically hashed... | CAT II | Application Security and Devel... | Set Status |
| V-222648 | An application code review must be performed on th... | CAT II | Application Security and Devel... | Set Status |
| V-222651 | The changes to the application must be assessed fo... | CAT II | Application Security and Devel... | Set Status |
| V-222655 | Threat models must be documented and reviewed for ... | CAT II | Application Security and Devel... | Set Status |
| V-222656 | The application must not be subject to error handl... | CAT II | Application Security and Devel... | Set Status |
| V-222661 | Unnecessary built-in application accounts must be ... | CAT II | Application Security and Devel... | Set Status |
| V-222665 | The designer must ensure uncategorized or emerging... | CAT II | Application Security and Devel... | Set Status |
| V-222666 | Production database exports must have database adm... | CAT II | Application Security and Devel... | Set Status |
| V-222668 | The system must alert an administrator when low re... | CAT II | Application Security and Devel... | Set Status |
| V-222949 | Tomcat user UMASK must be set to 0027. | CAT II | Apache Tomcat Application Serv... | Set Status |
| V-222966 | DOD root CA certificates must be installed in Tomc... | CAT II | Apache Tomcat Application Serv... | Set Status |
| V-222967 | Keystore file must be protected. | CAT II | Apache Tomcat Application Serv... | Set Status |
| V-222969 | Access to JMX management interface must be restric... | CAT II | Apache Tomcat Application Serv... | Set Status |
| V-222970 | Access to Tomcat manager application must be restr... | CAT II | Apache Tomcat Application Serv... | Set Status |
| V-222971 | Tomcat servers must mutually authenticate proxy or... | CAT II | Apache Tomcat Application Serv... | Set Status |
| V-222974 | Clusters must operate on a trusted network. | CAT II | Apache Tomcat Application Serv... | Set Status |
| V-222995 | The application server, when categorized as a high... | CAT II | Apache Tomcat Application Serv... | Set Status |
| V-223006 | Tomcat users in a management role must be approved... | CAT II | Apache Tomcat Application Serv... | Set Status |
| V-223419 | IBM z/OS Certificate Name Filtering must be implem... | CAT II | IBM z/OS ACF2 Security Technic... | Set Status |
| V-223426 | The number of ACF2 users granted the special privi... | CAT II | IBM z/OS ACF2 Security Technic... | Set Status |
| V-223429 | CA-ACF2 NJE GSO record value must indicate validat... | CAT II | IBM z/OS ACF2 Security Technic... | Set Status |
| V-223467 | The EXITS GSO record value must specify the module... | CAT II | IBM z/OS ACF2 Security Technic... | Set Status |
| V-223468 | The CA-ACF2 LOGONID with the REFRESH attribute mus... | CAT II | IBM z/OS ACF2 Security Technic... | Set Status |
| V-223482 | ACF2 LOGONIDs with the NON-CNCL attribute specifie... | CAT II | IBM z/OS ACF2 Security Technic... | Set Status |
| V-223512 | ACF2 SECVOLS GSO record value must be set to VOLMA... | CAT II | IBM z/OS ACF2 Security Technic... | Set Status |
| V-223513 | ACF2 RESVOLS GSO record value must be set to Volma... | CAT II | IBM z/OS ACF2 Security Technic... | Set Status |
| V-223536 | IBM z/OS Surrogate users must be controlled in acc... | CAT II | IBM z/OS ACF2 Security Technic... | Set Status |
| V-223537 | The IBM z/OS BPX.SMF resource must be properly con... | CAT II | IBM z/OS ACF2 Security Technic... | Set Status |
| V-223539 | IBM z/OS Inapplicable PPT entries must be invalida... | CAT II | IBM z/OS ACF2 Security Technic... | Set Status |
| V-223557 | IBM z/OS must configure system waittimes to protec... | CAT II | IBM z/OS ACF2 Security Technic... | Set Status |
| V-223601 | IBM z/OS TCP/IP resources must be properly protect... | CAT II | IBM z/OS ACF2 Security Technic... | Set Status |
| V-223630 | IBM z/OS UNIX HFS MapName files security parameter... | CAT II | IBM z/OS ACF2 Security Technic... | Set Status |
| V-223632 | IBM z/OS User exits for the FTP Server must not be... | CAT II | IBM z/OS ACF2 Security Technic... | Set Status |
| V-223645 | IBM z/OS VTAM USSTAB definitions must not be used ... | CAT II | IBM z/OS ACF2 Security Technic... | Set Status |
| V-223646 | Certificate Name Filtering must be implemented wit... | CAT II | IBM z/OS RACF Security Technic... | Set Status |
| V-223661 | IBM RACF started tasks defined with the trusted at... | CAT II | IBM z/OS RACF Security Technic... | Set Status |
| V-223662 | IBM RACF USERIDs possessing the Tape Bypass Label ... | CAT II | IBM z/OS RACF Security Technic... | Set Status |
| V-223665 | IBM RACF Global Access Checking must be restricted... | CAT II | IBM z/OS RACF Security Technic... | Set Status |
| V-223672 | IBM RACF batch jobs must be properly secured. | CAT II | IBM z/OS RACF Security Technic... | Set Status |
| V-223673 | IBM RACF batch jobs must be protected with propaga... | CAT II | IBM z/OS RACF Security Technic... | Set Status |
| V-223699 | The IBM RACF SETROPTS SAUDIT value must be specifi... | CAT II | IBM z/OS RACF Security Technic... | Set Status |
| V-223709 | IBM RACF use of the AUDITOR privilege must be just... | CAT II | IBM z/OS RACF Security Technic... | Set Status |
| V-223712 | IBM z/OS Batch job user IDs must be properly defin... | CAT II | IBM z/OS RACF Security Technic... | Set Status |
| V-223713 | IBM RACF use of the RACF SPECIAL Attribute must be... | CAT II | IBM z/OS RACF Security Technic... | Set Status |
| V-223714 | IBM RACF assignment of the RACF OPERATIONS attribu... | CAT II | IBM z/OS RACF Security Technic... | Set Status |
| V-223719 | IBM z/OS Started Tasks must be properly identified... | CAT II | IBM z/OS RACF Security Technic... | Set Status |
| V-223741 | IBM z/OS user exits for the FTP server must not be... | CAT II | IBM z/OS RACF Security Technic... | Set Status |
| V-223755 | IBM z/OS surrogate users must be controlled in acc... | CAT II | IBM z/OS RACF Security Technic... | Set Status |
| V-223757 | IBM z/OS must configure system wait times to prote... | CAT II | IBM z/OS RACF Security Technic... | Set Status |
| V-223758 | The IBM z/OS BPX.SMF resource must be properly con... | CAT II | IBM z/OS RACF Security Technic... | Set Status |
| V-223785 | IBM zOS inapplicable PPT entries must be invalidat... | CAT II | IBM z/OS RACF Security Technic... | Set Status |
| V-223823 | IBM z/OS TCP/IP resources must be properly protect... | CAT II | IBM z/OS RACF Security Technic... | Set Status |
| V-223854 | IBM z/OS UNIX HFS MapName files security parameter... | CAT II | IBM z/OS RACF Security Technic... | Set Status |
| V-223870 | IBM z/OS VTAM USSTAB definitions must not be used ... | CAT II | IBM z/OS RACF Security Technic... | Set Status |
| V-223873 | IBM z/OS must have Certificate Name Filtering impl... | CAT II | IBM z/OS TSS Security Technica... | Set Status |
| V-223875 | The number of CA-TSS ACIDs possessing the tape Byp... | CAT II | IBM z/OS TSS Security Technica... | Set Status |
| V-223931 | IBM z/OS Started tasks must be properly defined to... | CAT II | IBM z/OS TSS Security Technica... | Set Status |
| V-223961 | IBM z/OS scheduled production batch ACIDs must spe... | CAT II | IBM z/OS TSS Security Technica... | Set Status |
| V-223978 | IBM z/OS user exits for the FTP server must not be... | CAT II | IBM z/OS TSS Security Technica... | Set Status |
| V-223996 | IBM z/OS Surrogate users must be controlled in acc... | CAT II | IBM z/OS TSS Security Technica... | Set Status |
| V-224000 | The IBM z/OS BPX.SMF resource must be properly con... | CAT II | IBM z/OS TSS Security Technica... | Set Status |
| V-224008 | IBM z/OS inapplicable PPT entries must be invalida... | CAT II | IBM z/OS TSS Security Technica... | Set Status |
| V-224031 | IBM z/OS must configure system wait times to prote... | CAT II | IBM z/OS TSS Security Technica... | Set Status |
| V-224058 | IBM z/OS TCP/IP resources must be properly protect... | CAT II | IBM z/OS TSS Security Technica... | Set Status |
| V-224074 | IBM z/OS UNIX HFS MapName file security parameters... | CAT II | IBM z/OS TSS Security Technica... | Set Status |
| V-224105 | IBM z/OS VTAM USSTAB definitions must not be used ... | CAT II | IBM z/OS TSS Security Technica... | Set Status |
| V-224107 | BMC CONTROL-D security exits are not installed or ... | CAT II | z/OS BMC CONTROL-D for ACF2 Se... | Set Status |
| V-224125 | BMC CONTROL-O security exits are not installed or ... | CAT II | z/OS BMC CONTROL-O for ACF2 Se... | Set Status |
| V-224243 | BMC IOA security exits are not installed or config... | CAT II | z/OS BMC IOA for ACF2 Security... | Set Status |
| V-224257 | CA 1 Tape Management user exits, when in use, must... | CAT II | z/OS CA 1 Tape Management for ... | Set Status |
| V-224306 | CICS default logonid(s) must be defined and/or con... | CAT II | z/OS IBM CICS Transaction Serv... | Set Status |
| V-224307 | CICS logonid(s) must be configured with proper tim... | CAT II | z/OS IBM CICS Transaction Serv... | Set Status |
| V-224355 | WebSphere MQ channel security is not implemented i... | CAT II | zOS WebSphere MQ for ACF2 Secu... | Set Status |
| V-224356 | Production WebSphere MQ Remotes must utilize Certi... | CAT II | zOS WebSphere MQ for ACF2 Secu... | Set Status |
| V-224376 | The BlackBerry UEM server must be configured to di... | CAT II | BlackBerry UEM Security Techni... | Set Status |
| V-224383 | The firewall protecting the BlackBerry UEM server ... | CAT II | BlackBerry UEM Security Techni... | Set Status |
| V-224389 | BMC CONTROL-D security exits are not installed or ... | CAT II | z/OS BMC CONTROL-D for RACF Se... | Set Status |
| V-224409 | BMC CONTROL-O security exits are not installed or ... | CAT II | z/OS BMC CONTROL-O for RACF Se... | Set Status |
| V-224415 | BMC IOA security exits are not installed or config... | CAT II | z/OS BMC IOA for RACF Security... | Set Status |
| V-224449 | CA 1 Tape Management user exits, when in use, must... | CAT II | z/OS CA 1 Tape Management for ... | Set Status |
| V-224483 | All hardware components of the FEPs are not placed... | CAT II | z/OS Front End Processor for R... | Set Status |
| V-224485 | A documented procedure is not available instructin... | CAT II | z/OS Front End Processor for R... | Set Status |
| V-224486 | An active log is not available to keep track of al... | CAT II | z/OS Front End Processor for R... | Set Status |
| V-224488 | A password control is not in place to restrict acc... | CAT II | z/OS Front End Processor for R... | Set Status |
| V-224496 | CICS default logonid(s) must be defined and/or con... | CAT II | z/OS IBM CICS Transaction Serv... | Set Status |
| V-224497 | CICS logonid(s) must have timeout limit set to 15 ... | CAT II | z/OS IBM CICS Transaction Serv... | Set Status |
| V-224552 | WebSphere MQ channel security is not implemented i... | CAT II | zOS WebSphere MQ for RACF Secu... | Set Status |
| V-224553 | Production WebSphere MQ Remotes must utilize Certi... | CAT II | zOS WebSphere MQ for RACF Secu... | Set Status |
| V-224579 | BMC CONTROL-D security exits are not installed or ... | CAT II | z/OS BMC CONTROL-D for TSS Sec... | Set Status |
| V-224591 | BMC CONTROL-O security exits are not installed or ... | CAT II | z/OS BMC CONTROL-O for TSS Sec... | Set Status |
| V-224598 | BMC IOA security exits are not installed or config... | CAT II | z/OS BMC IOA for TSS Security ... | Set Status |
| V-224637 | CA 1 Tape Management user exits, when in use, must... | CAT II | z/OS CA 1 Tape Management for ... | Set Status |
| V-224720 | All hardware components of the FEPs are not placed... | CAT II | zOS Front End Processor for TS... | Set Status |
| V-224722 | A documented procedure is not available instructin... | CAT II | zOS Front End Processor for TS... | Set Status |
| V-224723 | An active log is not available to keep track of al... | CAT II | zOS Front End Processor for TS... | Set Status |
| V-224725 | A password control is not in place to restrict acc... | CAT II | zOS Front End Processor for TS... | Set Status |
| V-224733 | CICS default logonid(s) must be defined and/or con... | CAT II | z/OS IBM CICS Transaction Serv... | Set Status |
| V-224734 | CICS logonid(s) must be configured with proper tim... | CAT II | z/OS IBM CICS Transaction Serv... | Set Status |
| V-224825 | Shared user accounts must not be permitted on the ... | CAT II | Microsoft Windows Server 2016 ... | Set Status |
| V-224847 | Windows Server 2016 must employ automated mechani... | CAT II | Microsoft Windows Server 2016 ... | Set Status |
| V-224977 | Separate, NSA-approved (Type 1) cryptography must ... | CAT II | Microsoft Windows Server 2016 ... | Set Status |
| V-224997 | The Access this computer from the network user rig... | CAT II | Microsoft Windows Server 2016 ... | Set Status |
| V-225014 | The "Access this computer from the network" user r... | CAT II | Microsoft Windows Server 2016 ... | Set Status |
| V-225021 | The DoD Root CA certificates must be installed in ... | CAT II | Microsoft Windows Server 2016 ... | Set Status |
| V-225072 | The Allow log on locally user right must only be a... | CAT II | Microsoft Windows Server 2016 ... | Set Status |
| V-225073 | The Back up files and directories user right must ... | CAT II | Microsoft Windows Server 2016 ... | Set Status |
| V-225076 | The Create global objects user right must only be ... | CAT II | Microsoft Windows Server 2016 ... | Set Status |
| V-225081 | The Generate security audits user right must only ... | CAT II | Microsoft Windows Server 2016 ... | Set Status |
| V-225082 | The Impersonate a client after authentication user... | CAT II | Microsoft Windows Server 2016 ... | Set Status |
| V-225083 | The Increase scheduling priority user right must o... | CAT II | Microsoft Windows Server 2016 ... | Set Status |
| V-225085 | The Lock pages in memory user right must not be as... | CAT II | Microsoft Windows Server 2016 ... | Set Status |
| V-225086 | The Manage auditing and security log user right mu... | CAT II | Microsoft Windows Server 2016 ... | Set Status |
| V-225088 | The Perform volume maintenance tasks user right mu... | CAT II | Microsoft Windows Server 2016 ... | Set Status |
| V-225092 | The Restore files and directories user right must ... | CAT II | Microsoft Windows Server 2016 ... | Set Status |
| V-225093 | The Take ownership of files or other objects user ... | CAT II | Microsoft Windows Server 2016 ... | Set Status |
| V-225227 | CAS and policy configuration files must be backed ... | CAT II | Microsoft DotNet Framework 4.0... | Set Status |
| V-225231 | .NET must be configured to validate strong names o... | CAT II | Microsoft DotNet Framework 4.0... | Set Status |
| V-225236 | Software utilizing .Net 4.0 must be identified and... | CAT II | Microsoft DotNet Framework 4.0... | Set Status |
