STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 2 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← SI-6 — Security and Privacy Function Verification

CCI-002699

Definition

Perform verification of the correct operation of organization-defined security functions: when the system is in an organization-defined transitional state; upon command by a user with appropriate privileges; and/or on an organization-defined frequency.

Parent Control

SI-6Security and Privacy Function VerificationSystem and Information Integrity

Linked STIG Checks (42)

V-274025CAT IIAmazon Linux 2023 must routinely check the baseline configuration for unauthorized changes and notify the system administrator (SA) when anomalies in the operation of any security functions are discovered.Amazon Linux 2023 Security Technical Implementation Guide V-268153CAT IINixOS must notify designated personnel if baseline configurations are changed in an unauthorized manner.Anduril NixOS Security Technical Implementation Guide V-268568CAT IIThe macOS system must ensure Secure Boot level is set to "full".Apple macOS 15 (Sequoia) Security Technical Implementation Guide V-277178CAT IIThe macOS system must ensure Secure Boot level is set to "full".Apple macOS 26 (Tahoe) Security Technical Implementation Guide V-222616CAT IIThe application must perform verification of the correct operation of security functions: upon system startup and/or restart; upon command by a user with privileged access; and/or every 30 days.Application Security and Development Security Technical Implementation Guide V-272641CAT IICylanceON-PREM must be restarted every 30 days to invoke health checks.Arctic Wolf CylanceON-PREM Security Technical Implementation Guide V-276005CAT IIAx-OS must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies.Axonius Federal Systems Ax-OS Security Technical Implementation Guide V-219344CAT IIThe Ubuntu operating system must be configured so that a file integrity tool verifies the correct operation of security functions every 30 days.Canonical Ubuntu 18.04 LTS Security Technical Implementation Guide V-238236CAT IIThe Ubuntu operating system must be configured so that the script which runs each 30 days or less to check file integrity is the default one.Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide V-260585CAT IIUbuntu 22.04 LTS must be configured so that the script that runs each 30 days or less to check file integrity is the default.Canonical Ubuntu 22.04 LTS Security Technical Implementation Guide V-270651CAT IIUbuntu 24.04 LTS must be configured so that the script which runs each 30 days or less to check file integrity is the default one.Canonical Ubuntu 24.04 LTS Security Technical Implementation Guide V-269456CAT IIAlmaLinux OS 9 must have the Advanced Intrusion Detection Environment (AIDE) package installed.Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide V-269457CAT IIAlmaLinux OS 9 must routinely check the baseline configuration for unauthorized changes and notify the system administrator when anomalies in the operation of any security functions are discovered.Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide V-233243CAT IIThe container platform must perform verification of the correct operation of security functions: upon system startup and/or restart; upon command by a user with privileged access; and/or every 30 days. Security functionality includes, but is not limited to, establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters.Container Platform Security Requirements Guide V-205222CAT IIThe DNS server implementation must perform verification of the correct operation of security functions: upon system start-up and/or restart; upon command by a user with privileged access; and/or every 30 days.Domain Name System (DNS) Security Requirements Guide V-203757CAT IIThe operating system must perform verification of the correct operation of security functions: upon system start-up and/or restart; upon command by a user with privileged access; and/or every 30 days.General Purpose Operating System Security Requirements Guide V-82195CAT IIThe MaaS360 MDM Agent must provide an alert via the trusted channel to the MDM server for the following event: change in enrollment state.IBM MaaS360 with Watson v10.x MDM Security Technical Implementation Guide V-205592CAT IIThe Mainframe Product must perform verification of the correct operation of security functions upon system startup and/or restart; upon command by a user with privileged access; and/or every 30 days.Mainframe Product Security Requirements Guide V-215644CAT IIThe Windows 2012 DNS Server must log the event and notify the system administrator when anomalies in the operation of the signed zone transfers are discovered.Microsoft Windows 2012 Server Domain Name System Security Technical Implementation Guide V-259406CAT IIThe Windows DNS Server must verify the