| V-225624 | WebSphere MQ channel security is not implemented i... | CAT II | zOS WebSphere MQ for TSS Secur... | Set Status |
| V-225625 | Production WebSphere MQ Remotes must utilize Certi... | CAT II | zOS WebSphere MQ for TSS Secur... | Set Status |
| V-225644 | The Samsung SDS EMM must be configured to display ... | CAT II | Samsung SDS EMM Security Techn... | Set Status |
| V-225652 | The firewall protecting the Samsung SDS EMM platfo... | CAT II | Samsung SDS EMM Security Techn... | Set Status |
| V-225655 | The Samsung SDS EMM must automatically disable acc... | CAT II | Samsung SDS EMM Security Techn... | Set Status |
| V-228410 | Exchange must provide Mailbox databases in a highl... | CAT II | Microsoft Exchange 2016 Mailbo... | Set Status |
| V-228572 | An IIS Server configured to be a SMTP relay must r... | CAT II | Microsoft IIS 10.0 Server Secu... | Set Status |
| V-228672 | The Palo Alto Networks security platform must use ... | CAT II | Palo Alto Networks NDM Securit... | Set Status |
| V-228843 | The Palo Alto Networks security platform must bloc... | CAT II | Palo Alto Networks ALG Securit... | Set Status |
| V-229014 | The Juniper SRX Services Gateway must automaticall... | CAT II | Juniper SRX Services Gateway N... | Set Status |
| V-230183 | All hardware components of the FEPs are not placed... | CAT II | z/OS Front End Processor for A... | Set Status |
| V-230185 | A documented procedure is not available instructin... | CAT II | z/OS Front End Processor for A... | Set Status |
| V-230186 | An active log is not available to keep track of al... | CAT II | z/OS Front End Processor for A... | Set Status |
| V-230188 | A password control is not in place to restrict acc... | CAT II | z/OS Front End Processor for A... | Set Status |
| V-230222 | RHEL 8 vendor packaged system security patches and... | CAT II | Red Hat Enterprise Linux 8 Sec... | Set Status |
| V-230931 | Forescout must terminate the account of last resor... | CAT II | Forescout Network Device Manag... | Set Status |
| V-230956 | Forescout must be configured to conduct backups of... | CAT II | Forescout Network Device Manag... | Set Status |
| V-230957 | Forescout must support organizational requirements... | CAT II | Forescout Network Device Manag... | Set Status |
| V-233041 | The container platform must initiate session audit... | CAT II | Container Platform Security Re... | Set Status |
| V-233042 | All audit records must identify what type of event... | CAT II | Container Platform Security Re... | Set Status |
| V-233043 | The container platform audit records must have a d... | CAT II | Container Platform Security Re... | Set Status |
| V-233045 | All audit records must identify the source of the ... | CAT II | Container Platform Security Re... | Set Status |
| V-233047 | All audit records must identify any users associat... | CAT II | Container Platform Security Re... | Set Status |
| V-233049 | The container platform must generate audit records... | CAT II | Container Platform Security Re... | Set Status |
| V-233073 | The container platform runtime must enforce ports,... | CAT II | Container Platform Security Re... | Set Status |
| V-233101 | The container platform must map the authenticated ... | CAT II | Container Platform Security Re... | Set Status |
| V-233102 | The container platform must obscure feedback of au... | CAT II | Container Platform Security Re... | Set Status |
| V-233108 | The application must terminate all network connect... | CAT II | Container Platform Security Re... | Set Status |
| V-233122 | The container platform runtime must fail to a secu... | CAT II | Container Platform Security Re... | Set Status |
| V-233127 | The container platform must prohibit containers fr... | CAT II | Container Platform Security Re... | Set Status |
| V-233128 | The container platform must prevent unauthorized a... | CAT II | Container Platform Security Re... | Set Status |
| V-233129 | The container platform must restrict individuals' ... | CAT II | Container Platform Security Re... | Set Status |
| V-233133 | The container platform must generate error message... | CAT II | Container Platform Security Re... | Set Status |
| V-233162 | The container platform must prevent non-privileged... | CAT II | Container Platform Security Re... | Set Status |
| V-233163 | Container images instantiated by the container pla... | CAT II | Container Platform Security Re... | Set Status |
| V-233164 | The container platform must audit the execution of... | CAT II | Container Platform Security Re... | Set Status |
| V-233166 | The container platform must provide the configurat... | CAT II | Container Platform Security Re... | Set Status |
| V-233181 | All audit records must use UTC or GMT time stamps. | CAT II | Container Platform Security Re... | Set Status |
| V-233182 | The container platform must record time stamps for... | CAT II | Container Platform Security Re... | Set Status |
| V-233188 | The container platform must enforce access restric... | CAT II | Container Platform Security Re... | Set Status |
| V-233189 | The container platform must enforce access restric... | CAT II | Container Platform Security Re... | Set Status |
| V-233191 | The container platform must prevent component exec... | CAT II | Container Platform Security Re... | Set Status |
| V-233192 | The container platform registry must employ a deny... | CAT II | Container Platform Security Re... | Set Status |
| V-233193 | The container platform must require users to reaut... | CAT II | Container Platform Security Re... | Set Status |
| V-233195 | The container platform must be configured to use m... | CAT II | Container Platform Security Re... | Set Status |
| V-233202 | The container platform must accept Personal Identi... | CAT II | Container Platform Security Re... | Set Status |
| V-233211 | The container platform must implement NSA-approved... | CAT II | Container Platform Security Re... | Set Status |
| V-233221 | The container platform runtime must maintain separ... | CAT II | Container Platform Security Re... | Set Status |
| V-233222 | The container platform must protect against or lim... | CAT II | Container Platform Security Re... | Set Status |
| V-233226 | The container platform must maintain the confident... | CAT II | Container Platform Security Re... | Set Status |
| V-233227 | The container platform must maintain the confident... | CAT II | Container Platform Security Re... | Set Status |
| V-233230 | The container platform must remove old components ... | CAT II | Container Platform Security Re... | Set Status |
| V-233231 | The container platform registry must remove old co... | CAT II | Container Platform Security Re... | Set Status |
| V-233233 | The container platform registry must contain the l... | CAT II | Container Platform Security Re... | Set Status |
| V-233234 | The container platform runtime must have security-... | CAT II | Container Platform Security Re... | Set Status |
| V-233242 | The organization-defined role must verify correct ... | CAT II | Container Platform Security Re... | Set Status |
| V-233243 | The container platform must perform verification o... | CAT II | Container Platform Security Re... | Set Status |
| V-233244 | The container platform must provide system notific... | CAT II | Container Platform Security Re... | Set Status |
| V-233263 | The container platform must generate audit records... | CAT II | Container Platform Security Re... | Set Status |
| V-233264 | The container platform must generate audit record ... | CAT II | Container Platform Security Re... | Set Status |
| V-233265 | The container platform audit records must record u... | CAT II | Container Platform Security Re... | Set Status |
| V-233266 | The container platform must generate audit records... | CAT II | Container Platform Security Re... | Set Status |
| V-233274 | The container platform must be able to store and i... | CAT II | Container Platform Security Re... | Set Status |
| V-233512 | PostgreSQL must produce audit records containing s... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233521 | PostgreSQL must associate organization-defined typ... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233524 | PostgreSQL must uniquely identify and authenticate... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233525 | PostgreSQL must associate organization-defined typ... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233526 | PostgreSQL must check the validity of all data inp... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233528 | PostgreSQL and associated applications, when makin... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233530 | PostgreSQL must enforce discretionary access contr... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233533 | PostgreSQL must reveal detailed error messages onl... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233534 | PostgreSQL must allow only the Information System ... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233539 | Database objects (including but not limited to tab... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233542 | PostgreSQL must include additional, more detailed,... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233543 | Execution of software modules (to include function... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233544 | When invalid inputs are received, PostgreSQL must ... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233546 | PostgreSQL must isolate security functions from no... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233549 | The audit information produced by PostgreSQL must ... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233551 | PostgreSQL must generate audit records when catego... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233556 | PostgreSQL must generate audit records when privil... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233557 | PostgreSQL must generate audit records when unsucc... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233559 | PostgreSQL must generate audit records when securi... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233562 | PostgreSQL must be able to generate audit records ... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233565 | PostgreSQL must generate audit records for all pri... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233567 | PostgreSQL must be able to generate audit records ... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233568 | PostgreSQL must generate audit records when privil... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233571 | PostgreSQL must generate audit records when privil... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233572 | PostgreSQL must generate audit records when unsucc... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233573 | PostgreSQL must generate audit records when securi... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233574 | PostgreSQL must generate audit records when catego... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233577 | PostgreSQL, when utilizing PKI-based authenticatio... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233580 | PostgreSQL must be configured to provide audit rec... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233588 | PostgreSQL must separate user functionality (inclu... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233590 | PostgreSQL must implement cryptographic mechanisms... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233591 | PostgreSQL must produce audit records containing s... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233598 | PostgreSQL must protect against a user falsely rep... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233603 | PostgreSQL must only accept end entity certificate... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233605 | PostgreSQL must implement cryptographic mechanisms... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233611 | PostgreSQL must maintain the authenticity of commu... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233612 | PostgreSQL must uniquely identify and authenticate... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233613 | PostgreSQL must automatically terminate a user ses... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233620 | Audit records must be generated when categorized i... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-233622 | PostgreSQL must generate audit records for all dir... | CAT II | Crunchy Data PostgreSQL Securi... | Set Status |
| V-234196 | The FortiGate device must support organizational r... | CAT II | Fortinet FortiGate Firewall ND... | Set Status |
| V-234848 | SUSE operating system AppArmor tool must be config... | CAT II | SUSE Linux Enterprise Server 1... | Set Status |
| V-234874 | The SUSE operating system must not have unnecessar... | CAT II | SUSE Linux Enterprise Server 1... | Set Status |
| V-235096 | MySQL Database Server 8.0 must limit the number o... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235097 | MySQL Database Server 8.0 must produce audit reco... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235098 | The MySQL Database Server 8.0 must include additio... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235102 | The MySQL Database Server 8.0 must protect against... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235104 | The MySQL Database Server 8.0 must allow only the ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235105 | The MySQL Database Server 8.0 must be able to gene... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235106 | The MySQL Database Server 8.0 must be able to gene... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235107 | The MySQL Database Server 8.0 must be able to gene... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235108 | The MySQL Database Server 8.0 must generate audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235109 | The MySQL Database Server 8.0 must generate audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235110 | The MySQL Database Server 8.0 must generate audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235115 | The MySQL Database Server 8.0 must generate audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235116 | The MySQL Database Server 8.0 must generate audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235117 | The MySQL Database Server 8.0 must generate audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235118 | The MySQL Database Server 8.0 must generate audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235119 | The MySQL Database Server 8.0 must generate audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235120 | The MySQL Database Server 8.0 must generate audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235121 | The MySQL Database Server 8.0 must generate audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235122 | The MySQL Database Server 8.0 must generate audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235123 | The MySQL Database Server 8.0 must generate audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235124 | The MySQL Database Server 8.0 must generate audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235125 | The MySQL Database Server 8.0 must generate audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235126 | The MySQL Database Server 8.0 must generate audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235127 | The MySQL Database Server 8.0 must generate audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235128 | The MySQL Database Server 8.0 must generate audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235130 | The MySQL Database Server 8.0 must generate audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235131 | The MySQL Database Server 8.0 must be able to gene... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235132 | The MySQL Database Server 8.0 must generate audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235133 | The MySQL Database Server 8.0 must generate audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235138 | If passwords are used for authentication, the MySQ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235142 | The MySQL Database Server 8.0 must be configured i... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235143 | Default demonstration and sample databases, databa... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235146 | The MySQL Database Server 8.0 must be configured t... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235149 | The MySQL Database Server 8.0 must uniquely identi... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235150 | The MySQL Database Server 8.0 must separate user f... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235151 | The MySQL Database Server 8.0 must isolate securit... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235156 | The MySQL Database Server 8.0 must check the valid... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235158 | The MySQL Database Server 8.0 and associated appli... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235163 | The MySQL Database Server 8.0 must limit privilege... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235167 | The MySQL Database Server 8.0 must disable network... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235168 | The MySQL Database Server 8.0 must prohibit user i... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235173 | The MySQL Database Server 8.0 must allocate audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235174 | The MySQL Database Server 8.0 must off-load audit ... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235180 | Execution of software modules (to include stored p... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235181 | The MySQL Database Server 8.0 must prevent non-pri... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235185 | The MySQL Database Server 8.0 must automatically t... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-235187 | The MySQL Database Server 8.0 must use NSA-approve... | CAT II | Oracle MySQL 8.0 Security Tech... | Set Status |
| V-239371 | The web server must implement required cryptograph... | CAT II | Web Server Security Requiremen... | Set Status |
| V-240925 | The application server must implement NSA-approved... | CAT II | Application Server Security Re... | Set Status |
| V-241815 | The firewall protecting the Jamf Pro EMM server pl... | CAT II | Jamf Pro v10.x EMM Security Te... | Set Status |
| V-242256 | The TippingPoint SMS must support organizational r... | CAT II | Trend Micro TippingPoint NDM S... | Set Status |
| V-242260 | The password for the local account of last resort ... | CAT II | Trend Micro TippingPoint NDM S... | Set Status |
| V-242410 | The Kubernetes API Server must enforce ports, prot... | CAT II | Kubernetes Security Technical ... | Set Status |
| V-242411 | The Kubernetes Scheduler must enforce ports, proto... | CAT II | Kubernetes Security Technical ... | Set Status |
| V-242412 | The Kubernetes Controllers must enforce ports, pro... | CAT II | Kubernetes Security Technical ... | Set Status |
| V-242413 | The Kubernetes etcd must enforce ports, protocols,... | CAT II | Kubernetes Security Technical ... | Set Status |
| V-243443 | Site IT resources designated as high value by the ... | CAT II | Microsoft Windows PAW Security... | Set Status |
| V-243445 | A Windows PAW must only be used to manage high-val... | CAT II | Microsoft Windows PAW Security... | Set Status |
| V-243476 | All accounts, privileged and unprivileged, that re... | CAT II | Active Directory Domain Securi... | Set Status |
| V-243480 | The domain functional level must be at a Windows S... | CAT II | Active Directory Domain Securi... | Set Status |
| V-243481 | Access to need-to-know information must be restric... | CAT II | Active Directory Domain Securi... | Set Status |
| V-245726 | COMSEC Training - COMSEC User | CAT II | Traditional Security Checklist | Set Status |
| V-245741 | Protected Distribution System (PDS) Monitoring - R... | CAT II | Traditional Security Checklist | Set Status |
| V-245757 | Foreign National System Access - Identification as... | CAT II | Traditional Security Checklist | Set Status |
| V-245761 | Foreign National (FN) Systems Access - Local Natio... | CAT II | Traditional Security Checklist | Set Status |
| V-245762 | Foreign National (FN) Systems Access - Delegation ... | CAT II | Traditional Security Checklist | Set Status |
| V-245768 | Foreign National (FN) Administrative Controls - Wr... | CAT II | Traditional Security Checklist | Set Status |
| V-245769 | Foreign National (FN) Administrative Controls - Pr... | CAT II | Traditional Security Checklist | Set Status |
| V-245772 | Information Assurance - COOP Plan and Testing (Not... | CAT II | Traditional Security Checklist | Set Status |
| V-245778 | Information Assurance - Accreditation Documentatio... | CAT II | Traditional Security Checklist | Set Status |
| V-245790 | Information Assurance - Network Connections - Phys... | CAT II | Traditional Security Checklist | Set Status |
| V-245793 | Industrial Security - Contract Guard Vetting | CAT II | Traditional Security Checklist | Set Status |
| V-245840 | Classified Emergency Destruction Plans - Develop a... | CAT II | Traditional Security Checklist | Set Status |
| V-245843 | Controlled Unclassified Information (CUI) - Employ... | CAT II | Traditional Security Checklist | Set Status |
| V-245844 | Controlled Unclassified Information - Document, Ha... | CAT II | Traditional Security Checklist | Set Status |
| V-245871 | Security and Cybersecurity Staff Appointment, Trai... | CAT II | Traditional Security Checklist | Set Status |
| V-248523 | OL 8 vendor-packaged system security patches and u... | CAT II | Oracle Linux 8 Security Techni... | Set Status |
| V-248713 | OL 8 must not have unnecessary accounts. | CAT II | Oracle Linux 8 Security Techni... | Set Status |
| V-251022 | The Sentry must be configured to prohibit or restr... | CAT II | Ivanti Sentry 9.x ALG Security... | Set Status |
| V-251186 | Redis Enterprise DBMS must enforce discretionary a... | CAT II | Redis Enterprise 6.x Security ... | Set Status |
| V-251187 | Redis Enterprise DBMS must enforce access control ... | CAT II | Redis Enterprise 6.x Security ... | Set Status |
| V-251188 | Redis Enterprise DBMS must prevent non-privileged ... | CAT II | Redis Enterprise 6.x Security ... | Set Status |
| V-251190 | Redis Enterprise DBMS must provide audit record ge... | CAT II | Redis Enterprise 6.x Security ... | Set Status |
| V-251195 | Redis Enterprise DBMS must allocate audit record s... | CAT II | Redis Enterprise 6.x Security ... | Set Status |
| V-251196 | Redis Enterprise DBMS must offload audit data to a... | CAT II | Redis Enterprise 6.x Security ... | Set Status |
| V-251212 | Database software, including DBMS configuration fi... | CAT II | Redis Enterprise 6.x Security ... | Set Status |
| V-251214 | Redis Enterprise DBMS must be configured in accord... | CAT II | Redis Enterprise 6.x Security ... | Set Status |
| V-251215 | Redis Enterprise DBMS must disable network functio... | CAT II | Redis Enterprise 6.x Security ... | Set Status |
| V-251220 | Redis Enterprise DBMS must be configured to prohib... | CAT II | Redis Enterprise 6.x Security ... | Set Status |
| V-251221 | Redis Enterprise DBMS must require users to reauth... | CAT II | Redis Enterprise 6.x Security ... | Set Status |
| V-251224 | Redis Enterprise DBMS must prohibit the use of cac... | CAT II | Redis Enterprise 6.x Security ... | Set Status |
| V-251234 | Redis Enterprise DBMS must implement NIST FIPS 140... | CAT II | Redis Enterprise 6.x Security ... | Set Status |
| V-251246 | Redis Enterprise DBMS must prevent unauthorized an... | CAT II | Redis Enterprise 6.x Security ... | Set Status |
| V-251250 | Redis Enterprise DBMS and associated applications ... | CAT II | Redis Enterprise 6.x Security ... | Set Status |
| V-251251 | Redis Enterprise DBMS and associated applications,... | CAT II | Redis Enterprise 6.x Security ... | Set Status |
| V-251354 | All external connections must be validated and app... | CAT II | Network Infrastructure Policy ... | Set Status |
| V-251356 | External connections to the network must be review... | CAT II | Network Infrastructure Policy ... | Set Status |
| V-251379 | Annual reviews must be performed on all Releasable... | CAT II | Network Infrastructure Policy ... | Set Status |
| V-251403 | The Ivanti EPMM server must display the Standard M... | CAT II | Ivanti EPMM Server Security Te... | Set Status |
| V-251422 | The Ivanti EPMM server must be configured in accor... | CAT II | Ivanti EPMM Server Security Te... | Set Status |
| V-251636 | IDMS must prevent users without the appropriate ac... | CAT II | CA IDMS Security Technical Imp... | Set Status |
| V-251639 | IDMS must restrict the use of code that provides e... | CAT II | CA IDMS Security Technical Imp... | Set Status |
| V-251791 | The NSX-T Manager must support organizational requ... | CAT II | VMware NSX-T Manager NDM Secur... | Set Status |
| V-252967 | TOSS must not have unnecessary accounts. | CAT II | Tri-Lab Operating System Stack... | Set Status |
| V-253427 | The DoD Root CA certificates must be installed in ... | CAT II | Microsoft Windows 11 Security ... | Set Status |
| V-253457 | Remote calls to the Security Account Manager (SAM)... | CAT II | Microsoft Windows 11 Security ... | Set Status |
| V-253480 | The "Access this computer from the network" user r... | CAT II | Microsoft Windows 11 Security ... | Set Status |
| V-253685 | MariaDB must limit privileges to change software m... | CAT II | MariaDB Enterprise 10.x Securi... | Set Status |
| V-253688 | Database objects (including but not limited to tab... | CAT II | MariaDB Enterprise 10.x Securi... | Set Status |
| V-253693 | MariaDB must be configured to prohibit or restrict... | CAT II | MariaDB Enterprise 10.x Securi... | Set Status |
| V-253714 | MariaDB must check the validity of all data inputs... | CAT II | MariaDB Enterprise 10.x Securi... | Set Status |
| V-253716 | MariaDB and associated applications, when making u... | CAT II | MariaDB Enterprise 10.x Securi... | Set Status |
| V-253717 | MariaDB must automatically terminate a user's sess... | CAT II | MariaDB Enterprise 10.x Securi... | Set Status |
| V-253718 | MariaDB must provide logout functionality to allow... | CAT II | MariaDB Enterprise 10.x Securi... | Set Status |
| V-253722 | MariaDB must enforce discretionary access control ... | CAT II | MariaDB Enterprise 10.x Securi... | Set Status |
| V-253723 | MariaDB must prevent nonprivileged users from exec... | CAT II | MariaDB Enterprise 10.x Securi... | Set Status |
| V-253724 | Execution of software modules (to include stored p... | CAT II | MariaDB Enterprise 10.x Securi... | Set Status |
| V-253766 | MariaDB must generate audit records for all privil... | CAT II | MariaDB Enterprise 10.x Securi... | Set Status |
| V-253767 | MariaDB must generate audit records when unsuccess... | CAT II | MariaDB Enterprise 10.x Securi... | Set Status |
| V-253782 | The Tanium application must be configured for LDAP... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253783 | The Tanium application must uniquely identify and ... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253784 | The Tanium application must separate user function... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253795 | The Tanium application must prohibit user installa... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253796 | The application must enforce access restrictions a... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253800 | The Tanium application must accept Personal Identi... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253814 | The Tanium application must retain the session loc... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253815 | The Tanium Application Server must be configured w... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253816 | The Tanium Application Server must be configured t... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253817 | Tanium Computer Groups must be used to restrict co... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253818 | Documentation identifying Tanium console users, th... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253819 | The Tanium application must be configured to use T... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253820 | Documentation identifying Tanium console users and... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253828 | Multifactor authentication must be enabled and enf... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253831 | The Tanium application must prohibit user installa... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253832 | The Tanium database(s) must be installed on a sepa... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253837 | The Tanium Application Server console must be conf... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253838 | Tanium Trusted Content providers must be documente... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253839 | Content providers must provide their public key to... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253840 | Tanium public keys of content providers must be va... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253842 | The Tanium documentation identifying recognized an... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253843 | Tanium Threat Response must be configured to recei... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253863 | The Tanium "max_soap_sessions_total" setting must ... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253864 | The Tanium "max_soap_sessions_per_user" setting mu... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253865 | The Tanium documentation identifying recognized an... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253866 | The Tanium Threat Response Local Directory Source ... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253867 | The Tanium documentation identifying recognized an... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253868 | The Tanium documentation identifying recognized an... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253872 | Tanium Server files must be excluded from host-bas... | CAT II | Tanium 7.x Security Technical ... | Set Status |