correct operation of security functions upon startup and/or restart, upon command by a user with privileged access, and/or every 30 days.Microsoft Windows Server Domain Name System (DNS) Security Technical Implementation Guide V-259407CAT IIThe Windows DNS Server must verify the correct operation of security functions upon system startup and/or restart, upon command by a user with privileged access, and/or every 30 days.Microsoft Windows Server Domain Name System (DNS) Security Technical Implementation Guide V-260909CAT IIMKE must be configured to integrate with an Enterprise Identity Provider.Mirantis Kubernetes Engine Security Technical Implementation Guide V-254237CAT IINutanix AOS must be configured to use SELinux Enforcing mode.Nutanix AOS 5.20.x OS Security Technical Implementation Guide V-279565CAT IINutanix OS must have the audit.x86_64 package installed.Nutanix Acropolis GPOS Security Technical Implementation Guide V-221708CAT IIThe Oracle Linux operating system must be configured so that a file integrity tool verifies the baseline operating system configuration at least weekly.Oracle Linux 7 Security Technical Implementation Guide V-248573CAT IIThe OL 8 file integrity tool must notify the system administrator (SA) when changes to the baseline configuration or anomalies in the operation of any security functions are discovered within an organizationally defined frequency.Oracle Linux 8 Security Technical Implementation Guide V-271497CAT IIOL 9 must routinely check the baseline configuration for unauthorized changes and notify the system administrator (SA) when anomalies in the operation of any security functions are discovered.Oracle Linux 9 Security Technical Implementation Guide V-253551CAT IIConfiguration of Prisma Cloud Compute must be continuously verified.Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide V-280980CAT IIRHEL 10 must routinely check the baseline configuration for unauthorized changes and notify the system administrator when anomalies in the operation of any security functions are discovered.Red Hat Enterprise Linux 10 Security Technical Implementation Guide V-258135CAT IIRHEL 9 must routinely check the baseline configuration for unauthorized changes and notify the system administrator when anomalies in the operation of any security functions are discovered.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-257574CAT IIOpenShift must perform verification of the correct operation of security functions: upon startup and/or restart; upon command by a user with privileged access; and/or every 30 days.Red Hat OpenShift Container Platform 4.12 Security Technical Implementation Guide V-257574CAT IIOpenShift must perform verification of the correct operation of security functions: upon startup and/or restart; upon command by a user with privileged access; and/or every 30 days.Red Hat OpenShift Container Platform 4.x Security Technical Implementation Guide V-275672CAT IIUbuntu OS must be configured so that the script that runs each 30 days or less to check file integrity is the default.Riverbed NetIM OS Security Technical Implementation Guide V-261407CAT IIAdvanced Intrusion Detection Environment (AIDE) must verify the baseline SLEM 5 configuration at least weekly.SUSE Linux Enterprise Micro (SLEM) 5 Security Technical Implementation Guide V-217148CAT IIAdvanced Intrusion Detection Environment (AIDE) must verify the baseline SUSE operating system configuration at least weekly.SUSE Linux Enterprise Server 12 Security Technical Implementation Guide V-252929CAT IIThe TOSS file integrity tool must notify the system administrator when changes to the baseline configuration or anomalies in the operation of any security functions are discovered within an organizationally defined frequency.Tri-Lab Operating System Stack (TOSS) 4 Security Technical Implementation Guide V-234623CAT IIThe UEM server must run a suite of self-tests during initial start-up (power on) to demonstrate correct operation of the server.Unified Endpoint Management Server Security Requirements Guide V-256447CAT IIThe ESXi host must implement Secure Boot enforcement.VMware vSphere 7.0 ESXi Security Technical Implementation Guide V-256490CAT IIThe Photon operating system must have the auditd service running.VMware vSphere 7.0 vCenter Appliance Photon OS Security Technical Implementation Guide V-258740CAT IIThe ESXi host must implement Secure Boot enforcement.VMware vSphere 8.0 ESXi Security Technical Implementation Guide V-258808CAT IIThe Photon operating system must enable the auditd service.VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 Security Technical Implementation Guide V-207507CAT IIThe VMM must perform verification of the correct operation of security functions: upon system startup and/or restart; upon command by a user with privileged access; and/or every 30 days.Virtual Machine Manager Security Requirements Guide