| V-253974 | The Juniper BGP router must be configured to rejec... | CAT II | Juniper EX Series Switches Rou... | Set Status |
| V-254046 | The Juniper perimeter router must be configured to... | CAT II | Juniper EX Series Switches Rou... | Set Status |
| V-254244 | Windows Server 2022 shared user accounts must not ... | CAT II | Microsoft Windows Server 2022 ... | Set Status |
| V-254398 | Windows Server 2022 must use separate, NSA-approve... | CAT II | Microsoft Windows Server 2022 ... | Set Status |
| V-254418 | Windows Server 2022 Access this computer from the ... | CAT II | Microsoft Windows Server 2022 ... | Set Status |
| V-254433 | Windows Server 2022 must restrict remote calls to ... | CAT II | Microsoft Windows Server 2022 ... | Set Status |
| V-254434 | Windows Server 2022 Access this computer from the ... | CAT II | Microsoft Windows Server 2022 ... | Set Status |
| V-254442 | Windows Server 2022 must have the DoD Root Certifi... | CAT II | Microsoft Windows Server 2022 ... | Set Status |
| V-254493 | Windows Server 2022 Allow log on locally user righ... | CAT II | Microsoft Windows Server 2022 ... | Set Status |
| V-254494 | Windows Server 2022 back up files and directories ... | CAT II | Microsoft Windows Server 2022 ... | Set Status |
| V-254497 | Windows Server 2022 create global objects user rig... | CAT II | Microsoft Windows Server 2022 ... | Set Status |
| V-254502 | Windows Server 2022 generate security audits user ... | CAT II | Microsoft Windows Server 2022 ... | Set Status |
| V-254503 | Windows Server 2022 impersonate a client after aut... | CAT II | Microsoft Windows Server 2022 ... | Set Status |
| V-254504 | Windows Server 2022 increase scheduling priority: ... | CAT II | Microsoft Windows Server 2022 ... | Set Status |
| V-254506 | Windows Server 2022 lock pages in memory user righ... | CAT II | Microsoft Windows Server 2022 ... | Set Status |
| V-254507 | Windows Server 2022 manage auditing and security l... | CAT II | Microsoft Windows Server 2022 ... | Set Status |
| V-254511 | Windows Server 2022 restore files and directories ... | CAT II | Microsoft Windows Server 2022 ... | Set Status |
| V-254512 | Windows Server 2022 take ownership of files or oth... | CAT II | Microsoft Windows Server 2022 ... | Set Status |
| V-254566 | Rancher RKE2 runtime must enforce ports, protocols... | CAT II | Rancher Government Solutions R... | Set Status |
| V-254710 | The firewall protecting the BEMS must be configure... | CAT II | BlackBerry Enterprise Mobility... | Set Status |
| V-254810 | Information Security (INFOSEC) ‐ Secure Room Stora... | CAT II | TRADSEC NIPR SIPR STIGs CMD | Set Status |
| V-254874 | The Tanium max_soap_sessions_total setting must be... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254875 | The Tanium max_soap_sessions_per_user setting must... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254876 | The Tanium Application Server console must be conf... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254878 | Tanium Trusted Content providers must be documente... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254879 | Content providers must provide their public key to... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254880 | Tanium public keys of content providers must be va... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254881 | The Tanium Application Server must be configured t... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254882 | Tanium Computer Groups must be used to restrict co... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254883 | Documentation identifying Tanium console users, th... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254884 | The Tanium application must be configured to use T... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254885 | Documentation identifying Tanium console users and... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254887 | The Tanium documentation identifying recognized an... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254888 | Tanium Threat Response must be configured to recei... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254889 | The Tanium documentation identifying recognized an... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254891 | The Tanium documentation identifying recognized an... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254892 | The Tanium documentation identifying recognized an... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254897 | Multifactor authentication must be enabled and enf... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254902 | The Tanium application must prohibit user installa... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254909 | The Tanium endpoint must have the Tanium Servers p... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254916 | The Tanium application must uniquely identify and ... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254917 | The Tanium application must separate user function... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254936 | The Tanium application must provide an immediate r... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254938 | The Tanium application must prohibit user installa... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-254939 | The application must enforce access restrictions a... | CAT II | Tanium 7.x Application on TanO... | Set Status |
| V-255304 | Azure SQL Database must protect against a user fal... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255305 | Azure SQL Database must protect against a user fal... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255306 | Database objects (including but not limited to tab... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255307 | The role(s)/group(s) used to modify database struc... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255308 | The Azure SQL Database must isolate security funct... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255310 | Azure SQL Database must check the validity of all ... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255311 | The Azure SQL Database and associated applications... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255312 | The Azure SQL Database and associated applications... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255316 | Azure SQL Database must enforce discretionary acce... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255317 | Azure SQL Database must restrict execution of stor... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255318 | Azure SQL Database must prohibit user installation... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255319 | Azure SQL Database must enforce access restriction... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255323 | When invalid inputs are received, the Azure SQL Da... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255325 | Azure SQL Database must allow only the ISSM (or in... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255329 | Azure SQL Database must include additional, more d... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255333 | Azure SQL Database default demonstration and sampl... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255334 | The Azure SQL Database must be configured to prohi... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255337 | Azure SQL Database must uniquely identify and auth... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255340 | Azure SQL Database must automatically terminate a ... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255341 | Azure SQL Database must prevent nonprivileged user... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255343 | Azure SQL Database must be able to allocate audit ... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255346 | Azure SQL Database must only use approved firewall... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255347 | Azure SQL Database must only use approved firewall... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255348 | Azure SQL Database must maintain the confidentiali... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255349 | Azure SQL Database must maintain the confidentiali... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255370 | Azure SQL Database must generate audit records for... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255371 | Azure SQL Database must generate audit records for... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255376 | Azure SQL Database must generate audit records for... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255377 | Azure SQL Database must offload audit data to a se... | CAT II | Microsoft Azure SQL Database S... | Set Status |
| V-255818 | The WebSphere Application Server maximum in-memory... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255819 | The WebSphere Application Server admin console ses... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255821 | The WebSphere Application Server groups in the use... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255822 | The WebSphere Application Server users in the WebS... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255825 | The WebSphere Application Server automatic reposit... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255828 | The WebSphere Application Server users in a local ... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255835 | The WebSphere Application Server users in the admi... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255836 | The WebSphere Application Server LDAP groups must ... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255837 | The WebSphere Application Server users in a LDAP u... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255841 | The WebSphere Application Server must allocate JVM... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255842 | The WebSphere Application Server must allocate aud... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255849 | The WebSphere Application Server must protect log ... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255850 | The WebSphere Application Server must protect log ... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255851 | The WebSphere Application Server wsadmin file must... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255852 | The WebSphere Application Server wsadmin file must... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255853 | The WebSphere Application Server wsadmin file must... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255854 | The WebSphere Application Server must be configure... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255856 | The WebSphere Application Server process must not ... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255857 | The WebSphere Application Server files must be own... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255866 | The WebSphere Application Server must provide secu... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255867 | The WebSphere Application Server must provide secu... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255868 | The WebSphere Application Server must authenticate... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255869 | The WebSphere Application Server must authenticate... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255872 | The WebSphere Application Server must prohibit the... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255878 | The WebSphere Application Servers must not be in t... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255879 | The WebSphere Application Server DoD root CAs must... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255880 | The WebSphere Application Server personal certific... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255885 | The WebSphere Application Server high availability... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255887 | The WebSphere Application Server thread pool size ... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-255891 | The WebSphere Application Server must remove organ... | CAT II | IBM WebSphere Traditional V9.x... | Set Status |
| V-256323 | The vCenter Server must uniquely identify and auth... | CAT II | VMware vSphere 7.0 vCenter Sec... | Set Status |
| V-256324 | The vCenter Server must require multifactor authen... | CAT II | VMware vSphere 7.0 vCenter Sec... | Set Status |
| V-256354 | The vCenter Server must not configure all port gro... | CAT II | VMware vSphere 7.0 vCenter Sec... | Set Status |
| V-256426 | All port groups on standard switches must not be c... | CAT II | VMware vSphere 7.0 ESXi Securi... | Set Status |
| V-256904 | Automation Controller must be capable of reverting... | CAT II | Red Hat Ansible Automation Con... | Set Status |
| V-256948 | All Automation Controller NGINX webserver accounts... | CAT II | Red Hat Ansible Automation Con... | Set Status |
| V-257514 | OpenShift must enforce network policy on the names... | CAT II | Red Hat OpenShift Container Pl... | Set Status |
| V-257517 | OpenShift must generate audit records for all DOD-... | CAT II | Red Hat OpenShift Container Pl... | Set Status |
| V-257524 | OpenShift components must provide the ability to s... | CAT II | Red Hat OpenShift Container Pl... | Set Status |
| V-257539 | OpenShift runtime must enforce ports, protocols, a... | CAT II | Red Hat OpenShift Container Pl... | Set Status |
| V-257559 | OpenShift must configure Alert Manger Receivers to... | CAT II | Red Hat OpenShift Container Pl... | Set Status |
| V-257564 | OpenShift keystore must implement encryption to pr... | CAT II | Red Hat OpenShift Container Pl... | Set Status |
| V-258394 | Google Android 14 must be configured to disable mu... | CAT II | Google Android 14 COBO Securit... | Set Status |
| V-258425 | Google Android 14 must be configured to disable ex... | CAT II | Google Android 14 COPE Securit... | Set Status |
| V-258426 | Google Android 14 must be configured to disable mu... | CAT II | Google Android 14 COPE Securit... | Set Status |
| V-258432 | The Google Android 14 work profile must be configu... | CAT II | Google Android 14 COPE Securit... | Set Status |
| V-258434 | Google Android 14 must be provisioned as a fully m... | CAT II | Google Android 14 COPE Securit... | Set Status |
| V-258435 | The Google Android 14 work profile must be configu... | CAT II | Google Android 14 COPE Securit... | Set Status |
| V-258612 | The ICS must be configured to support organization... | CAT II | Ivanti Connect Secure NDM Secu... | Set Status |
| V-258909 | The vCenter Server must uniquely identify and auth... | CAT II | VMware vSphere 8.0 vCenter Sec... | Set Status |
| V-258910 | The vCenter Server must require multifactor authen... | CAT II | VMware vSphere 8.0 vCenter Sec... | Set Status |
| V-258919 | The vCenter Server must enable revocation checking... | CAT II | VMware vSphere 8.0 vCenter Sec... | Set Status |
| V-258941 | The vCenter Server must not configure all port gro... | CAT II | VMware vSphere 8.0 vCenter Sec... | Set Status |
| V-258995 | The vCenter STS service example applications must ... | CAT II | VMware vSphere 8.0 vCenter App... | Set Status |
| V-258996 | The vCenter STS service default ROOT web applicati... | CAT II | VMware vSphere 8.0 vCenter App... | Set Status |
| V-258997 | The vCenter STS service default documentation must... | CAT II | VMware vSphere 8.0 vCenter App... | Set Status |
| V-259029 | The vCenter ESX Agent Manager service example appl... | CAT II | VMware vSphere 8.0 vCenter App... | Set Status |
| V-259030 | The vCenter ESX Agent Manager service default ROOT... | CAT II | VMware vSphere 8.0 vCenter App... | Set Status |
| V-259031 | The vCenter ESX Agent Manager service default docu... | CAT II | VMware vSphere 8.0 vCenter App... | Set Status |
| V-259063 | The vCenter Lookup service example applications mu... | CAT II | VMware vSphere 8.0 vCenter App... | Set Status |
| V-259064 | The vCenter Lookup service default ROOT web applic... | CAT II | VMware vSphere 8.0 vCenter App... | Set Status |
| V-259065 | The vCenter Lookup service default documentation m... | CAT II | VMware vSphere 8.0 vCenter App... | Set Status |
| V-259097 | The vCenter Perfcharts service example application... | CAT II | VMware vSphere 8.0 vCenter App... | Set Status |
| V-259098 | The vCenter Perfcharts service default documentati... | CAT II | VMware vSphere 8.0 vCenter App... | Set Status |
| V-259130 | The vCenter UI service example applications must b... | CAT II | VMware vSphere 8.0 vCenter App... | Set Status |
| V-259131 | The vCenter UI service default ROOT web applicatio... | CAT II | VMware vSphere 8.0 vCenter App... | Set Status |
| V-259132 | The vCenter UI service default documentation must ... | CAT II | VMware vSphere 8.0 vCenter App... | Set Status |
| V-259338 | The "Manage auditing and security log" user right ... | CAT II | Microsoft Windows Server Domai... | Set Status |
| V-259394 | The Windows DNS Server must only contain zone reco... | CAT II | Microsoft Windows Server Domai... | Set Status |
| V-259414 | The private keys corresponding to both the zone si... | CAT II | Microsoft Windows Server Domai... | Set Status |
| V-259592 | Exchange queue database must reside on a dedicated... | CAT II | Microsoft Exchange 2019 Edge S... | Set Status |
| V-259630 | Exchange must limit the Receive connector timeout. | CAT II | Microsoft Exchange 2019 Edge S... | Set Status |
| V-259633 | The Exchange software baseline copy must exist. | CAT II | Microsoft Exchange 2019 Edge S... | Set Status |
| V-259877 | For Impact Levels 4 and 5, the Mission Owner must ... | CAT II | Cloud Computing Mission Owner ... | Set Status |
| V-259880 | The Infrastructure as a Service (IaaS)/Platform as... | CAT II | Cloud Computing Mission Owner ... | Set Status |
| V-259883 | The Mission owner must obtain Authorizing Official... | CAT II | Cloud Computing Mission Owner ... | Set Status |
| V-259884 | The Mission Owner must select and configure an Imp... | CAT II | Cloud Computing Mission Owner ... | Set Status |
| V-259892 | An IP-based VTC system implementing a single CODEC... | CAT II | Enterprise Voice, Video, and M... | Set Status |
| V-259895 | IP-based VTC systems implementing a single CODEC t... | CAT II | Enterprise Voice, Video, and M... | Set Status |
| V-259896 | The A/B, A/B/C, or A/B/C/D switch within an IP-bas... | CAT II | Enterprise Voice, Video, and M... | Set Status |
| V-259897 | An IP-based VTC system implementing a single CODEC... | CAT II | Enterprise Voice, Video, and M... | Set Status |
| V-259901 | The implementation of an IP-based VTC system that ... | CAT II | Enterprise Voice, Video, and M... | Set Status |
| V-259907 | Implementing Unified Capabilities (UC) soft client... | CAT II | Enterprise Voice, Video, and M... | Set Status |
| V-259909 | A Call Center or Computer Telephony Integration (C... | CAT II | Enterprise Voice, Video, and M... | Set Status |
| V-259910 | The local Enterprise Voice, Video, and Messaging s... | CAT II | Enterprise Voice, Video, and M... | Set Status |
| V-259911 | The LAN hardware supporting VVoIP services must pr... | CAT II | Enterprise Voice, Video, and M... | Set Status |
| V-259912 | The LAN hardware supporting VVoIP services must pr... | CAT II | Enterprise Voice, Video, and M... | Set Status |
| V-259915 | The enclave must be dual homed to two geographical... | CAT II | Enterprise Voice, Video, and M... | Set Status |
| V-259916 | The dual homed DISN core access circuits must be i... | CAT II | Enterprise Voice, Video, and M... | Set Status |
| V-259917 | The required dual homed DISN Core or NIPRNet acces... | CAT II | Enterprise Voice, Video, and M... | Set Status |
| V-259919 | Enclaves with commercial VoIP connections must be ... | CAT II | Enterprise Voice, Video, and M... | Set Status |
| V-259948 | The Enterprise Voice, Video, and Messaging Endpoin... | CAT II | Enterprise Voice, Video, and M... | Set Status |
| V-260152 | Google Android 14 must be configured to disable ex... | CAT II | Google Android 14 MDFPP 3.3 BY... | Set Status |
| V-260163 | The Google Android 14 work profile must be configu... | CAT II | Google Android 14 MDFPP 3.3 BY... | Set Status |
| V-260165 | Google Android 14 must be provisioned as a BYOAD d... | CAT II | Google Android 14 MDFPP 3.3 BY... | Set Status |
| V-260166 | The Google Android 14 work profile must be configu... | CAT II | Google Android 14 MDFPP 3.3 BY... | Set Status |
| V-260557 | Ubuntu 22.04 LTS must be configured to use AppArmo... | CAT II | Canonical Ubuntu 22.04 LTS Sec... | Set Status |
| V-260937 | The default seccomp profile must not be disabled. | CAT II | Mirantis Kubernetes Engine Sec... | Set Status |
| V-261357 | SLEM 5 must not have unnecessary accounts. | CAT II | SUSE Linux Enterprise Micro (S... | Set Status |
| V-261860 | PostgreSQL must protect against a user falsely rep... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261861 | PostgreSQL must provide audit record generation ca... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261862 | PostgreSQL must allow only the information system ... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261863 | PostgreSQL must be able to generate audit records ... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261869 | PostgreSQL must produce audit records containing s... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261870 | PostgreSQL must produce audit records containing s... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261872 | PostgreSQL must include additional, more detailed,... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261874 | PostgreSQL must be configurable to overwrite audit... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261875 | The audit information produced by PostgreSQL must ... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261884 | Database objects (including but not limited to tab... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261890 | PostgreSQL must uniquely identify and authenticate... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261893 | PostgreSQL, when using PKI-based authentication, m... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261897 | PostgreSQL must uniquely identify and authenticate... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261898 | PostgreSQL must separate user functionality (inclu... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261900 | PostgreSQL must maintain the authenticity of commu... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261902 | PostgreSQL must isolate security functions from no... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261905 | PostgreSQL must check the validity of all data inp... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261907 | PostgreSQL and associated applications, when makin... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261909 | PostgreSQL must reveal detailed error messages onl... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261910 | PostgreSQL must automatically terminate a user ses... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261911 | PostgreSQL must associate organization-defined typ... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261913 | PostgreSQL must associate organization-defined typ... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261914 | PostgreSQL must enforce discretionary access contr... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261915 | PostgreSQL must prevent nonprivileged users from e... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261916 | Execution of software modules (to include stored p... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261929 | PostgreSQL must only accept end entity certificate... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261930 | PostgreSQL must implement cryptographic mechanisms... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261931 | PostgreSQL must implement cryptographic mechanisms... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261934 | When invalid inputs are received, PostgreSQL must ... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261938 | PostgreSQL must be able to generate audit records ... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261940 | PostgreSQL must generate audit records when catego... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261942 | PostgreSQL must generate audit records when privil... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261944 | PostgreSQL must generate audit records when privil... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261946 | PostgreSQL must generate audit records when securi... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261948 | PostgreSQL must generate audit records when catego... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261950 | PostgreSQL must generate audit records when privil... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261952 | PostgreSQL must generate audit records when securi... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261954 | PostgreSQL must generate audit records when catego... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261955 | PostgreSQL must generate audit records when unsucc... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261958 | PostgreSQL must generate audit records for all pri... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261959 | PostgreSQL must generate audit records when unsucc... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261964 | PostgreSQL must generate audit records for all dir... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261965 | PostgreSQL must implement NIST FIPS 140-2 or 140-3... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-261966 | PostgreSQL must implement NIST FIPS 140-2 or 140-3... | CAT II | Crunchy Data Postgres 16 Secur... | Set Status |
| V-265350 | The NSX Manager must be configured to conduct back... | CAT II | VMware NSX 4.x Manager NDM Sec... | Set Status |
| V-265634 | The application must implement NSA-approved crypto... | CAT II | Application Security and Devel... | Set Status |
| V-265907 | MongoDB must provide audit record generation for D... | CAT II | MongoDB Enterprise Advanced 7.... | Set Status |
| V-265913 | Database objects (including but not limited to tab... | CAT II | MongoDB Enterprise Advanced 7.... | Set Status |
| V-265925 | MongoDB must maintain the authenticity of communic... | CAT II | MongoDB Enterprise Advanced 7.... | Set Status |
| V-265929 | MongoDB must check the validity of all data inputs... | CAT II | MongoDB Enterprise Advanced 7.... | Set Status |
| V-265933 | The DBMS must automatically terminate a user sessi... | CAT II | MongoDB Enterprise Advanced 7.... | Set Status |
| V-265934 | MongoDB must associate organization-defined types ... | CAT II | MongoDB Enterprise Advanced 7.... | Set Status |
| V-265935 | MongoDB must enforce discretionary access control ... | CAT II | MongoDB Enterprise Advanced 7.... | Set Status |
| V-265936 | MongoDB must prevent nonprivileged users from exec... | CAT II | MongoDB Enterprise Advanced 7.... | Set Status |
| V-265941 | MongoDB must prohibit user installation of logic m... | CAT II | MongoDB Enterprise Advanced 7.... | Set Status |
| V-265947 | MongoDB must implement cryptographic mechanisms to... | CAT II | MongoDB Enterprise Advanced 7.... | Set Status |
| V-265950 | When invalid inputs are received, MongoDB must beh... | CAT II | MongoDB Enterprise Advanced 7.... | Set Status |
| V-265951 | When updates are applied to MongoDB software, any ... | CAT II | MongoDB Enterprise Advanced 7.... | Set Status |
| V-265953 | MongoDB must off-load audit data to a separate log... | CAT II | MongoDB Enterprise Advanced 7.... | Set Status |
| V-265954 | MongoDB must be configured in accordance with the ... | CAT II | MongoDB Enterprise Advanced 7.... | Set Status |
| V-265973 | MongoDB must limit the total number of concurrent ... | CAT II | MongoDB Enterprise Advanced 7.... | Set Status |
| V-266096 | The F5 BIG-IP appliance must conduct backups of th... | CAT II | F5 BIG-IP TMOS NDM Security Te... | Set Status |
| V-266147 | The F5 BIG-IP appliance that provides intermediary... | CAT II | F5 BIG-IP TMOS ALG Security Te... | Set Status |
| V-266148 | The F5 BIG-IP appliance that intermediary services... | CAT II | F5 BIG-IP TMOS ALG Security Te... | Set Status |
| V-266149 | The F5 BIG-IP appliance that provides intermediary... | CAT II | F5 BIG-IP TMOS ALG Security Te... | Set Status |
| V-266158 | The F5 BIG-IP appliance must check the validity of... | CAT II | F5 BIG-IP TMOS ALG Security Te... | Set Status |
| V-266254 | The F5 BIG-IP appliance that filters traffic from ... | CAT II | F5 BIG-IP TMOS Firewall Securi... | Set Status |
| V-266256 | The F5 BIG-IP appliance must generate traffic log ... | CAT II | F5 BIG-IP TMOS Firewall Securi... | Set Status |
| V-266972 | AOS must support organizational requirements to co... | CAT II | HPE Aruba Networking AOS NDM S... | Set Status |
| V-267448 | Google Android 15 must be configured to disable mu... | CAT II | Google Android 15 COBO Securit... | Set Status |
| V-267456 | The Google Android 15 work profile must be configu... | CAT II | Google Android 15 COBO Securit... | Set Status |
| V-267543 | Google Android 15 must be configured to disable ex... | CAT II | Google Android 15 COPE Securit... | Set Status |
| V-267544 | Google Android 15 must be configured to disable mu... | CAT II | Google Android 15 COPE Securit... | Set Status |
| V-267551 | The Google Android 15 work profile must be configu... | CAT II | Google Android 15 COPE Securit... | Set Status |
| V-267553 | Google Android 15 must be provisioned as a fully m... | CAT II | Google Android 15 COPE Securit... | Set Status |
| V-267554 | The Google Android 15 work profile must be configu... | CAT II | Google Android 15 COPE Securit... | Set Status |
| V-268252 | The HYCU virtual appliance must support organizati... | CAT II | HYCU Protege Security Technica... | Set Status |
| V-268253 | The HYCU virtual appliance must off-load audit rec... | CAT II | HYCU Protege Security Technica... | Set Status |
| V-269780 | The Dell OS10 Switch must implement replay-resista... | CAT II | Dell OS10 Switch NDM Security ... | Set Status |
| V-269793 | The Dell OS10 Switch must be configured to authent... | CAT II | Dell OS10 Switch NDM Security ... | Set Status |
| V-270055 | Zebra Android 13 must be configured to disable exc... | CAT II | Zebra Android 13 COBO Security... | Set Status |
| V-270056 | Zebra Android 13 must be configured to disable mul... | CAT II | Zebra Android 13 COBO Security... | Set Status |
| V-270065 | The Zebra Android 13 work profile must be configur... | CAT II | Zebra Android 13 COBO Security... | Set Status |
| V-270150 | Zebra Android 13 must be configured to disable exc... | CAT II | Zebra Android 13 COPE Security... | Set Status |
| V-270151 | Zebra Android 13 must be configured to disable mul... | CAT II | Zebra Android 13 COPE Security... | Set Status |
| V-270161 | The Zebra Android 13 work profile must be configur... | CAT II | Zebra Android 13 COPE Security... | Set Status |
| V-270163 | Zebra Android 13 must be provisioned as a fully ma... | CAT II | Zebra Android 13 COPE Security... | Set Status |
| V-270164 | The Zebra Android 13 work profile must be configur... | CAT II | Zebra Android 13 COPE Security... | Set Status |
| V-270497 | Oracle Database must automatically terminate a use... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270498 | Oracle Database must associate organization-define... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270502 | Oracle Database must provide audit record generati... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270503 | Oracle Database must allow designated organization... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270505 | Oracle Database must include organization-defined ... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270507 | Oracle Database must off-load audit data to a sepa... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270510 | The audit information produced by the Oracle Datab... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270512 | Oracle Database must support enforcement of logica... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270515 | The OS must limit privileges to change the databas... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270518 | Database objects must be owned by accounts authori... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270520 | Oracle Database must be configured in accordance w... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270527 | System privileges granted using the WITH ADMIN OPT... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270529 | Oracle roles granted using the WITH ADMIN OPTION m... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270536 | Oracle Database production application and data di... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270537 | Use of the Oracle Database installation account mu... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270539 | Network access to Oracle Database must be restrict... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270546 | Oracle Database must provide a mechanism to automa... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270548 | Oracle Database must be protected from unauthorize... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270552 | Oracle Database default demonstration and sample d... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270553 | Unused database components, database management sy... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270554 | Unused database components that are integrated in ... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270557 | Access to external executables must be disabled or... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270572 | Oracle Database must separate user functionality (... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270573 | Oracle Database must preserve any organization-def... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270575 | Oracle Database must implement cryptographic mecha... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270582 | The database management system (DBMS) and associat... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270584 | Oracle Database must restrict error messages so on... | CAT II | Oracle Database 19c Security T... | Set Status |
| V-270659 | Ubuntu 24.04 LTS must have AppArmor installed. | CAT II | Canonical Ubuntu 24.04 LTS Sec... | Set Status |
| V-270660 | Ubuntu 24.04 LTS must be configured to use AppArmo... | CAT II | Canonical Ubuntu 24.04 LTS Sec... | Set Status |
| V-270978 | Dragos must use FIPS-validated encryption and hash... | CAT II | Dragos Platform 2.x Security T... | Set Status |
| V-271121 | SQL Server must protect against a user falsely rep... | CAT II | Microsoft SQL Server 2022 Data... | Set Status |
| V-271122 | SQL Server must protect against a user falsely rep... | CAT II | Microsoft SQL Server 2022 Data... | Set Status |
| V-271124 | SQL Server must allow only the information system ... | CAT II | Microsoft SQL Server 2022 Data... | Set Status |
| V-271143 | SQL Server must limit privileges to change softwar... | CAT II | Microsoft SQL Server 2022 Data... | Set Status |
| V-271146 | Database objects (including but not limited to tab... | CAT II | Microsoft SQL Server 2022 Data... | Set Status |
| V-271147 | The role(s)/group(s) used to modify database struc... | CAT II | Microsoft SQL Server 2022 Data... | Set Status |
| V-271168 | In the event of a system failure, hardware loss or... | CAT II | Microsoft SQL Server 2022 Data... | Set Status |
| V-271169 | The Database Master Key encryption password must m... | CAT II | Microsoft SQL Server 2022 Data... | Set Status |
| V-271172 | SQL Server must isolate security functions from no... | CAT II | Microsoft SQL Server 2022 Data... | Set Status |
| V-271176 | SQL Server must check the validity of all data inp... | CAT II | Microsoft SQL Server 2022 Data... | Set Status |
| V-271186 | SQL Server must enforce discretionary access contr... | CAT II | Microsoft SQL Server 2022 Data... | Set Status |
| V-271188 | Execution of stored procedures and functions that ... | CAT II | Microsoft SQL Server 2022 Data... | Set Status |
| V-271263 | SQL Server must limit the number of concurrent ses... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271269 | SQL Server must protect against a user falsely rep... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271270 | SQL Server must be configured to generate audit re... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271271 | SQL Server must allow only the information system ... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271272 | SQL Server must generate audit records when attemp... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271280 | SQL Server must include additional, more detailed,... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271283 | SQL Server must protect its audit configuration fr... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271284 | SQL Server must limit privileges to change softwar... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271285 | SQL Server must limit privileges to change softwar... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271290 | Default demonstration and sample databases, databa... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271291 | Unused database components, DBMS software, and dat... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271292 | The SQL Server Replication Xps feature must be dis... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271293 | The SQL Server External Scripts Enabled feature mu... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271295 | The remote Data Archive feature must be disabled u... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271296 | The "Allow Polybase Export" feature must be disabl... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271297 | The "Hadoop Connectivity" feature must be disabled... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271298 | The "Remote Access" feature must be disabled unles... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271299 | Access to linked servers must be disabled or restr... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271300 | Access to nonstandard, extended stored procedures ... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271301 | Access to common language runtime (CLR) code must ... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271302 | Access to xp_cmdshell must be disabled unless spec... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271303 | SQL Server must be configured to prohibit or restr... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271305 | SQL Server must uniquely identify and authenticate... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271327 | SQL Server must prevent unauthorized and unintende... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271328 | SQL Server must prevent unauthorized and unintende... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271332 | SQL Server and associated applications, when makin... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271334 | SQL Server must reveal detailed error messages onl... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271341 | SQL Server must prevent nonprivileged users from e... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271342 | Use of credentials and proxies must be restricted ... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271343 | SQL Server must allocate audit record storage capa... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271349 | Windows must enforce access restrictions associate... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271350 | SQL Server must enforce access restrictions associ... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271358 | SQL Server services must be configured to run unde... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271359 | SQL Server must maintain a separate execution doma... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271362 | When invalid inputs are received, the SQL Server m... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271381 | SQL Server must generate audit records for all dir... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271385 | The system SQL Server must off-load audit data to ... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271388 | SQL Server must configure SQL Server Usage and Err... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271389 | SQL Server must configure Customer Feedback and Er... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-271921 | The Cisco ACI must conduct backups of the configur... | CAT II | Cisco ACI NDM Security Technic... | Set Status |
| V-272062 | The BGP Cisco ACI must be configured to reject inb... | CAT II | Cisco ACI Router Security Tech... | Set Status |
| V-272063 | The BGP Cisco ACI must be configured to reject out... | CAT II | Cisco ACI Router Security Tech... | Set Status |
| V-272104 | The Cisco ACI must be configured to protect agains... | CAT II | Cisco ACI Router Security Tech... | Set Status |
| V-272642 | All associated custom applications, including API ... | CAT II | Arctic Wolf CylanceON-PREM Sec... | Set Status |
| V-273995 | Amazon Linux 2023 must ensure cryptographic verifi... | CAT II | Amazon Linux 2023 Security Tec... | Set Status |
| V-274309 | Honeywell Android 13 must be configured to disable... | CAT II | Honeywell Android 13 COBO Secu... | Set Status |
| V-274321 | The Honeywell Android 13 work profile must be conf... | CAT II | Honeywell Android 13 COBO Secu... | Set Status |
| V-274404 | Honeywell Android 13 must be configured to disable... | CAT II | Honeywell Android 13 COPE Secu... | Set Status |
| V-274405 | Honeywell Android 13 must be configured to disable... | CAT II | Honeywell Android 13 COPE Secu... | Set Status |
| V-274417 | The Honeywell Android 13 work profile must be conf... | CAT II | Honeywell Android 13 COPE Secu... | Set Status |
| V-274419 | Honeywell Android 13 must be provisioned as a full... | CAT II | Honeywell Android 13 COPE Secu... | Set Status |
| V-274420 | The Honeywell Android 13 work profile must be conf... | CAT II | Honeywell Android 13 COPE Secu... | Set Status |
| V-274446 | Execution of startup stored procedures must be res... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-274449 | SQL Server execute permissions to access the regis... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-274450 | Filestream must be disabled unless specifically re... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-274451 | The Ole Automation Procedures feature must be disa... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-274452 | The SQL Server User Options feature must be disabl... | CAT II | Microsoft SQL Server 2022 Inst... | Set Status |
| V-274507 | The API must be configured to use approved authori... | CAT II | Application Programming Interf... | Set Status |
| V-274529 | The API Gateway must audit exceptions and errors t... | CAT II | Application Programming Interf... | Set Status |
| V-274530 | The API must audit exceptions and errors that occu... | CAT II | Application Programming Interf... | Set Status |
| V-274531 | The API Gateway must audit execution time and perf... | CAT II | Application Programming Interf... | Set Status |
| V-274532 | The API must audit execution time and performance ... | CAT II | Application Programming Interf... | Set Status |
| V-274533 | The API Gateway must audit request and response de... | CAT II | Application Programming Interf... | Set Status |
| V-274534 | The API must audit request and response details (s... | CAT II | Application Programming Interf... | Set Status |
| V-274537 | All defined API elements must be documented. | CAT II | Application Programming Interf... | Set Status |
| V-274557 | The API must limit the exposure of endpoints. | CAT II | Application Programming Interf... | Set Status |
| V-274559 | The API must use an approved DOD enterprise identi... | CAT II | Application Programming Interf... | Set Status |
| V-274600 | The API must protect Session IDs via encryption. | CAT II | Application Programming Interf... | Set Status |
| V-274603 | The API keys must be securely generated using a FI... | CAT II | Application Programming Interf... | Set Status |
| V-274612 | The API must employ throttling. | CAT II | Application Programming Interf... | Set Status |
| V-274615 | The API must not disclose sensitive data in error ... | CAT II | Application Programming Interf... | Set Status |
| V-274679 | The API's internal authorization tokens must not b... | CAT II | Application Programming Interf... | Set Status |
| V-274682 | The API must enforce per-client rate limits. | CAT II | Application Programming Interf... | Set Status |
| V-274715 | The API must provide input validation. | CAT II | Application Programming Interf... | Set Status |
| V-274785 | API services identified within the system as unnec... | CAT II | Application Programming Interf... | Set Status |
| V-274835 | API must use a circuit breaker pattern to handle f... | CAT II | Application Programming Interf... | Set Status |
| V-274839 | Cryptographic keys that protect access tokens must... | CAT II | Application Programming Interf... | Set Status |
| V-274840 | The API must protect the private keys used to sign... | CAT II | Application Programming Interf... | Set Status |
| V-274841 | Generating assertions must be restricted. | CAT II | Application Programming Interf... | Set Status |
| V-274842 | The API must issue assertions in accordance with o... | CAT II | Application Programming Interf... | Set Status |
| V-274844 | The API must revoke assertions in accordance with ... | CAT II | Application Programming Interf... | Set Status |
| V-274845 | The API must time-restrict assertions in accordanc... | CAT II | Application Programming Interf... | Set Status |
| V-274846 | The API must audience-restrict assertions in accor... | CAT II | Application Programming Interf... | Set Status |
| V-274848 | The API must issue access tokens in accordance wit... | CAT II | Application Programming Interf... | Set Status |
| V-274849 | The API must refresh access tokens in accordance w... | CAT II | Application Programming Interf... | Set Status |
| V-274850 | The API must revoke access tokens in accordance wi... | CAT II | Application Programming Interf... | Set Status |
| V-275462 | The Riverbed NetIM must support organizational req... | CAT II | Riverbed NetIM NDM Security Te... | Set Status |
| V-275646 | Ubuntu OS must be configured to use AppArmor. | CAT II | Riverbed NetIM OS Security Tec... | Set Status |
| V-276197 | DOD Apple iOS/iPadOS 18 devices must disable eSIM ... | CAT II | Apple iOS/iPadOS 18 Security T... | Set Status |
| V-276227 | Database objects must be owned by Azure SQL Manage... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276228 | The role(s)/group(s) used to modify database struc... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276230 | Azure SQL Managed Instance and associated applicat... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276232 | Azure SQL Managed Instance must enforce discretion... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276233 | Azure SQL Managed Instance must restrict execution... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276234 | Azure SQL Managed Instance must prohibit user inst... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276235 | Azure SQL Managed Instance must enforce access res... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276237 | Azure SQL Managed Instance must implement cryptogr... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276238 | Azure SQL Managed Instance must implement cryptogr... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276239 | When invalid inputs are received, the Azure SQL Ma... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276240 | Azure SQL Managed Instance must protect against a ... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276241 | Azure SQL Managed Instance must protect against a ... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276244 | Azure SQL Managed Instance default demonstration a... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276245 | The Azure SQL Managed Instance audit storage accou... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276246 | The Azure SQL Managed Instance must be configured ... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276249 | Azure SQL Managed Instance must uniquely identify ... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276256 | Azure SQL Managed Instance must include additional... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276260 | Azure SQL Managed Instance must generate audit rec... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276264 | Azure SQL Managed Instance must generate audit rec... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276265 | Azure SQL Managed Instance must store audit record... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276267 | Azure SQL Managed Instance must implement the capa... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276269 | Azure SQL Managed Instance must prevent the instal... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276276 | Azure SQL Server Managed Instance must, for passwo... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276285 | Azure SQL Managed Instance must limit privileges t... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276286 | Azure SQL Managed Instance must limit privileges t... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276287 | The database master key (DMK) encryption password ... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276291 | Azure SQL Managed Instance must check the validity... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276294 | Azure SQL Managed Instance must protect against a ... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276295 | Azure SQL Managed Instance must be configured to g... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276296 | Azure SQL Managed Instance must allow only documen... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276299 | Azure SQL Managed Instance must protect its audit ... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276300 | Access to xp_cmdshell must be disabled for Azure S... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276301 | Access to CLR code must be disabled for Azure SQL ... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276302 | Access to linked servers must be disabled or restr... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276304 | Azure SQL Server Managed Instance contained databa... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276307 | Azure SQL Managed Instance must prevent nonprivile... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276308 | Azure SQL Managed Instance must enforce access res... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276309 | Azure Resource Manager must enforce access restric... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276311 | Azure SQL Managed Instance must maintain a separat... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276319 | The Allow Filesystem Enumeration feature must be d... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276320 | The CLR Strict Security feature must be enabled fo... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276321 | The Hadoop Connectivity feature must be disabled f... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276322 | Azure SQL Server Managed Instance Replication Xps ... | CAT II | Microsoft Azure SQL Managed In... | Set Status |
| V-276632 | Samsung Android must be enrolled as a COBO device. | CAT II | Samsung Android 16 COBO Securi... | Set Status |
| V-276646 | Samsung Android's Work profile must be configured ... | CAT II | Samsung Android 16 COPE Securi... | Set Status |
| V-276739 | Samsung Android must be enrolled as a COPE device. | CAT II | Samsung Android 16 COPE Securi... | Set Status |
| V-276766 | Google Android 16 must be configured to disable mu... | CAT II | Google Android 16 COBO Securit... | Set Status |
| V-276774 | The Google Android 16 work profile must be configu... | CAT II | Google Android 16 COBO Securit... | Set Status |
| V-276868 | Google Android 16 must be configured to disable ex... | CAT II | Google Android 16 COPE Securit... | Set Status |
| V-276869 | Google Android 16 must be configured to disable mu... | CAT II | Google Android 16 COPE Securit... | Set Status |
| V-276876 | The Google Android 16 work profile must be configu... | CAT II | Google Android 16 COPE Securit... | Set Status |
| V-276878 | Google Android 16 must be provisioned as a fully m... | CAT II | Google Android 16 COPE Securit... | Set Status |
| V-276879 | The Google Android 16 work profile must be configu... | CAT II | Google Android 16 COPE Securit... | Set Status |
| V-277982 | Windows Server 2025 must install security-relevant... | CAT II | Microsoft Windows Server 2025 ... | Set Status |
| V-277991 | Windows Server 2025 shared user accounts must not ... | CAT II | Microsoft Windows Server 2025 ... | Set Status |
| V-278017 | Windows Server 2025 must not have Wi-Fi enabled un... | CAT II | Microsoft Windows Server 2025 ... | Set Status |
| V-278018 | Windows Server 2025 must not have Bluetooth enable... | CAT II | Microsoft Windows Server 2025 ... | Set Status |
| V-278145 | Windows Server 2025 must use separate, NSA-approve... | CAT II | Microsoft Windows Server 2025 ... | Set Status |
| V-278165 | The Windows Server 2025 "Access this computer from... | CAT II | Microsoft Windows Server 2025 ... | Set Status |
| V-278183 | Windows Server 2025 "Access this computer from the... | CAT II | Microsoft Windows Server 2025 ... | Set Status |
| V-278192 | Windows Server 2025 must have the DOD Root Certifi... | CAT II | Microsoft Windows Server 2025 ... | Set Status |
| V-278243 | The Windows Server 2025 "Allow log on locally" use... | CAT II | Microsoft Windows Server 2025 ... | Set Status |
| V-278244 | The Windows Server 2025 "Back up files and directo... | CAT II | Microsoft Windows Server 2025 ... | Set Status |
| V-278247 | The Windows Server 2025 "Create global objects" us... | CAT II | Microsoft Windows Server 2025 ... | Set Status |
| V-278252 | The Windows Server 2025 "Generate security audits"... | CAT II | Microsoft Windows Server 2025 ... | Set Status |
| V-278253 | The Windows Server 2025 "Impersonate a client afte... | CAT II | Microsoft Windows Server 2025 ... | Set Status |
| V-278254 | The Windows Server 2025 "Increase scheduling prior... | CAT II | Microsoft Windows Server 2025 ... | Set Status |
| V-278256 | The Windows Server 2025 "Lock pages in memory" use... | CAT II | Microsoft Windows Server 2025 ... | Set Status |
| V-278257 | The Windows Server 2025 "Manage auditing and secur... | CAT II | Microsoft Windows Server 2025 ... | Set Status |
| V-278261 | The Windows Server 2025 "Restore files and directo... | CAT II | Microsoft Windows Server 2025 ... | Set Status |
| V-278262 | The Windows Server 2025 "Take ownership of files o... | CAT II | Microsoft Windows Server 2025 ... | Set Status |
| V-278400 | NGINX must accept Personal Identity Verification (... | CAT II | F5 NGINX Security Technical Im... | Set Status |
| V-279038 | Before installing or upgrading ColdFusion, the int... | CAT II | Adobe ColdFusion Security Tech... | Set Status |
| V-279056 | Web services using Simple Object Access Protocol (... | CAT II | Adobe ColdFusion Security Tech... | Set Status |
| V-279081 | ColdFusion must limit the maximum number of Web Se... | CAT II | Adobe ColdFusion Security Tech... | Set Status |
| V-279082 | ColdFusion must limit the maximum number of ColdFu... | CAT II | Adobe ColdFusion Security Tech... | Set Status |
| V-279100 | ColdFusion must be set to automatically check for ... | CAT II | Adobe ColdFusion Security Tech... | Set Status |
| V-279101 | ColdFusion must have notifications enabled when a ... | CAT II | Adobe ColdFusion Security Tech... | Set Status |
| V-279334 | MongoDB must provide audit record generation for D... | CAT II | MongoDB Enterprise Advanced 8.... | Set Status |
| V-279341 | MongoDB database objects (including but not limite... | CAT II | MongoDB Enterprise Advanced 8.... | Set Status |
| V-279358 | MongoDB must maintain the authenticity of communic... | CAT II | MongoDB Enterprise Advanced 8.... | Set Status |
| V-279365 | MongoDB must check the validity of all data inputs... | CAT II | MongoDB Enterprise Advanced 8.... | Set Status |
| V-279371 | MongoDB must associate organization-defined types ... | CAT II | MongoDB Enterprise Advanced 8.... | Set Status |
| V-279372 | MongoDB must enforce Discretionary Access Control ... | CAT II | MongoDB Enterprise Advanced 8.... | Set Status |
| V-279373 | MongoDB must prevent nonprivileged users from exec... | CAT II | MongoDB Enterprise Advanced 8.... | Set Status |
| V-279380 | MongoDB must prohibit user installation of logic m... | CAT II | MongoDB Enterprise Advanced 8.... | Set Status |
| V-279383 | MongoDB must require users to reauthenticate when ... | CAT II | MongoDB Enterprise Advanced 8.... | Set Status |
| V-279390 | When invalid inputs are received, MongoDB must beh... | CAT II | MongoDB Enterprise Advanced 8.... | Set Status |
| V-279391 | When updates are applied to MongoDB software, any ... | CAT II | MongoDB Enterprise Advanced 8.... | Set Status |
| V-279394 | MongoDB must off-load audit data to a separate log... | CAT II | MongoDB Enterprise Advanced 8.... | Set Status |
| V-279395 | MongoDB must be configured in accordance with the ... | CAT II | MongoDB Enterprise Advanced 8.... | Set Status |
| V-279398 | MongoDB must prevent the installation of organizat... | CAT II | MongoDB Enterprise Advanced 8.... | Set Status |
| V-279399 | MongoDB must require users to be individually auth... | CAT II | MongoDB Enterprise Advanced 8.... | Set Status |
| V-282943 | MongoDB must be configured to restrict the use of ... | CAT II | MongoDB Enterprise Advanced 8.... | Set Status |
| V-283090 | The HPE Alletra Storage ArcusOS device must utiliz... | CAT II | HPE Alletra Storage ArcusOS We... | Set Status |
| V-283533 | Zebra Android 14 must be configured to disable mul... | CAT II | Zebra Technologies Android 14 ... | Set Status |
| V-283635 | Zebra Android 14 must be configured to disable exc... | CAT II | Zebra Technologies Android 14 ... | Set Status |
| V-283636 | Zebra Android 14 must be configured to disable mul... | CAT II | Zebra Technologies Android 14 ... | Set Status |
| V-283646 | The Zebra Android 14 work profile must be configur... | CAT II | Zebra Technologies Android 14 ... | Set Status |
| V-283648 | Zebra Android 14 must be provisioned as a fully ma... | CAT II | Zebra Technologies Android 14 ... | Set Status |
| V-283649 | The Zebra Android 14 work profile must be configur... | CAT II | Zebra Technologies Android 14 ... | Set Status |
| V-283667 | SQL Server must protect against a user falsely rep... | CAT II | Microsoft SQL Server 2022 Data... | Set Status |
| V-64979 | The DataPower Gateway must enforce approved author... | CAT II | IBM DataPower ALG Security Tec... | Set Status |
| V-65201 | The DataPower Gateway providing intermediary servi... | CAT II | IBM DataPower ALG Security Tec... | Set Status |
| V-65203 | The DataPower Gateway that stores secret or privat... | CAT II | IBM DataPower ALG Security Tec... | Set Status |
| V-65207 | The DataPower Gateway providing intermediary servi... | CAT II | IBM DataPower ALG Security Tec... | Set Status |
| V-79011 | The firewall protecting the BlackBerry Enterprise ... | CAT II | BlackBerry Enterprise Mobility... | Set Status |
| V-82189 | The firewall protecting the MaaS360 server platfor... | CAT II | IBM MaaS360 with Watson v10.x ... | Set Status |
| V-91825 | The firewall protecting the MDM server platform mu... | CAT II | MobileIron Core v10.x MDM Secu... | Set Status |
| xccdf_mil.disa.stig_group_V-218796 | The accounts created by uninstalled features (i.e.... | CAT II | Microsoft IIS 10.0 Server Secu... | Set Status |
| xccdf_mil.disa.stig_group_V-218806 | The IIS 10.0 web server must augment re-creation t... | CAT II | Microsoft IIS 10.0 Server Secu... | Set Status |
| xccdf_mil.disa.stig_group_V-225227 | CAS and policy configuration files must be backed ... | CAT II | Microsoft DotNet Framework 4.0... | Set Status |
| xccdf_mil.disa.stig_group_V-225231 | .NET must be configured to validate strong names o... | CAT II | Microsoft DotNet Framework 4.0... | Set Status |
| xccdf_mil.disa.stig_group_V-254244 | Windows Server 2022 shared user accounts must not ... | CAT II | Microsoft Windows Server 2022 ... | Set Status |
| xccdf_mil.disa.stig_group_V-254433 | Windows Server 2022 must restrict remote calls to ... | CAT II | Microsoft Windows Server 2022 ... | Set Status |
| V-206449 | The Central Log Server must be configured to aggre... | CAT III | Central Log Server Security Re... | Set Status |
| V-206459 | The Central Log Server system backups must be reta... | CAT III | Central Log Server Security Re... | Set Status |
| V-213903 | SQL Server must protect against a user falsely rep... | CAT III | MS SQL Server 2016 Database Se... | Set Status |
| V-213914 | SQL Server must isolate security functions from no... | CAT III | MS SQL Server 2016 Database Se... | Set Status |
| V-213921 | SQL Server must enforce discretionary access contr... | CAT III | MS SQL Server 2016 Database Se... | Set Status |
| V-216217 | System BIOS or system controllers supporting passw... | CAT III | Solaris 11 X86 Security Techni... | Set Status |
| V-220339 | MarkLogic Server must limit the number of concurre... | CAT III | MarkLogic Server v9 Security T... | Set Status |
| V-220417 | MarkLogic Server must off-load audit data to a sep... | CAT III | MarkLogic Server v9 Security T... | Set Status |
| V-222410 | The application must have a process, feature or fu... | CAT III | Application Security and Devel... | Set Status |
| V-222411 | The application must automatically disable account... | CAT III | Application Security and Devel... | Set Status |
| V-222417 | The application must notify system administrators ... | CAT III | Application Security and Devel... | Set Status |
| V-222418 | The application must notify system administrators ... | CAT III | Application Security and Devel... | Set Status |
| V-222419 | The application must notify system administrators ... | CAT III | Application Security and Devel... | Set Status |
| V-222420 | The application must notify system administrators ... | CAT III | Application Security and Devel... | Set Status |
| V-222422 | The application must notify system administrators ... | CAT III | Application Security and Devel... | Set Status |
| V-222437 | The application must display the time and date of ... | CAT III | Application Security and Devel... | Set Status |
| V-222617 | The application must notify the ISSO and ISSM of f... | CAT III | Application Security and Devel... | Set Status |
| V-222647 | Test procedures must be created and at least annua... | CAT III | Application Security and Devel... | Set Status |
| V-222653 | The application development team must follow a set... | CAT III | Application Security and Devel... | Set Status |
| V-222654 | The designer must create and update the Design Doc... | CAT III | Application Security and Devel... | Set Status |
| V-222672 | The application must generate audit records when c... | CAT III | Application Security and Devel... | Set Status |
| V-222958 | Example applications must be removed. | CAT III | Apache Tomcat Application Serv... | Set Status |
| V-222959 | Tomcat default ROOT web application must be remove... | CAT III | Apache Tomcat Application Serv... | Set Status |
| V-222960 | Documentation must be removed. | CAT III | Apache Tomcat Application Serv... | Set Status |
| V-223007 | Hosted applications must be documented in the syst... | CAT III | Apache Tomcat Application Serv... | Set Status |
| V-223008 | Connectors must be approved by the ISSO. | CAT III | Apache Tomcat Application Serv... | Set Status |
| V-223009 | Connector address attribute must be set. | CAT III | Apache Tomcat Application Serv... | Set Status |
| V-223235 | The Juniper SRX Services Gateway must implement se... | CAT III | Juniper SRX Services Gateway N... | Set Status |
| V-223425 | The number of ACF2 users granted the special privi... | CAT III | IBM z/OS ACF2 Security Technic... | Set Status |
| V-223488 | ACF2 APPLDEF GSO record if used must have supporti... | CAT III | IBM z/OS ACF2 Security Technic... | Set Status |
| V-225648 | The [selection: Samsung SDS EMM, MDM platform] mus... | CAT III | Samsung SDS EMM Security Techn... | Set Status |
| V-230949 | Forescout must prevent the installation of patches... | CAT III | Forescout Network Device Manag... | Set Status |
| V-233149 | Access to the container platform must display an e... | CAT III | Container Platform Security Re... | Set Status |
| V-233536 | PostgreSQL must be configurable to overwrite audit... | CAT III | Crunchy Data PostgreSQL Securi... | Set Status |
| V-235719 | User control of proxy settings must be disabled. | CAT III | Microsoft Edge Security Techni... | Set Status |
| V-241819 | The System Administrator (SA) and Information Syst... | CAT III | Central Log Server Security Re... | Set Status |
| V-243211 | WLAN signals must not be intercepted outside areas... | CAT III | Network WLAN AP-IG Platform Se... | Set Status |
| V-243223 | WLAN signals must not be intercepted outside areas... | CAT III | Network WLAN AP-NIPR Platform ... | Set Status |
| V-243488 | User accounts with delegated authority must be rem... | CAT III | Active Directory Domain Securi... | Set Status |
| V-243494 | Each cross-directory authentication configuration ... | CAT III | Active Directory Domain Securi... | Set Status |
| V-243499 | Active Directory implementation information must b... | CAT III | Active Directory Domain Securi... | Set Status |
| V-243501 | The impact of CPCON changes on the cross-directory... | CAT III | Active Directory Domain Securi... | Set Status |
| V-245724 | COMSEC Account Management - Program Management and... | CAT III | Traditional Security Checklist | Set Status |
| V-245738 | Protected Distribution System (PDS) Documentation ... | CAT III | Traditional Security Checklist | Set Status |
| V-245739 | Protected Distribution System (PDS) Documentation ... | CAT III | Traditional Security Checklist | Set Status |
| V-245743 | Protected Distribution System (PDS) Monitoring - I... | CAT III | Traditional Security Checklist | Set Status |
| V-245746 | Environmental IA Controls - Emergency Lighting and... | CAT III | Traditional Security Checklist | Set Status |
| V-245752 | Environmental IA Controls - Fire Inspections/Discr... | CAT III | Traditional Security Checklist | Set Status |
| V-245758 | Foreign National System Access - Local Access Cont... | CAT III | Traditional Security Checklist | Set Status |
| V-245766 | Foreign National (FN) Physical Access Control - (I... | CAT III | Traditional Security Checklist | Set Status |
| V-245770 | Foreign National (FN) Administrative Controls - Co... | CAT III | Traditional Security Checklist | Set Status |
| V-245773 | Information Assurance - COOP Plan or Testing (Inco... | CAT III | Traditional Security Checklist | Set Status |
| V-245784 | Information Assurance - Authorizing Official (AO) ... | CAT III | Traditional Security Checklist | Set Status |
| V-245839 | Destruction of Classified and Unclassified Documen... | CAT III | Traditional Security Checklist | Set Status |
| V-245850 | Controlled Unclassified Information - Marking/Labe... | CAT III | Traditional Security Checklist | Set Status |
| V-245851 | Classified Annual Review | CAT III | Traditional Security Checklist | Set Status |
| V-254850 | Controlled Unclassified Information ‐ Marking/Labe... | CAT III | TRADSEC NIPR SIPR STIGs CMD | Set Status |
| V-255846 | The WebSphere Application Server must shut down by... | CAT III | IBM WebSphere Traditional V9.x... | Set Status |
| V-255847 | The WebSphere Application Server high availability... | CAT III | IBM WebSphere Traditional V9.x... | Set Status |
| V-255848 | The WebSphere Application Server must be configure... | CAT III | IBM WebSphere Traditional V9.x... | Set Status |
| V-255859 | The WebSphere Application Server must remove JREs ... | CAT III | IBM WebSphere Traditional V9.x... | Set Status |
| V-255881 | The WebSphere Application Server must be configure... | CAT III | IBM WebSphere Traditional V9.x... | Set Status |
| V-255882 | The WebSphere Application servers with an RMF cate... | CAT III | IBM WebSphere Traditional V9.x... | Set Status |
| V-255886 | The WebSphere Application Server memory session se... | CAT III | IBM WebSphere Traditional V9.x... | Set Status |
| V-256096 | The Riverbed NetProfiler must be configured to con... | CAT III | Riverbed NetProfiler Security ... | Set Status |
| V-259899 | The A/B, A/B/C, or A/B/C/D switch used for network... | CAT III | Enterprise Voice, Video, and M... | Set Status |
| V-259918 | Critical network equipment must be redundant and i... | CAT III | Enterprise Voice, Video, and M... | Set Status |
| V-270501 | Oracle Database must protect against an individual... | CAT III | Oracle Database 19c Security T... | Set Status |
| V-272064 | The BGP Cisco ACI must be configured to reject rou... | CAT III | Cisco ACI Router Security Tech... | Set Status |
| V-272089 | The BGP Cisco ACI must be configured to limit the ... | CAT III | Cisco ACI Router Security Tech... | Set Status |
| V-272627 | CylanceON-PREM must be configured to use a third-p... | CAT III | Arctic Wolf CylanceON-PREM Sec... | Set Status |
| V-276290 | Azure SQL Managed Instance must isolate security f... | CAT III | Microsoft Azure SQL Managed In... | Set Status |
| V-276297 | Azure SQL Managed Instance must have an audit defi... | CAT III | Microsoft Azure SQL Managed In... | Set Status |
| V-276416 | Apple Vision Pro hardware must not be modified to ... | CAT III | Apple visionOS 2 Security Tech... | Set Status |
| V-276536 | Samsung Android must be configured to disable all ... | CAT III | Samsung Android 16 COBO Securi... | Set Status |
| V-276642 | Samsung Android must be configured to disable all ... | CAT III | Samsung Android 16 COPE Securi... | Set Status |
| V-278849 | DOD Apple iOS/iPadOS 26 devices must disable eSIM ... | CAT III | Apple iOS/iPadOS 26 Security T... | Set Status |
| V-279331 | MongoDB must limit the total number of concurrent ... | CAT III | MongoDB Enterprise Advanced 8.... | Set Status |
| V-281700 | MongoDB must terminate a user session after organi... | CAT III | MongoDB Enterprise Advanced 8.... | Set Status |
| V-282826 | Apple Vision Pro (AVP) hardware must not be modifi... | CAT III | Apple visionOS 26 Security Tec... | Set Status |
| V-91813 | The MobileIron Core v10 server must be configured ... | CAT III | MobileIron Core v10.x MDM Secu... | Set Status |
| V-94663 | Symantec ProxySG must display the Standard Mandato... | CAT III | Symantec ProxySG NDM Security ... | Set Status |
| xccdf_mil.disa.stig_group_V-235719 | User control of proxy settings must be disabled. | CAT III | Microsoft Edge Security Techni... | Set Status |
Awaiting Review (7)
Documentation submitted - requires human verification before marking as Not a Finding
| V-Number | Title | Severity | Linked Document | Action |
|---|---|---|---|---|
| V-225012 | Windows Server 2016 must be running Credential Gua... | CAT I | USNS Montford Point eMASS Security Plan ... | Review |
| V-243466 | Membership to the Enterprise Admins group must be ... | CAT I | USNS Montford Point eMASS Security Plan ... | Review |
| V-243467 | Membership to the Domain Admins group must be rest... | CAT I | USNS Montford Point eMASS Security Plan ... | Review |
| V-218817 | The IIS 10.0 web server must not be running on a s... | CAT II | USNS Montford Point eMASS Security Plan ... | Review |
| V-243468 | Administrators must have separate accounts specifi... | CAT II | USNS Montford Point eMASS Security Plan ... | Review |
| V-243469 | Administrators must have separate accounts specifi... | CAT II | USNS Montford Point eMASS Security Plan ... | Review |
| V-243505 | Changes to the AD schema must be subject to a docu... | CAT III | USNS Montford Point eMASS Security Plan ... | Review |